Hi all!!
we are trying to repalce a Teletronics CPE Router with a RB532A...
CPE is working only as an AP. WEP encryption, this AP have a 20 Client between Teletronics EZBridge and Litestation2.
CPE Router = 250mW 802.11b Omni 15dBi
TT EZBridge = 200mW 802.11b grid 24dBi
LS2 = 400mW 802.11b Panel 19dBi
Farest client is 20 Km Away form the AP, nearest client is 3 or 4 Km.
when the number of clients goes near to 15, the CPE router seems to get slower, ping times begins to grow, system speed is slowing down...
so we decide to replace it with a RB532A overclocked to 330MHz.
Lab tests between RB532A - LS2 - TT EZBridge works perfect... full communication system...
the WEP configuration for each equip are (EZBridge only supports WEP):
RB532A = Wep -40 static keys required (static key optional never works with TT)
TT EZBridge = WEP64 with "deny unencrypted data" selected (with CPE "Deny unencrypted data" and "Shared key authentication" are selected)
LS2= WEP Enable in open system.
but... when we replace the CPE with RB532A, there is no communication between any client and the RB532A.
all the LS2 Clietns try to connect but:
1)the wireless security config in this LS2 is different, have shared key instead of open system.
2) automatically have connection (why??!!!!), but have very big ping times (near a sec) and losing packets.
if i modify a EZbridge like the labt test EZbridge, this did now work.
if i install the EZbridge lab test, we get no link (config have no any change made in any equip.)
if i return the CPE Router, and EZBridge have CPE WEP config... all "works normal".
i dont know what is happening here, but if you hava any idea that can help me to solve this problem please make me know, i will appreciate very much your help!!
Thanks!
what is happening
Re: Replacing Teletronics CPE Router With RB532A
nazgul -
A couple of 'things', a CPE is Customer (or Client) Premises Equipment. Above you interchange CPE with the AP (Access Point so your post is a little confusing.... I know TT calls one of their products a 'CPE Router' but you have to tell us the function and stick to that through your post... i.e. is it used as a CPE or as an AP (AP/Router).
I have used TT EZBridge CPEs w/MT 532s. It will work. I am not sure about the LS, there were some early posts that suggested some incompatibilities. I think those have been fixed now though. Make sure you have the latest firmware for both the TT and the LS - that will help a lot!
For the TT - authentication must be OPEN SYSTEM, not SHARED. In the WEP key on the TT - use only uppercase letters - I don't know why it makes a difference but it did when we first used the TT EZ-Bridge CPE...maybe that is fixed now - maybe not.
What kind of wireless card are you using in the MT 532? you didn't mention that... I remember some posts about some issues with Prism based cards and Atheros based wireless cards.... You may want to search the forum here on that topic. That could be the real issue....
Thom
A couple of 'things', a CPE is Customer (or Client) Premises Equipment. Above you interchange CPE with the AP (Access Point so your post is a little confusing.... I know TT calls one of their products a 'CPE Router' but you have to tell us the function and stick to that through your post... i.e. is it used as a CPE or as an AP (AP/Router).
Above - Are you trying to tell us about the LS connection? If so, let's separate your problem in to two parts EZBridge and LS.....but... when we replace the CPE with RB532A, there is no communication between any client and the RB532A.
all the LS2 Clietns try to connect but:
1)the wireless security config in this LS2 is different, have shared key instead of open system.
2) automatically have connection (why??!!!!), but have very big ping times (near a sec) and losing packets.
I have used TT EZBridge CPEs w/MT 532s. It will work. I am not sure about the LS, there were some early posts that suggested some incompatibilities. I think those have been fixed now though. Make sure you have the latest firmware for both the TT and the LS - that will help a lot!
For the TT - authentication must be OPEN SYSTEM, not SHARED. In the WEP key on the TT - use only uppercase letters - I don't know why it makes a difference but it did when we first used the TT EZ-Bridge CPE...maybe that is fixed now - maybe not.
What kind of wireless card are you using in the MT 532? you didn't mention that... I remember some posts about some issues with Prism based cards and Atheros based wireless cards.... You may want to search the forum here on that topic. That could be the real issue....
Thom
Re: Replacing Teletronics CPE Router With RB532A
thanks for your comments Thom.
first of all, the "TT CPE Router" that i am trying to replace is the same product that you mentioned before... and this operational mode is in access point mode (Not routing. simlpy AP mode).
