Question

I have an RUT955, f/w RUT9_R_00.07.04 just been installed at a remote site 200km away.
Was operating on the bench, connecting via WiFi (we created a new AP with the same SSID and password as the remote site).
Has a cellular SIM as backup.
Now that it's at the remote site, it's not connecting via wifi.

Network scan shows the nearby WAP as 69% signal (-62dB, Quality 48/70), same SSID, channel 8, mode Master, Encryption "mixed WPA2/WPA3 PSK, SAE (CCMP)"

When I look at WIFI status, it shows this configured interface with the correct ssid, "interface status" is Running in green, with 4/5 bars, followed by 0%. Says Mode: Client, Encryption psk2+ccmp

I've confirmed the password by checking on the WAP itself and copy/paste even as well as typing (carefully).
I've checked the Wireless Security for this connection, got Encryption WPA2-PSK (also tried WPA-PSK/WPA2-PSK Mixed Mode and WPA2-PSK/WPA3-SAE Mixed mode), and No Encryption.
I've tried Cipher Auto, Forced CCMP (AES), and Force TKIP and CCMP (AES).
Nothing seems to get it to actually connect. What am I doing wrong?
The WAP is an ancient DD-WRT and other things are connecting (and connected) to it ok.

I've tried disabling this interface, then going to Scan and "Join Network" but I just get an error saying "Maximum number of one client for one device allowed. To specify few possible clients use Multi AP" but it won't let me enable multiAP either?

I don't know where to go from here, and being 200km away and in a locked compound, I can't easily get to it.

Answer 1

Hello,

When you scan for nearby access points, there is a column in the results, which shows the type of encryption each access point uses. Based on that, configure client interface on RUT955 device accordingly.

Another common issue in similar applications are overlapping LAN subnets. It translates into the requirement for RUT and DD-WRT devices to be separated in different subnets.

If the issue is not resolved by correctly configuring above, I would like you to attach a troubleshoot file to your question. Please, replicate the issue, then access router's WebUI, go to System -> Administration -> Troubleshoot section and download troubleshoot file from there. 

The logs in the file might provide more insight into the issue.

Best regards,

Comments

Yes, I used the scan tool and checked I had the same encryption type set.

The subnet isn't an issue, because the client isn't even connecting at all, the AP isn't showing the client associated, much less did a DHCP request.

I did an "iwlist wlan0 scan" and the WAP we're looking for shows:

wlan0     Scan completed :
          Cell 01 - Address: 00:22:6B:82:78:FC
                    Channel:8
                    Frequency:2.447 GHz (Channel 8)
                    Quality=47/70  Signal level=-63 dBm 
                    Encryption key:on
                    ESSID:"REDACTED"
                    Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 18 Mb/s
                              24 Mb/s; 36 Mb/s; 54 Mb/s
                    Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 48 Mb/s
                    Mode:Master
                    Extra:tsf=00000ab76b938b06
                    Extra: Last beacon: 128ms ago
                    IE: Unknown: 0004796D6274
                    IE: Unknown: 010882848B962430486C
                    IE: Unknown: 030108
                    IE: Unknown: 2A0100
                    IE: Unknown: 2F0100
                    IE: IEEE 802.11i/WPA2 Version 1
                        Group Cipher : CCMP
                        Pairwise Ciphers (1) : CCMP
                        Authentication Suites (1) : PSK
                    IE: Unknown: 32040C121860
                    IE: Unknown: DD090010180201F0000000
                    IE: Unknown: DD180050F2020101800003A4000027A4000042435E0062322F00
 

---

Would it be possible to get a troubleshoot file from your router, generated after a couple of attempts to connect to your access point?

Best regards,

---

Hi, did you get my PM with login credentials etc?
The site remains on a very expensive cellular connection, would really like to get it on wifi...

---

Hello,

Apologies for the late reply. Thank you for keeping the link running.

I have logged in and found the issue.

Wireless client configuration had incorrect BSSID or MAC of the access point it was connected to set, most likely due to the different device being used in your local testing.

Replacing the configured value with the one from the scan results have solved the issue.

Best regards,

---

Thank you. Such a simple oversight, I (incorrectly) "assumed" that configuring the SSID and not actually specifying a MAC would let it associate with whatever WAP it found with that SSID!
Is it possible to have it associate with "whatever" WAP it finds with the matching SSID?
I can see this would be a problem if we ever had to replace the WAP for example!

---

Hello,

You could try implementing a roaming between access points with the same passwords and SSID's solution, by making come SSH modifications. To configure these changes, please login to your router via CLI/SSH. Edit wireless configuration file with a text editor using the following command:

• vi /etc/config/wireless

Press letter i to enable editing and add the following options to config wifi-iface, which has option mode 'sta'  (your WiFi client instance)

         option bgscan 'simple'
         option short_interval '20'
         option long_interval '300'
         option signal_thresh '-50'

Once done, press Esc button, entre :wq and press Enter to save changes and exit. Then execute reload_config command.

Explanation of the options:

• Short_interval - defines the interval between background scans (in seconds) if the actual signal level of the currently connected access point is worse than signal_strength (signal_thresh in wireless config).
• Long_interval - defines the interval between background scans (in seconds) if the actual signal level of the currently connected access point is better than signal_strength(signal_thresh in wireless config).
• Signal_thresh - defines a threshold (in dBm) that determines which one of the following two parameters (i.e., Short Interval or Long Interval) will be effective.

Best regards,