difficulties keeping wlan2 connected to my home router (192-addr)

[orrin]

Hi folks, i am wrestling with wlan2 connection problems. Have spent maybe 8 hours on this and i have a tentative solution that works some of the time, but i don't understand what is happening really.

(1) I had a little wiFi dongle (Cheng Hongjian, but i can't find the commercial brand name, it was mentioned in a forum here so i ordered one) plugged into the Nano, as wlan2, to provide "client internet access" and for my management. It did seem to be working, and then i didn't use the Nano for a few weeks. This was in "standalone" mode with no USB cables attached to the computer.

(1a) I installed C2 and got it working. The rest of my points below are with C2 *not* in the mix.

(2) Then, several days ago, i noticed that wlan2 got an IP addr(192-addr) from my home router, but a few minutes later it would lose the 192-addr and get a 172-addr which i couldn't get to (because i didn't have usb connection to computer).  The blue light on the dongle was no longer lit. (Back when this was working, the little wiFi dongle was getting listed in Fing as Cheng Hongjian.)  Reboot, cold reboot. After wlan2 lost the 192-addr, it would not get it back after reboots, disconnect & reconnect WiFi Client Mode, or trying to add 192.168.0.1 to the routing table manually.

(2a) Power supply was a 28000mAH brick with the Y-cable.

(3) I then connected the Nano via the Y-cable to the laptop via Y-cable to a powered usb hub. With the Cheng-Hongjian wiFi dongle in the wlan2 slot.  Sometimes i could get a 192-addr for wlan2, but if i did, it would go away after a few minutes, and the blue light on the *dongle* would go out.

(4) So i replaced the dongle with my Alfa 036NHA. Similar behavior, either unable to get a 192-addr or it would get it and then drop it and get a 172-addr

(5) Late last night (!) tried something radical: i connected to my neighbor's  router (for which i *def* have permission, but i don't abuse it or even need to do it much). The wlan2 with the Alfa got a 192-addr right away, tentative hopeful.

(6) Disconnected from there, tried to reconnect Wi-Fi Client Mode to my home router,**but** i changed the MAC address of wlan2 to something random. This worked,and i ran Recon for 9 hrs till this morning using the Alfa on wlan2.

(7) Cold reboot. The Cheng-Hongjijan dongle in wlan2. Would not get a 192-addr. Alfa in wlan2. Would not get a 192-addr.

(8) A combination of (a) reboots, (b) change MAC addr on wlan2, (c) disconnect & reconnect WiFi Client Mode to my router (my router SSID was listed twice for some reason), and (d) try to manually add to the routing table on that screen -- this has resulted in a stable 192-addr for wlan2 now for the past 90 minutes, and it'll probably stay that way until i reboot again and try to track down further what is going on here. (Next shot at this, i'm taking down more notes on what i did each try.)

(9) Tentatively i'm thinking that the Cheng-Hongjian dongle went bad, but the Alfa was behaving similarly. I'm going to keep the Alfa in there for further tests. It works fine with an R-Pi so i'm pretty sure it isn't hosed.

Thanks for any comments.  --orrin

 

[orrin]

My last reboot, with the Alfa, wlan2 got a 172-address, but i was able to disconnect and then connect to my home router to get a 192-address. One thing i did differently is, when i told the WiFi Client Mode to scan, i chose the *second* instance of my home router's ID in the list. Don't know why it would occur twice. Don't know if this is relevant.

[Sebkinne]

4 minutes ago, orrin said:

My last reboot, with the Alfa, wlan2 got a 172-address, but i was able to disconnect and then connect to my home router to get a 192-address. One thing i did differently is, when i told the WiFi Client Mode to scan, i chose the *second* instance of my home router's ID in the list. Don't know why it would occur twice. Don't know if this is relevant.

Are you Pineappling yourself?

[orrin]

Are you Pineappling yourself?

5 hours ago, Sebkinne said:

Are you Pineappling yourself? 