LS2 = firmware 1.5
MT = Ubiquiti SR2 (Atheros AR5213)
i have a "TT CPE Router" working as an AP, it have 20 station clients dividen into 10 TT EZBridge and 10 LS2.
the working config is next:
LS2 working for "TT CPE Router"
TT EZBridge working for "TT CPE Router"
when i change the "TT CPE Router" for RB532A with the next active security profile:
i got 10 "active" connections in the wireless registration table. all connections are LS2.
this "active" connections have very high ping responses (near a sec) o losing packets.
but... why i have this "active" connections if the LS2 config isn't correct????
ok... then when i try to connect a TT EZbridge to RB532A now with this config:
TT EZBridge working config with a RB532A
with no changes made to LS2 config.
there is no uplink in TT EZBridge!!!
(funny faces helping for stress)
leaving this a little outside...
i made a lab test with RB532 (AP) - LS2 (Station) - TT EZbridge (Station) with the config set before... also... the correct config for LS2 is next:
Working config for LS2 with RB532A
it is working completly well!!! (more showcking funny faces)
good internet connection, good ping timming, even i saw monthy python's spam sketch on youtube...
even i try to do different test, i misconfigured even TT EZBridge or LS2 or Both to try to replicate the failure... but unsuccesfully i have succes in get a proper link status under the correct config for both clients. without it no link is up.
i hope you can help me to see more ponts of view of this problem and can help to solve it.
i you need more infopls make me know.
Thanks alot!!
first of all, the "TT CPE Router" that i am trying to replace is the same product that you mentioned before... and this operational mode is in access point mode (Not routing. simlpy AP mode).
me too... yesterday i made a RB532A(AP) - LS2(Station) - TT EZBridge (Station) WLAN, and this is not the first time we link TT with MT or LS2 with MT even TT or LS2 with "TT CPE Router". i have made some links within this products.I have used TT EZBridge CPEs w/MT 532s. It will work. I am not sure about the LS, there were some early posts that suggested some incompatibilities. I think those have been fixed now though. Make sure you have the latest firmware for both the TT and the LS - that will help a lot!
TT EZBridge firmawre is ver 2.3, this ... re that TT EZbridge had.I have used TT EZBridge CPEs w/MT 532s. It will work. I am not sure about the LS, there were some early posts that suggested some incompatibilities. I think those have been fixed now though. Make sure you have the latest firmware for both the TT and the LS - that will help a lot!
LS2 = firmware 1.5
TT EZBridge = hi power (200mW) PCMCIA card (Prism 2.5) model XI-325HPWhat kind of wireless card are you using in the MT 532? you didn't mention that... I remember some posts about some issues with Prism based cards and Atheros based wireless cards.... You may want to search the forum here on that topic. That could be the real issue....
MT = Ubiquiti SR2 (Atheros AR5213)
yes... but let's start again...Are you trying to tell us about the LS connection? If so, let's separate your problem in to two parts EZBridge and LS.....
i have a "TT CPE Router" working as an AP, it have 20 station clients dividen into 10 TT EZBridge and 10 LS2.
the working config is next:
LS2 working for "TT CPE Router"
TT EZBridge working for "TT CPE Router"
when i change the "TT CPE Router" for RB532A with the next active security profile:
Code: Select all
name="profile1" mode=static-keys-required
authentication-types=wpa-psk,wpa2-psk unicast-ciphers=tkip
group-ciphers=tkip wpa-pre-shared-key="" wpa2-pre-shared-key=""
tls-mode=no-certificates tls-certificate=none static-algo-0=40bit-wep
static-key-0="XXXXXXXXXX" static-algo-1=none static-key-1=""
static-algo-2=none static-key-2="" static-algo-3=none static-key-3=""
static-transmit-key=key-0 static-sta-private-algo=none
static-sta-private-key="" radius-mac-authentication=no
group-key-update=5m
this "active" connections have very high ping responses (near a sec) o losing packets.
but... why i have this "active" connections if the LS2 config isn't correct????
ok... then when i try to connect a TT EZbridge to RB532A now with this config:
TT EZBridge working config with a RB532A
with no changes made to LS2 config.
there is no uplink in TT EZBridge!!!
(funny faces helping for stress)leaving this a little outside...
i made a lab test with RB532 (AP) - LS2 (Station) - TT EZbridge (Station) with the config set before... also... the correct config for LS2 is next:
Working config for LS2 with RB532A
it is working completly well!!!
