Re: WEP not working masquarading?


From: Keith Mayfield (krmayfield_at_yahoo.com)
Date: 2002-04-26 04:22:08 UTC


I am not sure what is going on now... I can ping yahoo with the wireless Windoze machine through the Linux Host that has WEP enable, but I get "Request time out" for the first ping. (Result are below) I still cannot surf the web with with windoze machine If I turn off WEP then I can ping without errors and surf the web. What is going on? With and without WEP I can ping the Linux Host AP without any problems. Other Information:Linux Host AP is a PIII 450 with 128Meg of Ram. Wireless card is a DLink 650 These are the command I used to set up the Masquarading

iptables -F
iptables -F -t nat
iptables -t nat -A POSTROUTING -j MASQUERADE
This is the output from the ping request with the WEP Enabled. C:\>ping www.yahoo.com
Pinging www.yahoo.akadns.net [64.58.76.178] with 32 bytes of data: Request timed out.
Reply from 64.58.76.178: bytes=32 time=91ms TTL=235
Reply from 64.58.76.178: bytes=32 time=90ms TTL=235
Reply from 64.58.76.178: bytes=32 time=90ms TTL=235
 

  Jouni Malinen <jkmaline_at_cc.hut.fi> wrote: On Tue, Apr 23, 2002 at 07:15:13PM -0700, Keith Mayfield wrote:

> My eth0 is connect to my cable modem to the net.

> iptables -t nat -A POSTROUTING -p TCP -j MASQUERADE

I would add '-o eth0' to that in order to prevent masquerading in the other direction..

> If I put in the windoze 64 WEP as 1234567890 and then
> issue the following command on the Host AP:
>
> iwconfig wlan0 enc 1234567890
>
> I can ping the Host Ap with the windoze machine, but I
> cannot surf the web.

Hmm.. I was unable to duplicate this. Masquerading TCP packets from AP to Internet worked fine with and without WEP. Could you test whether TCP connections between client and AP hosts work? What about ping from client to Internet (of course with '-p TCP' removed from iptables line).

-- 
Jouni Malinen PGP id EFC895FA



---------------------------------
Do You Yahoo!?
Yahoo! Games - play chess, backgammon, pool and more


This archive was generated by hypermail 2.1.4.