Source string Read only

(itstool) path: callout/para
Context English State
Although it is not recommended to run an <acronym>AP</acronym> without any authentication or encryption, this is a simple way to check if the <acronym>AP</acronym> is working. This configuration is also important for debugging client issues.
Once the <acronym>AP</acronym> is configured, initiate a scan from another wireless machine to find the <acronym>AP</acronym>:
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> create wlandev <replaceable>ath0</replaceable></userinput>
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> up scan</userinput>
freebsdap 00:11:95:c3:0d:ac 1 54M -66:-96 100 ES WME
The client machine found the <acronym>AP</acronym> and can be associated with it:
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable> inet <replaceable></replaceable> netmask <replaceable></replaceable> ssid <replaceable>freebsdap</replaceable></userinput>
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable></userinput>
wlan0: flags=8843&lt;UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST&gt; metric 0 mtu 1500
ether 00:11:95:d5:43:62
inet netmask 0xffffff00 broadcast
media: IEEE 802.11 Wireless Ethernet OFDM/54Mbps mode 11g
status: associated
ssid freebsdap channel 1 (2412 Mhz 11g) bssid 00:11:95:c3:0d:ac
country US ecm authmode OPEN privacy OFF txpower 21.5 bmiss 7
scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7
roam:rate 5 protmode CTS wme burst
<acronym>WPA2</acronym> Host-based Access Point
This section focuses on setting up a FreeBSD access point using the <acronym>WPA2</acronym> security protocol. More details regarding <acronym>WPA</acronym> and the configuration of <acronym>WPA</acronym>-based wireless clients can be found in <xref linkend="network-wireless-wpa"/>.
The <citerefentry><refentrytitle>hostapd</refentrytitle><manvolnum>8</manvolnum></citerefentry> daemon is used to deal with client authentication and key management on the <acronym>WPA2</acronym>-enabled <acronym>AP</acronym>.
The following configuration operations are performed on the FreeBSD machine acting as the <acronym>AP</acronym>. Once the <acronym>AP</acronym> is correctly working, <citerefentry><refentrytitle>hostapd</refentrytitle><manvolnum>8</manvolnum></citerefentry> can be automatically started at boot with this line in <filename>/etc/rc.conf</filename>:
Before trying to configure <citerefentry><refentrytitle>hostapd</refentrytitle><manvolnum>8</manvolnum></citerefentry>, first configure the basic settings introduced in <xref linkend="network-wireless-ap-basic"/>.
<acronym>WPA2-PSK</acronym> is intended for small networks where the use of a backend authentication server is not possible or desired.
The configuration is done in <filename>/etc/hostapd.conf</filename>:
interface=wlan0 <co xml:id="co-ap-wpapsk-iface"/>
debug=1 <co xml:id="co-ap-wpapsk-dbug"/>
ctrl_interface=/var/run/hostapd <co xml:id="co-ap-wpapsk-ciface"/>
ctrl_interface_group=wheel <co xml:id="co-ap-wpapsk-cifacegrp"/>
ssid=freebsdap <co xml:id="co-ap-wpapsk-ssid"/>
wpa=2 <co xml:id="co-ap-wpapsk-wpa"/>
wpa_passphrase=freebsdmall <co xml:id="co-ap-wpapsk-pass"/>
wpa_key_mgmt=WPA-PSK <co xml:id="co-ap-wpapsk-kmgmt"/>
wpa_pairwise=CCMP <co xml:id="co-ap-wpapsk-pwise"/>
Wireless interface used for the access point.
Level of verbosity used during the execution of <citerefentry><refentrytitle>hostapd</refentrytitle><manvolnum>8</manvolnum></citerefentry>. A value of <literal>1</literal> represents the minimal level.
Pathname of the directory used by <citerefentry><refentrytitle>hostapd</refentrytitle><manvolnum>8</manvolnum></citerefentry> to store domain socket files for communication with external programs such as <citerefentry><refentrytitle>hostapd_cli</refentrytitle><manvolnum>8</manvolnum></citerefentry>. The default value is used in this example.
The group allowed to access the control interface files.
The wireless network name, or <acronym>SSID</acronym>, that will appear in wireless scans.
Enable <acronym>WPA</acronym> and specify which <acronym>WPA</acronym> authentication protocol will be required. A value of <literal>2</literal> configures the <acronym>AP</acronym> for <acronym>WPA2</acronym> and is recommended. Set to <literal>1</literal> only if the obsolete <acronym>WPA</acronym> is required.
ASCII passphrase for <acronym>WPA</acronym> authentication.
Always use strong passwords that are at least 8 characters long and made from a rich alphabet so that they will not be easily guessed or attacked.
The key management protocol to use. This example sets <acronym>WPA-PSK</acronym>.
Encryption algorithms accepted by the access point. In this example, only the <acronym>CCMP</acronym> (<acronym>AES</acronym>) cipher is accepted. <acronym>CCMP</acronym> is an alternative to <acronym>TKIP</acronym> and is strongly preferred when possible. <acronym>TKIP</acronym> should be allowed only when there are stations incapable of using <acronym>CCMP</acronym>.
The next step is to start <citerefentry><refentrytitle>hostapd</refentrytitle><manvolnum>8</manvolnum></citerefentry>:
<prompt>#</prompt> <userinput>service hostapd forcestart</userinput>
<prompt>#</prompt> <userinput>ifconfig <replaceable>wlan0</replaceable></userinput>
wlan0: flags=8943&lt;UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST&gt; metric 0 mtu 1500
ether 04:f0:21:16:8e:10
inet6 fe80::6f0:21ff:fe16:8e10%wlan0 prefixlen 64 scopeid 0x9
nd6 options=21&lt;PERFORMNUD,AUTO_LINKLOCAL&gt;
media: IEEE 802.11 Wireless Ethernet autoselect mode 11na &lt;hostap&gt;
status: running
ssid No5ignal channel 36 (5180 MHz 11a ht/40+) bssid 04:f0:21:16:8e:10
country US ecm authmode WPA2/802.11i privacy MIXED deftxkey 2
AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 17 mcastrate 6 mgmtrate 6
scanvalid 60 ampdulimit 64k ampdudensity 8 shortgi wme burst
dtimperiod 1 -dfs
groups: wlan
Once the <acronym>AP</acronym> is running, the clients can associate with it. See <xref linkend="network-wireless-wpa"/> for more details. It is possible to see the stations associated with the <acronym>AP</acronym> using <command>ifconfig <replaceable>wlan0</replaceable> list sta</command>.
<acronym>WEP</acronym> Host-based Access Point
It is not recommended to use <acronym>WEP</acronym> for setting up an <acronym>AP</acronym> since there is no authentication mechanism and the encryption is easily cracked. Some legacy wireless cards only support <acronym>WEP</acronym> and these cards will only support an <acronym>AP</acronym> without authentication or encryption.


No matching activity found.

Browse all component changes


English English
No related strings found in the glossary.

Source information

Source string comment
(itstool) path: callout/para
Source string location
String age
a year ago
Source string age
a year ago
Translation file
books/handbook.pot, string 10804