Sunday, October 31, 2021

OpenBSD as wireless access point

Hi Team,
I have configured OpenBSD as wireless access point but somehow i am unable
to connect to access point from mobile or other clients. below is my config.

myhost$ cat /etc/hostname.ral0


media autoselect mode 11b mediaopt hostap chan 11
nwid "someid" wpakey "somepassword"
inet 192.168.2.1 255.255.255.0

myhost# cat /etc/dhcpd.conf


subnet 192.168.2.0 netmask 255.255.255.0 {
option routers 192.168.2.1;
option domain-name-servers 192.168.2.1;
range 192.168.2.2 192.168.2.254;
}

my ifconfig output
-------------------------------
ral0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
lladdr 0c:84:dc:a0:a8:73
index 4 priority 4 llprio 3
groups: wlan
media: IEEE802.11 autoselect mode 11b hostap
status: active
ieee80211: nwid rdxnet chan 11 bssid 0c:84:dc:a0:a8:73 -65dBm wpakey
wpaprotos wpa2 wpaakms psk wpaciphers ccmp wpagroupcipher ccmp
inet 192.168.2.1 netmask 0xffffff00 broadcast 192.168.2.255
--------------------------------
my PF output
Home01# cat /etc/pf.conf


# $OpenBSD: pf.conf,v 1.55 2017/12/03 20:40:04 sthen Exp $
#
# See pf.conf(5) and /etc/examples/pf.conf

#set skip on lo

block return # block stateless traffic
pass # establish keep-state

# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010

# Port build user does not need network
block return out log proto {tcp udp} user _pbuild
#wifi = "ral0"
#table <martians> { 0.0.0.0/8 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16
172.16.0.0/12 192.0.0.0/24 192.0.2.0/24 224.0.0.0/3 192.168.0.0/16
198.18.0.0/15 198.51.100.0/24 203.0.113.0/24 }
#set block-policy drop
#set loginterface egress
#set skip on lo0
#match in all scrub (no-df random-id max-mss 1440)
#match out on egress inet from !(egress:network) to any nat-to (egress:0)
#antispoof quick for { egress $wifi }
#block in quick on egress from <martians> to any
#block return out quick on egress from any to <martians>
#block all
#pass out quick inet
#pass in on { $wifi } inet

could you please help me is there anything i am missing for authentication?
--
Thank you
---------------------
Rahul Deshmukh

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)