First timer setting up VyOS. I have everything working to replace my wireless router except for the the wireless portion. Using the VyOS wireless lan documentation I’m getting a strange error no matter if I followed my own configuration or the example they provided.
vyos@vyos# commit
[ interfaces wireless wlan0 ]
VyOS had an issue completing a command.
We are sorry that you encountered a problem while using VyOS.
There are a few things you can do to help us (and yourself):
Contact us using the online help desk if you have a subscription:
(link limit for new user is 2 - redacted)
Make sure you are running the latest version of VyOS available at:
(link limit for new user is 2 - redacted)
Consult the community forum to see how to handle this issue:
(link limit for new user is 2 - redacted)
Join us on Slack where our users exchange help and advice:
(link limit for new user is 2 - redacted)
When reporting problems, please include as much information as possible:
do not obfuscate any data (feel free to contact us privately if your
business policy requires it)
Traceback (most recent call last):
File “/usr/libexec/vyos/conf_mode/interfaces-wireless.py”, line 278, in
c = get_config()
File “/usr/libexec/vyos/conf_mode/interfaces-wireless.py”, line 119, in get_config
default_values = defaults(base + [‘security’, ‘wpa’, ‘radius’, ‘server’])
NameError: name ‘defaults’ is not defined
set interfaces wireless wlan0 address ‘192.168.2.1/24’
set interfaces wireless wlan0 type access-point
set interfaces wireless wlan0 channel 1
set interfaces wireless wlan0 mode n
set interfaces wireless wlan0 ssid ‘TEST’
set interfaces wireless wlan0 security wpa mode wpa2
set interfaces wireless wlan0 security wpa cipher CCMP
set interfaces wireless wlan0 security wpa radius server 192.168.3.10 key ‘VyOSPassword’
set interfaces wireless wlan0 security wpa radius server 192.168.3.10 port 1812
I’ve also tried my own initially following documentation with the same results. Unfortunately I didn’t save those commands. Any insight on this would be greatly appreciated!
You don’t have country code set, that is mandatory.
Do you have a radius server setup to handle authentication? If not, just set pass locally.
I recently setup my wlan0, this config works:
set interfaces wireless wlan0 address '192.168.250.1/24'
set interfaces wireless wlan0 capabilities ht channel-set-width 'ht40+'
set interfaces wireless wlan0 channel '1'
set interfaces wireless wlan0 country-code 'us'
set interfaces wireless wlan0 description 'WLAN'
set interfaces wireless wlan0 firewall in name 'WLAN-IN'
set interfaces wireless wlan0 firewall local name 'WLAN-LOCAL'
set interfaces wireless wlan0 mode 'n'
set interfaces wireless wlan0 physical-device 'phy0'
set interfaces wireless wlan0 security wpa cipher 'CCMP'
set interfaces wireless wlan0 security wpa mode 'wpa2'
set interfaces wireless wlan0 security wpa passphrase 'changeme'
set interfaces wireless wlan0 ssid 'changeme'
set interfaces wireless wlan0 type 'access-point'
set firewall name WLAN-IN default-action 'accept'
set firewall name WLAN-LOCAL default-action 'accept'
set service dhcp-server shared-network-name WLAN subnet 192.168.250.0/24 default-router '192.168.250.1'
set service dhcp-server shared-network-name WLAN subnet 192.168.250.0/24 dns-server '192.168.250.1'
set service dhcp-server shared-network-name WLAN subnet 192.168.250.0/24 domain-name 'wlan.home.net'
set service dhcp-server shared-network-name WLAN subnet 192.168.250.0/24 lease '86400'
set service dhcp-server shared-network-name WLAN subnet 192.168.250.0/24 range 0 start '192.168.250.9'
set service dhcp-server shared-network-name WLAN subnet 192.168.250.0/24 range 0 stop '192.168.250.254'
and NAT:
set nat source rule 400 outbound-interface 'eth0'
set nat source rule 400 source address '192.168.250.0/24'
set nat source rule 400 translation address 'masquerade'
and DNS:
set service dns forwarding listen-address '192.168.250.1'
You can monitor traffic on the wlan0 interface in real time, I use:
Thank you so much! I have my dhcp server and NAT setup. I will redo my wireless config to include a country code and as I don’t have a RADIUS server, I’ll try to pass it locally. Will report back after work!
