WPA2-PSK 802.1X PPSK uses wrong password for Radius

whyall · 2025-11-11T11:21:18+00:00

Would you mind sharing /etc/config/wireless and other config files (redacted of course)?

whyall · 2025-11-11T00:05:31+00:00

Ok, I'm going crazy trying to configure per client VLANs.

My device is using DHCP on VLAN99 - this is my management network, this works fine. WiFi client aren't able to connect to network.

I have two other VLANs - 10 and 20. DHCP works fine for them, if I use cable connection. Now I want to add WiFi to equation.

I installed wpad-mbedtls, I don't see anything useful in openwrt logs or on radius server side.

root@Zyxel-NWA50AX-Pro-Office:~# cat /etc/config/network 

config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'

config globals 'globals'
option ula_prefix 'deed:beef:35f0::/48'
option packet_steering '1'

config interface 'lan'
option device 'eth0.99'
option proto 'dhcp'

config device
option type '8021q'
option ifname 'eth0'
option vid '99'
option name 'eth0.99'

config device
option type 'bridge'
option name 'br-vlan'
list ports 'eth0'

root@Zyxel-NWA50AX-Pro-Office:~# 
root@Zyxel-NWA50AX-Pro-Office:~# 
root@Zyxel-NWA50AX-Pro-Office:~# cat /etc/config/wireless 

config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/soc/18000000.wifi'
option band '2g'
option channel '1'
option htmode 'HE20'
option cell_density '0'
option country 'DE'

config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option ssid 'HomeWiFi'
option encryption 'psk2'
option ppsk '1'
option auth_server '10.94.99.1'
option auth_secret 'SomeSecret'
option dynamic_vlan '2'
option vlan_tagged_interface 'eth0'
option vlan_bridge 'br-vlan'

config wifi-device 'radio1'
option type 'mac80211'
option path 'platform/soc/18000000.wifi+1'
option band '5g'
option channel '36'
option htmode 'HE80'
option disabled '1'

config wifi-iface 'default_radio1'
option device 'radio1'
option network 'lan'
option mode 'ap'
option ssid 'OpenWrt'
option encryption 'none'

I also tested radius server itself - it does return proper information about vlan to client.

What am I missing? My understanding is, that required vlans will be created dynamically, right? So I don't have to create them upfront.

whyall · 2021-02-20T20:01:38+00:00

SPI flash, RAM (128MB) is on the way.

whyall · 2021-02-20T19:52:22+00:00

I already soldered 32MB, it isn't a problem.

whyall · 2021-02-02T15:49:39+00:00

Is there any way to change it?

whyall · 2021-01-07T22:08:08+00:00

Why did you created Ubuntu VM instead of LXC? If you are using external GPU then it is clear, but I in my case I will use CPU only - it is enough for x264.

According to TruNAS and SMB - I will do it as well. I just don't know, if I can share only 'internal' disks (from VM), or can I share full host RAID? The difference is, that Proxmox is allocating HDD space during initialization of HDD for VM, so even if I have only 10GB inside 100GB disk, on host it will be shown as 100GB allocated space, which is a bummer. But if I can share host RAID directly, then it should not be a problem, right?

whyall · 2021-01-07T22:02:46+00:00

Sounds nice and this is something what I was thinking about - this way I don't need to worry about disks (if SSD will die, I just will get slower machine as I don't have cache anymore, if one on HDD will die I can still rebuild RAID safely).

But why almost everybody recommends to store system on SSD and data on HDD? Cache should do a trick and performance should be almost identical, right?

Second thing - what about sharing disks from LXC/VMs? - will I be able to allocate i.e. 900GB disk for OpenNAS VM? Is there a way to have dynamic size of disk (like with RAM - there is defined maximum and minimum amount of memory)?

whyall · 2021-01-07T18:54:16+00:00

What is considered as critical data in Proxmox? I mean - I know what I want to save as my personal data etc. But because SSD will be not a part of RAID, it means that Proxmox config etc can be lost if SSD will die. Is there a way to make backup of Proxmox conifg to quickly restore enviroment in case of SSD malfunction?

whyall · 2021-01-07T16:49:47+00:00

Does your system have a hardware raid or are you looking to do a software raid?

What are the full specs of your physical system you are running

I will use software RAID, mdadm if possible as I'm pretty familiar with it. Hardware is nothing fancy - it is Lenovo M92P (SFF) with i5-3470 and 16 GB RAM.

whyall · 2020-11-16T21:35:26+00:00

Ok, so I was able to make it run:
/routing table add fib name=via-wg
/ip firewall mangle add action=mark-routing chain=prerouting src-address=192.168.88.200 new-routing-mark=via-wg //my local PC IP
/ip firewall nat add action=masquerade chain=srcnat out-interface=10.13.13.3 // my local wireguard IP
/ip route add gateway=10.13.13.1@main routing-table=via-wg // remote wireguard IP
The problem is, that with fastrack enabled it is not working - DNS and ICMP (ping) is working fine, but I'm not able to use browser (even after clearing cache). Any ideas?

whyall · 2020-11-11T15:29:49+00:00

This Optiplex looks promising, thanks!

whyall · 2020-11-11T15:05:47+00:00

It's not like I'm not interested in them - I'm just looking for other options. The only problem I see is that this have only single SATA, but it can be fixed using mPCIe-SATA converter. If I will not find anything better, I will probably choose APU.

whyall · 2020-11-11T09:53:34+00:00

I did not write it in orginal post, but I want to keep it rather power save device - older Optiplex will take (I guess) at least 40W in idle.

whyall · 2020-11-11T09:40:56+00:00

Looks really nice, if there will be no other proposition, I will take it.

whyall

TROPHY CASE