Mr Seb, maybe you can tell me if  i'm "Pineappling myself."   (reading off the settings right now):

(1) Did a recon but it's not running right now.

(2) On the Clients tab, no clients listed at the moment. From last night's overnight run, i picked up one client, namely my smartphone.

(3) Tracking List: nothing there

(4) No Modules running

(5) Filters: both set to Deny. I didn't put any MACs in there.

(6) PineAP daemon enabled, Allow Associations, Log PineAP events, Client Connect Notifications, Client Disconnect Notifications, Capture SSIDs to Pool, but Beacon Response and Broadcast SSID Pool definitely unchecked, i didn't want to get intrusive. There are lots of entries in the SSID Pool, but i hope i'm not doing noisy stuff with all this.

(7) Under Logging, i have Display Probes and Display (De)Associations checked. Remove Duplicates is not checked.

(8) Reporting: I thought i'd set it to create reports in /root but i don't see those, i'm not concerned at this point.

(9) Networking: As i describe above, but: Access Points: Management SSID is my home router, Mgmt AP not hidden. The Routing Table has my home router is the Default Gateway with Genmask 0.0.0.0 (idk what that means) IFace wlan2, with br-lan 172.16.42.0.

(10) Further on Networking: br-lan 172.16.42.1, eth0 no ip, lo 127.0.0.1, wlan0 no ip, wlan0-1 no ip, wlan1mon no ip, wlan2 has the 192-address. (I basically know what these are. I just list them for info. At the moment things seem to be running okay.

(11) Configuration: i haven't changed anything here. Haven't done "Landing Page."

(12) Advanced: i could list some of the stats if that would be helpful.

 

SO: Any comments welcome. Both about the problems i am (or was) having with wlan2, and also i need to know if i am making a lot of noise and being intrusive in my neighborhood. I just want to monitor, not send them anything.     --orrin

[orrin]

Did more testing & trying to write down each step:

1.  Had wlan2 working with a 192 address for hours. Then, under WiFi ClientMode, i disconnected. After a minute, on the list appeared wlan2, wlan1mon.

2.  I chose wlan2, tried to sign in to my router.  Not success, wlan2 is 172. Try again, no success. Tried to update routing table wlan2 192.168.0.1.  No result.

3.  Change MAC of wlan2 to random. Try to connect to router. No success. Still 172. Try to update router table to 192. Still 172.

4.  Connect to my neighbor's router. (I have permission.) Refresh the entire page (screen). SUCCESS.  Then disconnect from neighbor's router.

5.  Try to connect to my own router. No luck, still coming up as 172. Try to update router table. No.

6.  Change MAC of wlan2 to random. Hit Refresh under WiFi Client Mode.  SUCCESS.  Refresh entire page (screen). All then appears updated.

 

I realize that not everything i've tried here has to be cause-and-effect. Due to my lack of experience/knowledge, i am stumbling around trying this & that. Maybe step 6 here is "it" but i don't know for sure yet.

 

Happy Sunday/Monday tuya Sebkinne.                   --orrin

[Foxtrot]

Is the access point you're trying to connect to via wlan2 an open AP? It sounds like you are man in the middling yourself. You should add the MAC of the wlan2 card to the filters "Deny" list.

[orrin]

11 hours ago, Foxtrot said:

Is the access point you're trying to connect to via wlan2 an open AP? It sounds like you are man in the middling yourself. You should add the MAC of the wlan2 card to the filters "Deny" list.

Thanks for response!  ... The AP i'm trying to connect to via wlan2 is my home router, which is not an open AP. It requires a password. In Networking under "WiFi Client Mode" i scan for APs, see my own (it appears twice but only one of them has the correct MAC, idk why, maybe someone in the neighborhood is faking my SSID?), choose that, enter my router password, try to connect. I think it doesn't connect. All i get for wlan2 is a 172 address.

