1

I'm trying to set up my raspberry pi 3 running a fresh install of raspbian buster as a wireless access point with a bridge to ethernet to give connected devices internet access.

I followed the official raspberry pi tutorial for doing so found here: https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md

As I walked through the tutorial I was able to connect my phone and laptop to the access point before I added the ethernet bridge. After adding the bridge section everything shows up fine in the logs, but for some reason when I try to connect from my phone and computer now I get "incorrect password".

enter image description here

I did not change the password in my hostapd.conf file between each section so I know the password is correct considering I was able to connect to the AP before the bridge.

I did some searching around and found this thread that says the issue may be due to a timeout that triggers when the translation of the password from the plain text to hash takes to long and suggests replacing the wpa_passphrase with a wpa_psk using a hash generated by the wpa_passphrase command. I tried that and get the same "incorrect password" prompt.

I'm not sure what to do from here or how to troubleshoot it.

Here's what my hostapd.conf file looks like:

interface=wlan0
bridge=br0
#driver=nl80211
ssid=cs-touchscreen
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
# This is the passphrase I was using successfully before the bridge and it's the same password I used to get the hash
#wpa_passphrase=ohSoSecret!!
wpa_psk=<the hash string. I'm retyping from my raspi and I'm _not_ typing that hash by hand!>
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

Any ideas?

The computer I'm trying to connect from is an apple running mac os 10.14.6 and my phone is a samsung galaxy s10 running android 10.

UPDATE

This morning I read back through the instructions and "unhooked" the bridge.

Specifically, I edited my /etc/dhcpcd.conf file and commented out the denyinterfaces lines I added per the walkthrough:

# * Commenting out the denyinterfaces to unhook the bridge
#denyinterfaces wlan0
#denyinterfaces eth0
interface wlan0
    static ip_address=192.168.4.1/24
    nohook wpa_supplicant

I then put the driver back into my hostapd.conf and commented out the bridge:

interface=wlan0
# * commenting out the bridge and adding the driver back in to unhook the bridge
# bridge=br0
driver=nl80211
ssid=cs-touchscreen
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
# This is the passphrase I was using successfully before the bridge and it's the same password I used to get the hash
#wpa_passphrase=ohSoSecret!!
wpa_psk=<the hash string. I'm retyping from my raspi and I'm _not_ typing that hash by hand!>
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

When I do this both the passphrase and psk work when trying to connect from my phone or computer.

It seems like something in the bridge or it's connection is causing this password issue, but again I'm not sure where to go from here.

Chris Schmitz
  • 111
  • 1
  • 5
  • *generated by the wpa_supplicant command* - you mean by the wpa_passphrase command? try using a wpa_passphrase instead of a wpa_psk - if that works, then you've botched the wpa_psk somehow - edit: oh, you did use a passphrase originally after the bridge? – Jaromanda X Feb 28 '20 at 05:32
  • @JaromandaX I mistyped, it's the hash I pulled out of the wpa_passphrase command that I tried as the wpa_psk value in the hostapd.conf file. Also yeah, I was originally using the passphrase and that stopped working when I added the bridge which is when I tried the psk :/ I'm going to try re-generating the psk this morning, but I'm positive I copy/pasted it correctly. – Chris Schmitz Feb 28 '20 at 14:04
  • also @JaromandaX I added an update to the post after doing some more troubleshooting, still stuck, but I've def narrowed the issue down to something to do with the bridge or how it's hooked up. – Chris Schmitz Feb 28 '20 at 14:19

2 Answers2

1

You do not ask a detailed question to solve your problem so I assume that a general other solution is also acceptable. The problem with the official tutorial you have used is that it stuck with traditional setup with many additional tools like hostapd, dnsmasq and bridge utils. But up to date operating systems like Raspbian Buster come with systemd and installations have to respect this. Mixing up traditional setups with parts of systemd may work for simple setups but may have problems with more complex configurations like a network bridge together with an access point.

In particular the cited setup just tries to configure old style bridge utils with setup files from systemd-networkd in /etc/systemd/network/. This may work but I suspect that this is the right way because configuration with files in /etc/systemd/network/ is defined to be used with systemd-networkd. In addition systemd-networkd comes with all services built-in so you don't need additional tools. You can just configure everything you need. So I suggest to use only systemd-networkd to setup an access point with a wired uplink bridge. How to do it you can look at Setting up a Raspberry Pi as an access point - the easy way as shown in section ♦ Setting up an access point with a bridge.

Ingo
  • 40,606
  • 15
  • 76
  • 189
  • The suggestion ingo does not work sadly, Just spend an hour following the guide he linked too but it does not work. So i would suggest avoiding trying that one and finding a better solution. – Kit Jan 07 '21 at 09:38
  • @Kit The linked tutorial is accepted by 37 other users. You also used the official setup from the foundation that is also known to work. I don't believe that you will have more luck with another solution. It seems that you have a general issue with networking. – Ingo Jan 08 '21 at 10:24
0

Ok, I just spent half a day on exactly the same issue (on Pi4 Ubuntu Server 20.04) and got it working now (although I'm not sure I trust it yet).

The problem seems to be an incomplete setup of the bridge in hostapd. I ended up adding the bridge option to hostapd.conf and in addition to the network configuration. Here is my netplan config:

network:
  version: 2
  renderer: networkd

  ethernets:

    eth0:
      dhcp4: false 
      dhcp6: false 

    wlan0:
      dhcp4: false
      dhcp6: false

  bridges:

    lan0:
      interfaces:
        - eth0
        - wlan0
      addresses:
        - 192.168.x.x/24
      nameservers:
        addresses: [1.1.1.1, 1.0.0.1]
        search: [local]
      dhcp4: false 
      dhcp6: false

There was a compounding issue with failed access to /run on startup - ended up changing /lib/systemd/system/hostapd.service:

After=network.target remote-fs.target
DeathByPiano
  • 1