0

My problem is that if I add over 3 access points to my WLAN network DNS stops working on Android devices. All other operating systems are working (Windows 7, Windows 10, iPhones).

I've looked on properties of Android device and it gets IP and DNS normally. Sometimes on WLAN properties there's an error Connected, no internet and Connected, but Chrome browser always gives an error dns_probe_finished_nxdomain. I've tried other browsers also.

The access points are configured to bridge all traffic and there's PfSense virtual machine which acts as a DHCP server. User authentication is handled by FreeRADIUS 3 on an Ubuntu 16.04 virtual machine. I've tried to configure PfSense to use DNS Resolver and DNS Forwarder without any success.

My network:

A picture of my network

All the access points are TP-Link Archer C7 v2 wireless running with OpenWRT Chaos Calmer and with same configuration. I've checked that it's not one particular AP that messes the network, but always if I connect over 3 APs, Androids start to fail.

On OpenWRT I've disabled DHCP and firewall.

uci set dhcp.lan.ignore=1
uci commit dhcp
/etc/init.d/dnsmasq restart 
/etc/init.d/firewall disable
/etc/init.d/firewall stop

Here's OpenWRT's network configuration /etc/config/network:

config interface 'loopback'
    option ifname 'lo'
    option proto 'static'
    option ipaddr '127.0.0.1'
    option netmask '255.0.0.0'

config globals 'globals'
    option ula_prefix 'fd7f:9df2:3177::/48'

config interface 'lan'
    option ifname 'eth0 eth1'
    option force_link '1'
    option type 'bridge'
    option proto 'static'
    option netmask '255.255.0.0'
    option ip6assign '60'
    option ipaddr '192.168.33.20'

config switch
    option name 'switch0'
    option reset '1'
    option enable_vlan '1'

config switch_vlan
    option device 'switch0'
    option vlan '1'
    option ports '0 2 3 4 5'

config switch_vlan
    option device 'switch0'
    option vlan '2'
    option ports '1 6'

And here's OpenWRT's wireless configuration /etc/config/wireless:

config wifi-device 'radio0'
    option type 'mac80211'
    option hwmode '11a'
    option path 'pci0000:01/0000:01:00.0'
    option htmode 'VHT80'
    option txpower '17'
    option channel '48'
    option disabled '0'

config wifi-iface
    option device 'radio0'
    option network 'lan'
    option mode 'ap'
    option ssid 'mywlan'
    option auth_server '192.168.33.1'
    option auth_port '1812'
    option auth_secret 'XXX'
    option encryption 'wpa2'

config wifi-device 'radio1'
    option type 'mac80211'
    option channel '3'
    option hwmode '11g'
    option path 'platform/qca955x_wmac'
    option htmode 'HT20'
    option txpower '23'
    option disabled '0'

config wifi-iface
    option device 'radio1'
    option network 'lan'
    option mode 'ap'
    option ssid 'mywlan'
    option auth_server '192.168.33.1'
    option auth_port '1812'
    option auth_secret 'XXX'
    option encryption 'wpa2'
techraf
  • 4,163
  • 8
  • 27
  • 44
Eastman
  • 60
  • 8
  • Perform some packet captures and see what traffic to/from the phone looks like when this happens. The problem will become clear rather quickly. – EEAA Sep 21 '16 at 12:11
  • @EEAA thanks for the comment. I used tcpdump for one Android device and got this solved. – Eastman Sep 26 '16 at 16:32

1 Answers1

0

The modem must be set for guest WiFi. There must be set to WPA-PSK / WPA2-PSK encryption. (Can be service-specific or choose the highest encryption) OpenWRT wifi the same SSID and encryption end password to be set as a modem. That's it.

tombull89
  • 2,958
  • 8
  • 39
  • 52
Gal Zoltan
  • 1