VLANs and Hostapd : unable to reach the access point

John Doe johndoe34032 at gmail.com
Wed Apr 10 01:50:45 PDT 2019


Hi,

I'm trying to setup an access-point with Hostapd, with dynamic VLAN
management thanks to a Freeradius server. My Hostapd configurations as
follows :

###### GENERAL CONFIG ######
# define interface and driver
interface=wlp2s0
driver=nl80211
ssid=MUDDY
channel=1

# WPA2 enterprise auth
wpa=2
wpa_key_mgmt=WPA-EAP
wpa_pairwise=TKIP CCMP

# log level, all modules and somewhat verbose
logger_syslog=-1
logger_syslog_level=0
logger_stdout=-1
logger_stdout_level=1

# could be useful in the future
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0

# we want 802.1x auth
ieee8021x=1

# whatever
eapol_key_index_workaround=0

# nope, no integrated eap
eap_server=0

###### RADIUS CONFIG ######
# probably irrelevant with nas_identifier set
own_ip_addr=127.0.0.1

# might make own_ip_addr irrelevant
#nas_identifier=my.nas

# address and port of RADIUS auth server
auth_server_addr=127.0.0.1
auth_server_port=1812
auth_server_shared_secret=somuchsecret

# we want accounting and be able to receive CoA messages
acct_server_addr=127.0.0.1
acct_server_port=1813
acct_server_shared_secret=somuchsecret

radius_das_port=3799
radius_das_client=127.0.0.1 thatsabigsecretohyeah

# accounting every minute
radius_acct_interim_interval=60

# VLANs are dealt with by the Radius server
dynamic_vlan=1


With this configuration, the VLANs are indeed created. For each one
bridge with 802.1Q tagging (brvlanxxx) and a wireless interface
associated with it (wlp2s0.xxx) are created.
Trouble comes when I want to reach the access point. ARP requests from
the access point to retrieve the station's IP leave from the "physical"
interface (wlp2s0) and not from the tagged bridge or the interface. It
does make sense, since neither the bridge nor its interface have an IP.

Is there anything I did wrong in my configuration which would prevent my
setup (one access point with VLANs, no bridging) to work ? Or am I
missing something else ?

Thank you,

Léo



More information about the Hostap mailing list