(more showcking funny faces)good internet connection, good ping timming, even i saw monthy python's spam sketch on youtube...
even i try to do different test, i misconfigured even TT EZBridge or LS2 or Both to try to replicate the failure... but unsuccesfully i have succes in get a proper link status under the correct config for both clients. without it no link is up.
i hope you can help me to see more ponts of view of this problem and can help to solve it.
i you need more infopls make me know.
Thanks alot!!
Re: Replacing Teletronics CPE Router With RB532A
nazgul -
First - I believe that your LS connected because you have a policy of default forward and default authenticate set up for your RB532 (in the future I'll just call it an RB). In Winbox this can be seen in: Wireless tab on the left hand menu. Select the interfaces tab. Now select your wireless card. Open it up and go to the wireless tab. Look at the bottom three check boxes.... What do you have selected? (checked).
I am guessing that you also do not have anything in the access list or connect list tabs under wireless (Winbox again)? This would require the MAC addresses and the Private Key (under the Access list). For the Connect list; SSID, MAC address and the Security profile have to filled in.
I have not, except in the lab, ever deployed an RB without these items filled in....
Ok nazgul - this should get you pointed in the right direction...If not drop me a line at: thom.lawless@rapidwif.com And when we get done you can post the solution back here in the forum...
Thom
First - I believe that your LS connected because you have a policy of default forward and default authenticate set up for your RB532 (in the future I'll just call it an RB). In Winbox this can be seen in: Wireless tab on the left hand menu. Select the interfaces tab. Now select your wireless card. Open it up and go to the wireless tab. Look at the bottom three check boxes.... What do you have selected? (checked).
I did not see any code for the above 'red' text...this would also be required for both the LS and TT radios to function properly under your current config.name="profile1" mode=static-keys-required
authentication-types=wpa-psk,wpa2-psk unicast-ciphers=tkip
group-ciphers=tkip wpa-pre-shared-key="" wpa2-pre-shared-key=""
tls-mode=no-certificates tls-certificate=none static-algo-0=40bit-wep
static-key-0="XXXXXXXXXX" static-algo-1=none static-key-1=""
static-algo-2=none static-key-2="" static-algo-3=none static-key-3=""
static-transmit-key=key-0 static-sta-private-algo=none
static-sta-private-key="" radius-mac-authentication=no
group-key-update=5m
I am guessing that you also do not have anything in the access list or connect list tabs under wireless (Winbox again)? This would require the MAC addresses and the Private Key (under the Access list). For the Connect list; SSID, MAC address and the Security profile have to filled in.
I have not, except in the lab, ever deployed an RB without these items filled in....
Ok nazgul - this should get you pointed in the right direction...If not drop me a line at: thom.lawless@rapidwif.com And when we get done you can post the solution back here in the forum...
Thom
Re: Replacing Teletronics CPE Router With RB532A
both selectedFirst - I believe that your LS connected because you have a policy of default forward and default authenticate set up for your RB532 (in the future I'll just call it an RB). In Winbox this can be seen in: Wireless tab on the left hand menu. Select the interfaces tab. Now select your wireless card. Open it up and go to the wireless tab. Look at the bottom three check boxes.... What do you have selected? (checked).
if i do copy-paste the statick-key-0 to static-sta-private-key will have a TT-RB link???I did not see any code for the above 'red' text...this would also be required for both the LS and TT radios to function properly under your current config.
i do this config because was the way we made a TT-RB links.
inside lab test with working config i have both radios inside registration list.I am guessing that you also do not have anything in the access list or connect list tabs under wireless (Winbox again)? This would require the MAC addresses and the Private Key (under the Access list). For the Connect list; SSID, MAC address and the Security profile have to filled in.
inside the replacement point i have 10 LS2 links showed ni the registration list...no TT links up.
i have blank access list.
Thanks for your help!
Re: Replacing Teletronics CPE Router With RB532A
Nazgul -
Ok - adding the "static-sta-private-key" should have allowed all of your TT and LS radios to show up in the registration window in winbox. Next while in the registration window, near the top left corner there is a button "Copy to Access List", select the registered radios and press this button. This will add the radio to the Access List. That gives the radio access to use the system. You also may be required to (in the access list tab), select each radio make sure that both boxes - authenticate and forward are checked and you also may be required to select and add the Private Key for each radio....this would be the same WEP key you are already using....
