hostapd running on Ubuntu Server 13.04 only allows single station to connect when using wpa

Posted by user450688 on Server Fault See other posts from Server Fault or by user450688
Published on 2013-06-28T19:55:45Z Indexed on 2013/06/28 22:23 UTC
Read the original article Hit count: 339

Filed under:
|
|
|

Problem

Only a single station can connect to hostapd at a time. Any single station can connect (W8, OSX, iOS, Nexus) but when two or more hosts are connected at the same time the first client loses its connectivity.

However there are no connectivity issues when WPA is not used.

Setup

  • Linux (Ubuntu server 13.04) wireless router (with separate networks for wired WAN, wired LAN, and Wireless LAN. iptables-save output:

    *nat
    :PREROUTING ACCEPT [0:0]
    :INPUT ACCEPT [0:0]
    :OUTPUT ACCEPT [0:0]
    :POSTROUTING ACCEPT [0:0]
    -A POSTROUTING -s 10.0.0.0/24 -o p4p1 -j MASQUERADE
    -A POSTROUTING -s 10.0.1.0/24 -o p4p1 -j MASQUERADE
    COMMIT
    *mangle
    :PREROUTING ACCEPT [13:916]
    :INPUT ACCEPT [9:708]
    :FORWARD ACCEPT [4:208]
    :OUTPUT ACCEPT [9:3492]
    :POSTROUTING ACCEPT [13:3700]
    COMMIT
    *filter
    :INPUT DROP [0:0]
    :FORWARD DROP [0:0]
    :OUTPUT ACCEPT [9:3492]
    -A INPUT -i p4p1 -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A INPUT -i p4p1 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
    -A INPUT -i eth0 -j ACCEPT
    -A INPUT -i wlan0 -j ACCEPT
    -A INPUT -i lo -j ACCEPT
    -A FORWARD -i p4p1 -m state --state RELATED,ESTABLISHED -j ACCEPT
    -A FORWARD -i eth0 -j ACCEPT
    -A FORWARD -i wlan0 -j ACCEPT
    -A FORWARD -i lo -j ACCEPT
    COMMIT
    
  • /etc/hostapd/hostapd.conf

    #Wireless Interface
    interface=wlan0
    driver=nl80211
    ssid=<removed>
    hw_mode=g
    channel=6
    max_num_sta=15
    auth_algs=3
    ieee80211n=1
    wmm_enabled=1
    wme_enabled=1
    
    #Configure Hardware Capabilities of Interface
    ht_capab=[HT40+][SMPS-STATIC][GF][SHORT-GI-20][SHORT-GI-40][RX-STBC12]
    
    #Accept all MAC address
    macaddr_acl=0
    
    #Shared Key Authentication
    wpa=1
    wpa_passphrase=<removed>
    wpa_key_mgmt=WPA-PSK
    wpa_pairwise=CCMP
    rsn_pairwise=CCMP
    
    ###IPad Connectivevity Repair
    ieee8021x=0
    eap_server=0
    
  • Wireless Card

    #lshw output
    product: RT2790 Wireless 802.11n 1T/2R PCIe
    vendor: Ralink corp.
    physical id: 0
    bus info: pci@0000:03:00.0
    logical name: mon.wlan0
    version: 00
    serial: <removed>
    width: 32 bits
    clock: 33MHz
    capabilities: pm msi pciexpress bus_master cap_list logical wireless ethernet physical
    configuration: broadcast=yes driver=rt2800pci driverversion=3.8.0-25-generic firmware=0.34 ip=10.0.1.254 latency=0 link=yes multicast=yes wireless=IEEE 802.11bgn
    
