2.4 Guest Network stopped working; 5GHz working ok...

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
puterboy2
DD-WRT User


Joined: 24 Feb 2019
Posts: 139

PostPosted: Fri Jul 29, 2022 2:58    Post subject: 2.4 Guest Network stopped working; 5GHz working ok... Reply with quote
I have a 2.4GHz and 5GHz Guest network bridged on br1 with it's own dhcp on 192.168.8.x vs. my regular network on 192.168.1.x.

Until yesterday, everything was working fine.
Now:

1. I can connect to the 2.4 and 5 GHz standard, *non-guest* networks fine on 192.168.1.x
And the router log confirms the connection as:
Code:

Jul 28 21:51:32 myrouter daemon.info dnsmasq-dhcp[6565]: DHCPREQUEST(br0) 192.168.1.160 8a:9f:23:56:ea:93
Jul 28 21:51:32 myrouter daemon.info dnsmasq-dhcp[6565]: DHCPACK(br0) 192.168.1.160 8a:9f:23:56:ea:93 myclient


2. I can connect to 5Ghz *guest( network on 192.168.8.x
And the log confirms the connection as:
Code:

Jul 28 21:53:24 myrouter daemon.info dnsmasq-dhcp[6565]: DHCPREQUEST(br1) 192.168.8.19 8a:9f:23:56:ea:93
Jul 28 21:53:24 myrouter daemon.info dnsmasq-dhcp[6565]: DHCPACK(br1) 192.168.8.19 8a:9f:23:56:ea:93 myclient


3. However, I *cannot* connect to the 2.4GHz guest network (although I can see the SSID) and nothing shows up in the router messages.

When I use wpa_cli in interactive mode to try to manually connect, I have no problem using 'scan' to see the SSID.
However, when I try to (re)associate, I get the following error showing an "auth_failure".
Code:

<3>Trying to associate with SSID 'guest-2.4'
<3>Authentication with 6b:ad:d4:23:27:f0 timed out.
<3>CTRL-EVENT-DISCONNECTED bssid=6b:ad:d4:23:27:f0 reason=3 locally_generated=1
<3>CTRL-EVENT-SSID-TEMP-DISABLED id=2 ssid="guest-2.4" auth_failures=1 duration=10 reason=CONN_FAILED


Note that I double/triple checked that the passphrase is correct (I am using WPA2-PSK) and verified using 'ps aux' on the router that the 'nas' line has the correct port (wl0.1), SSID and password.

If I disable security on the dd-wrt for the 2.4GHz guest network and then correspondingly in wpa_cli set key_mgmt to "NONE", then I can connect.

Changing the password didn't help.
Indeed, I seem to get the above error regardless of what password I use (whether correct or incorrect).

This was all working 2 days ago. I reloaded saved configs from when the 2.4GHz guest networking was working and rebooted but that *failed* to restore the 2.4GHz guest access.

So, I am stumped.
- It doesn't seem to be a HW wireless issue since I can access the 2.4GHz band via the standard, non-guest SSID
- It doesn't seem to be a configuration issue since restoring the old config didn't help.

Any ideas on what could be causing this and how to troubleshoot?
In particular why I am I getting a "CONN_FAILED" message?

Is there any way I can see what if any signaling is reaching the router (since /var/log/messages fails to show anything).. so that I can see why connections are being rejected?


Last edited by puterboy2 on Fri Jul 29, 2022 4:53; edited 1 time in total
Sponsor
puterboy2
DD-WRT User


Joined: 24 Feb 2019
Posts: 139

PostPosted: Fri Jul 29, 2022 4:24    Post subject: Reply with quote
Not sure if this is relevant but while wpa_cli showed that the bssid for the 2.4GHz guest network is 6b:ad:d4:23:27:f0, dd-wrt shows that wl0.1_hwaddr=6b:ad:d4:23:27:e0.

Note that the hwaddr for the other wireless interfaces (wl0, wl1, and wl1.1 seem to match the corresponding values for the bssid shown by a wpa_cli scan.)

Also note that the values for wlX.Y_hwaddr match the corresponding values from ifconfig on the router.
Similarly the values shown under wpa_cli for the bssid match the values for "wl -i wlX.Y bssid" on the router.