I was able to connect to my wireless network, so dhcp is working. However I cannot connect to the internet. Being new to vyos and networking my scope isn’t that extensive to figure this out. Maybe something to do with my NAT configuration? If anyone is willing to take a look at my config file, here it is:
firewall {
name OUTSIDE-IN {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
}
name OUTSIDE-LOCAL {
default-action drop
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action accept
icmp {
type-name echo-request
}
protocol icmp
state {
new enable
}
}
rule 31 {
action accept
destination {
port 2223
}
protocol tcp
state {
new enable
}
}
}
name WLAN-IN {
default-action accept
}
name WLAN-LOCAL {
default-action accept
}
}
interfaces {
ethernet eth0 {
address dhcp
description OUTSIDE
firewall {
in {
name OUTSIDE-IN
}
local {
name OUTSIDE-LOCAL
}
}
hw-id 90:e2:ba:03:3b:a0
}
ethernet eth1 {
address 192.168.1.1/24
description INSIDE
hw-id 90:e2:ba:03:3b:a1
}
ethernet eth2 {
hw-id 90:e2:ba:03:3b:a4
}
ethernet eth3 {
hw-id 90:e2:ba:03:3b:a5
}
ethernet eth4 {
hw-id 48:4d:7e:a2:2f:e7
}
loopback lo {
}
wireless wlan0 {
address 192.168.1.2/24
capabilities {
ht {
channel-set-width ht40+
}
}
channel 1
country-code us
description WLAN
firewall {
in {
name WLAN-IN
}
local {
name WLAN-LOCAL
}
}
hw-id c0:3c:59:d2:e7:77
ip {
adjust-mss 1452
}
mode n
physical-device phy0
security {
wpa {
cipher CCMP
mode wpa2
passphrase REDACTED
}
}
ssid REDACTED
type access-point
}
}
nat {
source {
rule 100 {
outbound-interface eth0
source {
address 192.168.1.0/24
}
translation {
address masquerade
}
}
}
}
service {
dhcp-server {
shared-network-name LAN {
subnet 192.168.1.0/24 {
default-router 192.168.1.1
domain-name vyos.net
lease 86400
name-server 192.168.1.1
range 0 {
start 192.168.1.10
stop 192.168.1.250
}
}
}
}
dns {
forwarding {
allow-from 192.168.1.0/24
cache-size 0
listen-address 192.168.1.2
}
}
ssh {
port 2223
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
host-name REDACTED
login {
user REDACTED {
authentication {
encrypted-password REDACTED
}
}
}
name-server 8.8.8.8
name-server 8.8.4.4
ntp {
server $time1.vyos.net$ {
}
server $time2.vyos.net$ {
}
server $time3.vyos.net$ {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
}
// Warning: Do not remove the following line.
// vyos-config-version: “bgp@2:broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-forwarding@3:firewall@7:flow-accounting@1:https@3:interfaces@25:ipoe-server@1:ipsec@8:isis@1:l2tp@4:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:openconnect@1:ospf@1:policy@2:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@4:system@22:vrf@3:vrrp@3:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2”
// Release version: 1.4-rolling-202202241614
Note: I wrapped the ntp servers addresses with $ because I’m a new user and I can only post 2 “links”.
It looks like you want eth1 and wlan0 to be on the same layer 2 segment. I think you have to turn on bridging between the two. I haven’t done it yet, but I’m thinking you might want this command:
Oops dns fowarding from the actual dns server would help I’ll give bridge mode a try tonight. Going through documentation it does seem to be the solution. I’ll also see if having my eth0 and wlan0 on the same subnet in bridged mode will have a conflict.