vkuehn
(V kuehn)
12 May 2020 14:26
1
Hi,
I have read here some topics and it seems to be always a problem to get hostapd on blue0 working.
However Configuring the blue,dhcp… on the webfrontend was ok to get a device connected but it does not get internet access.
So I hope it’s just a bridging issue ?
configuration looks like this
ll /lib/firmware/iwlwifi-316*
-rw-r--r-- 1 root root 609892 Aug 10 2019 /lib/firmware/iwlwifi-3160-10.ucode
-rw-r--r-- 1 root root 683996 Aug 10 2019 /lib/firmware/iwlwifi-3160-12.ucode
-rw-r--r-- 1 root root 688616 Aug 10 2019 /lib/firmware/iwlwifi-3160-13.ucode
-rw-r--r-- 1 root root 918212 Aug 10 2019 /lib/firmware/iwlwifi-3160-16.ucode
-rw-r--r-- 1 root root 918268 Dec 14 09:28 /lib/firmware/iwlwifi-3160-17.ucode
-rw-r--r-- 1 root root 670484 Aug 10 2019 /lib/firmware/iwlwifi-3160-7.ucode
-rw-r--r-- 1 root root 667284 Aug 10 2019 /lib/firmware/iwlwifi-3160-8.ucode
-rw-r--r-- 1 root root 669872 Aug 10 2019 /lib/firmware/iwlwifi-3160-9.ucode
lspci -k | grep -A 3 -i "network"
01:00.0 Network controller: Intel Corporation Wireless 3160 (rev 83)
Subsystem: Intel Corporation Dual Band Wireless-AC 3160
Kernel driver in use: iwlwifi
Kernel modules: iwlwifi
cat /var/ipfire/wlanap/settings
DRIVER=NL80211
CHANNEL=6
HW_MODE=g
COUNTRY=DE
TXPOWER=auto
ENC=wpa2
MACMODE=0
DEBUG=4
IEEE80211W=on
NOSCAN=off
CLIENTISOLATION=off
HTCAPS=
SYSLOGLEVEL=2
HIDESSID=off
SSID=free_beer
PWD=secret
VHTCAPS=
INTERFACE=blue0
APMODE=on
cat /var/ipfire/wlanap/settings
DRIVER=NL80211
CHANNEL=6
HW_MODE=g
COUNTRY=DE
TXPOWER=auto
ENC=wpa2
MACMODE=0
DEBUG=4
IEEE80211W=on
NOSCAN=off
CLIENTISOLATION=off
HTCAPS=
SYSLOGLEVEL=2
HIDESSID=off
SSID=free_beer
PWD=secret
VHTCAPS=
INTERFACE=blue0
APMODE=on
are really both configs needed ?
anything else I could check ?
Thanks for any hint
ms
(Michael Tremer)
12 May 2020 16:23
2
What are you trying to bridge with what?
vkuehn
(V kuehn)
12 May 2020 16:36
3
actually I just hoped ipfire would handle the blue net as the green. As in forwarding/transparent proxying.
if you want to combine blue and green into one logical network,
https://wiki.ipfire.org/configuration/network/bridge-green-blue
ms
(Michael Tremer)
12 May 2020 17:17
5
I deleted this page, because this can be done on the web UI.
I guess you have to decide what you want.
GREEN and BLUE are different network zones. There is no way to “bridge” them together - that means layer 2 bridge.
When you say forwarding, do you want to route between the two zones?
vkuehn
(V kuehn)
12 May 2020 18:04
6
all clients in blue should be able to access the internet (through red)
if I could implement proper routing additionally between blue and green in both directions it would be great.
the wiki page is still there. Where in the gui would I set the routing up ?
ms
(Michael Tremer)
12 May 2020 18:57
7
if you want that, this is not called bridging and works out of the box.
Did you see “Access to Blue” and grant access for your test client?
vkuehn
(V kuehn)
13 May 2020 11:19
8
you mean main screen -> Firewall -> Blue Access ?
after your Post I did add it manually to the devices List. And than the device could access the internet(red network). Unfortunatly only one time success but basically it works.
From green I could not access the device and the device could not access green (ping)
Is it always so that devices need manual permission ?
The wifi is of course exposed but I would like to to have there some devices which should be accessible from green and vice versa (at least through tunneling) . Is there some wiki page which explains that ?
ms
(Michael Tremer)
13 May 2020 13:03
9
You will need a firewall rule for that:
You can simply whitelist the whole blue network (and leave the MAC address field empty) to allow access to everyone.
And what tunnel?
vkuehn
(V kuehn)
13 May 2020 13:40
10
ok I will look at and try some rules /whitelisting to ease life in blue
The need for the tunnel is as some devices in blue might need remote administration via web or ssh.
ms
(Michael Tremer)
14 May 2020 08:09
11
That’s not called tunnelling. That simply is how a network works.