Once all your radios are in the Access list. Try to ping them and make sure they are working.... Once they all work we can go back to the Wireless card configuration here -
Thom
leave these checked for now - we'll come back to this.....default forward and default authenticate
you should. Go ahead and do the copy and paste. This should get all your radios to show up.if i do copy-paste the static-key-0 to static-sta-private-key will have a TT-RB link???
As expected since you are using WEP etc. Registration just 'tells' you that you have radios on line. To full take advantage of the system capabilities we need to do a little more work.inside lab test with working config i have both radios inside registration list.
inside the replacement point i have 10 LS2 links showed in the registration list...no TT links up.
Ok - adding the "static-sta-private-key" should have allowed all of your TT and LS radios to show up in the registration window in winbox. Next while in the registration window, near the top left corner there is a button "Copy to Access List", select the registered radios and press this button. This will add the radio to the Access List. That gives the radio access to use the system. You also may be required to (in the access list tab), select each radio make sure that both boxes - authenticate and forward are checked and you also may be required to select and add the Private Key for each radio....this would be the same WEP key you are already using....
Once all your radios are in the Access list. Try to ping them and make sure they are working.... Once they all work we can go back to the Wireless card configuration here -
Here you should now be able to un-check the the default forward and default authenticate and everything should work just fine.....default forward and default authenticate set up for your RB532 (in the future I'll just call it an RB). In Winbox this can be seen in: Wireless tab on the left hand menu. Select the interfaces tab. Now select your wireless card. Open it up and go to the wireless tab. Look at the bottom three check boxes....
Thom
Re: Replacing Teletronics CPE Router With RB532A
Nazgul -
Well - did you make any progress??
Thom
Well - did you make any progress??
Thom
Re: Replacing Teletronics CPE Router With RB532A
sorry for the delay thom...
well.. the replacement is done, lab test as you suggested run very well...
when we go to relplace the original AP, we got some difficulties, but we did the rigth config on the remote clients and the connections go up...
we got some high ping times, but we replace the omni antenna and we got more stable times, but some ping time get bigger than 100 ms, but the rest is fine....
thank you for your help thom.. it was very hepfull..
well.. the replacement is done, lab test as you suggested run very well...
when we go to relplace the original AP, we got some difficulties, but we did the rigth config on the remote clients and the connections go up...
we got some high ping times, but we replace the omni antenna and we got more stable times, but some ping time get bigger than 100 ms, but the rest is fine....
thank you for your help thom.. it was very hepfull..
-
-
illiniwireless
Member Candidate
- Posts: 152
- Joined:
- Location: USA
Re: Replacing Teletronics CPE Router With RB532A
update 1
I currently have UBNT taking a look at 1 of my routerboards with an xr2 card. I am starting to think that it is a software problem. The first time I had this problem I tried 2 different sr2 cards and a cm9 and then a senoa 2511 and the 2511 worked just fine. This tells me that it is having a problem accepting the clients since it doesn't matter if you change settings or not but just simply disabling and enabling the wireless interface several times to get it working. I noteced that the ap is actually sending deauthentication packets to the clients when they try to associate. Hopefully I will have an answer sometime tomorrow.
I currently have UBNT taking a look at 1 of my routerboards with an xr2 card. I am starting to think that it is a software problem. The first time I had this problem I tried 2 different sr2 cards and a cm9 and then a senoa 2511 and the 2511 worked just fine. This tells me that it is having a problem accepting the clients since it doesn't matter if you change settings or not but just simply disabling and enabling the wireless interface several times to get it working. I noteced that the ap is actually sending deauthentication packets to the clients when they try to associate. Hopefully I will have an answer sometime tomorrow.
Re: Replacing Teletronics CPE Router With RB532A
nazgul -
Glad to hear that you've got it working.... As pointed out by illiniwireless and several posts elsewhere here on the forum - there have been some issues w/Atheros chipsets when connecting to Prism chipsets. Mine seem to work fine but I do not have many radios w/Prism chipsets anymore. I would keep that in mind as you expand your network.
illiniwireless -
There are several posts regarding Prism & Atheros chipsets - seach for them on the forum - you'll see it is an on going issue.
Thom
Glad to hear that you've got it working.... As pointed out by illiniwireless and several posts elsewhere here on the forum - there have been some issues w/Atheros chipsets when connecting to Prism chipsets. Mine seem to work fine but I do not have many radios w/Prism chipsets anymore. I would keep that in mind as you expand your network.
illiniwireless -
There are several posts regarding Prism & Atheros chipsets - seach for them on the forum - you'll see it is an on going issue.
Thom