    #iw list output
    Band 1:
            Capabilities: 0x272
                    HT20/HT40
                    Static SM Power Save
                    RX Greenfield
                    RX HT20 SGI
                    RX HT40 SGI
                    RX STBC 2-streams
                    Max AMSDU length: 3839 bytes
                    No DSSS/CCK HT40
            Maximum RX AMPDU length 65535 bytes (exponent: 0x003)
            Minimum RX AMPDU time spacing: 2 usec (0x04)
            HT RX MCS rate indexes supported: 0-15, 32
            TX unequal modulation not supported
            HT TX Max spatial streams: 1
            HT TX MCS rate indexes supported may differ
            Frequencies:
                    * 2412 MHz [1] (27.0 dBm)
                    * 2417 MHz [2] (27.0 dBm)
                    * 2422 MHz [3] (27.0 dBm)
                    * 2427 MHz [4] (27.0 dBm)
                    * 2432 MHz [5] (27.0 dBm)
                    * 2437 MHz [6] (27.0 dBm)
                    * 2442 MHz [7] (27.0 dBm)
                    * 2447 MHz [8] (27.0 dBm)
                    * 2452 MHz [9] (27.0 dBm)
                    * 2457 MHz [10] (27.0 dBm)
                    * 2462 MHz [11] (27.0 dBm)
                    * 2467 MHz [12] (disabled)
                    * 2472 MHz [13] (disabled)
                    * 2484 MHz [14] (disabled)
            Bitrates (non-HT):
                    * 1.0 Mbps
                    * 2.0 Mbps (short preamble supported)
                    * 5.5 Mbps (short preamble supported)
                    * 11.0 Mbps (short preamble supported)
                    * 6.0 Mbps
                    * 9.0 Mbps
                    * 12.0 Mbps
                    * 18.0 Mbps
                    * 24.0 Mbps
                    * 36.0 Mbps
                    * 48.0 Mbps
                    * 54.0 Mbps
    max # scan SSIDs: 4
    max scan IEs length: 2257 bytes
    Coverage class: 0 (up to 0m)
    Supported Ciphers:
            * WEP40 (00-0f-ac:1)
            * WEP104 (00-0f-ac:5)
            * TKIP (00-0f-ac:2)
            * CCMP (00-0f-ac:4)
    Available Antennas: TX 0 RX 0
    Supported interface modes:
             * IBSS
             * managed
             * AP
             * AP/VLAN
             * WDS
             * monitor
             * mesh point
    software interface modes (can always be added):
             * AP/VLAN
             * monitor
    valid interface combinations:
             * #{ AP } <= 8,
               total <= 8, #channels <= 1
    Supported commands:
             * new_interface
             * set_interface
             * new_key
             * new_beacon
             * new_station
             * new_mpath
             * set_mesh_params
             * set_bss
             * authenticate
             * associate
             * deauthenticate
             * disassociate
             * join_ibss
             * join_mesh
             * set_tx_bitrate_mask
             * set_tx_bitrate_mask
             * action
             * frame_wait_cancel
             * set_wiphy_netns
             * set_channel
             * set_wds_peer
             * Unknown command (84)
             * Unknown command (87)
             * Unknown command (85)
             * Unknown command (89)
             * Unknown command (92)
             * testmode
             * connect
             * disconnect
    Supported TX frame types:
             * IBSS: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * managed: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * AP: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * AP/VLAN: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * mesh point: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * P2P-client: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * P2P-GO: 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
             * Unknown mode (10): 0x00 0x10 0x20 0x30 0x40 0x50 0x60 0x70 0x80 0x90 0xa0 0xb0 0xc0 0xd0 0xe0 0xf0
    Supported RX frame types:
             * IBSS: 0x40 0xb0 0xc0 0xd0
             * managed: 0x40 0xd0
             * AP: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
             * AP/VLAN: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
             * mesh point: 0xb0 0xc0 0xd0
             * P2P-client: 0x40 0xd0
             * P2P-GO: 0x00 0x20 0x40 0xa0 0xb0 0xc0 0xd0
             * Unknown mode (10): 0x40 0xd0
    Device supports RSN-IBSS.
    HT Capability overrides:
             * MCS: ff ff ff ff ff ff ff ff ff ff
             * maximum A-MSDU length
             * supported channel width
             * short GI for 40 MHz
             * max A-MPDU length exponent
             * min MPDU start spacing
    Device supports TX status socket option.
    Device supports HT-IBSS.
    

© Server Fault or respective owner

Related posts about ubuntu

Related posts about iptables