I then added the MAC of the wlan2 device (an Alfa, overkill) to the Deny MAC list of Filters. Reboot. Wlan2 still has a 172 address. I then turned on PineAP, no change. Under "WiFi Client Mode" i tried Refresh, no result, try to connect to my router again, refresh, no result. (So then i removed that MAC from DENY list.)

The only way i can get wlan2 to have a 192 address, is then to set the MAC of wlan2 to a new random MAC, then hit the Refresh button. SUCCESS. But this means i can't start the Nano without it being connected via USB. Can't start it in what i'm calling 'standalone mode.'

I don't know if i'm "man in the middling" myself, because i don't know how to even set up a MITM scenario yet. This:

I was working on the assumption that connecting wlan2 to my home router would allow any clients connecting to my Open SSID, to get internet access thru my Nano. That is the stage of learning i'm at now. And it's true: if i connect my smartphone to my Open-SSID 'yellow' i can get into the internet. So that is working.

I just can't get the Nano to boot up so that wlan2 is automatically connecting to my router, to get a 192 address for wlan2. I have to intervene: (1) try to connect to my router & fail, (2) change the MAC of the wlan2 to something random, (3) hit Refresh under "WiFi Client Mode," voila. Then & only then will Fing (on my phone e.g.) show the device that is attached to wlan2, connected to my home router.

 

Hope this makes sense. Thanks for any comments.     --orrin

[orrin]

So now this is my workaround:

(1) I manage the Nano initially via the 172 address, use the USB cable. Most of the time, wlan2 does *not* come up with a 192 address.

(2) In Networkiing, i then change the MAC addr of wlan2 to a random MAC. Then hit REFRESH over at "WiFi Client Mode." This pretty consistently makes wlan2 take on a 192 address (from my home router), and this is reflected in the routing table at the top of the Networking screen. But:

This still means i have to run the Nano with the USB cable, because i can't rely on wlan2 getting a 192 address initially from my router.

After i get wlan2 to take a 192-address, my OpenAP works and gives internet access to clients (for testing, the client is my android phone). Other functions seem to work well, i can deauth the devices in my apartment (and detect this with an RPi running an Alfa and Kismet). So, making progress in learning the Nano.

The problem remains: wlan2 won't take on a 192-address until i change its MAC to a random MAC and then hit Refresh.  ... Thanks for any comments. --orrin

[Captain Learjet]

On 10/16/2018 at 8:32 AM, Foxtrot said:

Is the access point you're trying to connect to via wlan2 an open AP? It sounds like you are man in the middling yourself. You should add the MAC of the wlan2 card to the filters "Deny" list.

Exactly.

[orrin]

48 minutes ago, Captain Learjet said:

Exactly.

No, the AP i'm trying to connect to via wlan2 is not an open AP. It is my home router, which requires a password. Not an open AP.

Today wlan2 *did* automatically connect to my home router & got a 192-address. Twice. So the behavior is not consistent. I'm still baffled. 

When wlan2 *doesn't* auto connect to my home router, i make it connect by changing its MAC to a random MAC, then hit refresh. Would adding its MAC to the Deny list "do" anything?

Could wlan2 be sometimes connecting to the Nano's OpenAP? That would be strange. Is that what people mean by "MITM-myself"?

Meanwhile i'm learning other functions of the Nano. Today i tethered to an android for the first time.

[orrin]

 On 10/16/2018 at 8:32 AM, Foxtrot said:

Is the access point you're trying to connect to via wlan2 an open AP? It sounds like you are man in the middling yourself. You should add the MAC of the wlan2 card to the filters "Deny" list.

 

So i did that, and rebooted, and all is fine. But earlier today "all was fine" even before i did this. Wlan2 has been connecting to my home wifi automatically today. So, on to the next challenge, until/if this problem pops up again.

[Captain Learjet]

I believe he meant Add wlan2's MAC to the Deny filter, as I did, to fix it.  Mine would switch from whatever real access point it was connected to back over to the Nano as soon as I started broadcasting SSID's.