So there is an inconsistency between:
Code:
ifconfig wl0.1
wl -i wl0.1 bssid



I tried setting wl0.1_hwaddr=6b:ad:d4:23:27:f0 to match the bssid using 'nvram set' and 'nvram commit' but it didn't seem to persist or work. Similarly, I was unable to change it from the GUI (under Setup->Networking:Network Configuration wl0.1)

So wondering if the problem is a MAC address mismatch???
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6388
Location: UK, London, just across the river..

PostPosted: Fri Jul 29, 2022 6:44    Post subject: Reply with quote
router brand / model ; current firmware number ??
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,AP Isolation,Ad-Block,Firewall
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear R7800 --DD-WRT 55363 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55363 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
puterboy2
DD-WRT User


Joined: 24 Feb 2019
Posts: 139

PostPosted: Fri Jul 29, 2022 6:48    Post subject: Reply with quote
Sorry.
Netgear r6700 v3
r49532
puterboy2
DD-WRT User


Joined: 24 Feb 2019
Posts: 139

PostPosted: Tue Aug 02, 2022 3:05    Post subject: Solved but not sure exactly how/why this fixes it... Reply with quote
By assiduously comparing the nvram parameters between a working and a non-working router... and via trial-and-error, I was able to fix the problem by *unsetting* br1_hwaddr.

Even though the MAC address for br1_hwaddr did not itself conflict with the BSSID or the MAC address for wl0.1, somehow it created a problem... resulting in the BSSID for wl0.1 differing from the ifconfig (hardware?) MAC address for wl0.1 which presumably was the proximal cause for the problem.

It still would be good to understand how the BSSID is set and calculated relative to the ifconfig (hardware?) MAC address for wl0.1

And it would be helpful to know whether and how one can set the BSSID manually.
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Tue Aug 02, 2022 11:22    Post subject: Reply with quote
Broadcom side IDK if its possible, never really looked into it, if egc says its possible, then it likely is but only via CLI I suspect and not via UI, Atheros you now can set BSSID in UI.

Broadcom being the poor cousin which is closed source its always the last to get some love.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
ho1Aetoo
DD-WRT Guru


Joined: 19 Feb 2019
Posts: 2899
Location: Germany

PostPosted: Tue Aug 02, 2022 11:48    Post subject: Reply with quote
The setting for the BSSID is only for client/station mode.

For example, if you have multiple APs with the same SSID, you can tell the client to connect only to AP 1 and not to AP 2.

The BSSID is actually the physical MAC address of the WLAN interface.

VAPs are virtual interfaces and do not have a real MAC address.
But some devices and WLAN cards require a special MAC encoding for the virtual access point.

The MAC of the VAP is based on the MAC of the physical interface and usually only differs by one byte.

E.g.

11.22.33.44.55.66
11.22.33.44.55.67

If you can't change the MAC of the VAP in the tab "network" then the driver may not support it.

On my R7800 I can change the MAC addresses as I like.
I can also change the BSSID in the hostapd.conf - this changes the MAC displayed under ifconfig at the same time.

but as far as I know Broadcom devices do not use hostapd
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14102
Location: Texas, USA

PostPosted: Tue Aug 02, 2022 13:21    Post subject: Reply with quote
the-joker wrote:
Broadcom side IDK if its possible, never really looked into it, if egc says its possible, then it likely is but only via CLI I suspect and not via UI, Atheros you now can set BSSID in UI.

Broadcom being the poor cousin which is closed source its always the last to get some love.

ho1Aetoo wrote:
The setting for the BSSID is only for client/station mode.

And my magic crystal ball leads me to believe that this is shared code for all devices that support client/station modes, regardless of vendor hardware. The only thing I've seen that may negate my statement is in respect to brcmfmac driver, not dhd driver:

https://github.com/mirror/dd-wrt/commit/9efb7de86e644fbd8cf470eb218e1231f96e14ed

If I remember right, there were some tweaks related to vaps and the vap issue that were done to fix vaps on Broadcom, but don't quote me on that.

_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum