General Questions

Hi,

I'm looking to use m0n0wall as a simple wireless access point. I know hostap isn't the best way to do this, but I have a Soekris net4826 laying around, and I just need something to be able to get wireless on my new eeePC.

The problem is that the net4826 has only *one* ethernet port and a wireless card. m0n0 won't let me setup a device without a WAN.

How do I go about this? Is there any way to get m0n0 to allow configuration via the "WAN" interface or to allow wireless, at boot or from the console?

Thanks,
Jason

I'm going to go out on a limb and assume that if you have a soekris board laying around, chances are also good that you have a wireless card somewhere.  Why not just configure the soekris board to use the ethernet as the WAN, and set the wireless side as the LAN, which seems consistent with the purposes of a Wireless Access Point anyway, and then web-gui into monowall from some wireless client?

if that doesn't work for some reason, and you're working in "nightmare mode", then you could configure monowall's XML config file by hand, and then floppy/CF it into the pre-installed monowall you wanted to modify.  crazy solutions for crazy problems.

good luck

The Soekris has a wireless card that came with it. I tried that method, but neither of my laptops would see the m0n0wall access point, not that I know what the SSID would be anyway...

oh, I meant that you may have needed to drop a wireless NIC into the client machine with which you'd web-gui into the soekris board that had it's own wireless built in, but..I guess that's not an issue.

in any event, are you feeling man enough to do an XML rewrite by hand and then drop it into your monowall install?

and if it turns out ....for whatever reason (i'd be amazed) that monowall was infact not built to function as a WAP (wireless access point).....then there'd be no way to set a SSID......but I'm pretty sure that monowall can function as an Access Point....I'd almost bet on it.

try searching around in the config XML file for "ssid" and see if anything comes back.

also, don't forget to check out the "diagnostic" area in the web-gui menu.  If I'm not mistaken, there's a wireless thing that shows up in there when the right hardware is present.


******edit******


http://m0n0.ch/wall/images/screens/interfaces_wlan.png


Boom-Shakalaka

I meant that m0n0wall is meant to act as a firewall/router, not simply a bridging access point. Ideally, I just want something that has WEP/WPA and bridges *all* traffic seamlessly between a LAN interface and a wireless interface. Unfortunately, I haven't been able to find anything pre-built that does this.

I'd rather not screw with the image (the XML file). If I'm going to go that far, I might as well start from scratch, or from one of the BSD build scripts for the Soekris boards.

I powered up the Soekris with the default net-48xx image, but the wireless card on my eeePC didn't detect any new SSIDs, which would say to me that it seems like wireless isn't starting up at boot.

I'll give it another try in the morning.

Thanks for the help.

Have you considered enabling the filtering bridge?  That sounds exactly like what you're talking about.

Web-GUI / System / Advanced / second option down

Sorry for bringing this back to life, but I just bought a box of FORTY of these net4526-30's.

A filtering bridge sounds like it would work, but how would I enable it? I can't setup the wired ethernet port (sis0) as LAN, because then I wouldn't have a WAN. And I can't setup the wireless (wi0) as the LAN, because then I can't get into the web GUI.

I guess it looks like I either have to alter the XML file, find a different piece of software (then I lose the wonderful web GUI... but does anyone have any suggestions???), or *cringe* edit the image and scripts to make a WAP fork of m0n0wall.

Any suggestions?

You could create a fake VLAN subinterface on sis0 and use that as a WAN interface (with some fake IP address, or just leave it in DHCP client mode), just to keep m0n0wall happy. Then assign sis0 to the LAN interface and your wireless card to OPT1. Then enable bridging to LAN on the OPT1 setup page. No need for any firewall rules, and you can manage it through it's LAN IP address.

Well, I gave it a shot. I don't have a machine with wireless up and running at the moment, so I'll grab a laptop and try it out tomorrow.

The only problem that I encountered is that captive portal can't be used with bridged interfaces, and I was really looking forward to that. Of course, if all goes well (budget wise), I'll have a net4501 or better being used as a router there, so I can just use the third interface as a dedicated WLAN interface, with captive portal.

It is working , thank you for that post !

You could create a fake VLAN subinterface on sis0 and use that as a WAN interface (with some fake IP address, or just leave it in DHCP client mode), just to keep m0n0wall happy. Then assign sis0 to the LAN interface and your wireless card to OPT1. Then enable bridging to LAN on the OPT1 setup page. No need for any firewall rules, and you can manage it through it's LAN IP address.

Thanks for all the advice. Unfortunately, there didn't seem to be a really easy way to do it (the bridge or VLANs didn't end up doing what I wanted).

I've decided to go with Pyramid Linux (pyramid.metrix.net) as a base, since it's designed for WAP use. As to the captive portal, I'm using the WiFiDog client and a total re-write of the Auth Server. I'll have code and images on www.jasonantman.com in a few weeks.

If anyone stumbles by this thread in the future, check out my site or drop me a line, and I'll get you some images and docs.