WPA with WDS?

Discussion in 'Tomato Firmware' started by gotamd, Oct 16, 2007.

  gotamd

    gotamd Network Guru Member

    Does anyone know whether or not this works. I set up a WDS link a while back on version 1.07 and it didn't seem to work. I ended up using WEP, which isn't an ideal solution. Has anyone gotten WPA working with WDS yet? I figured that it's about time to upgrade the firmware on the routers, so if WPA will work I can do that all at once.
  dvd-guy

    dvd-guy Guest

    It works, but it may be flaky some of the time. I find that when the keys renew themselves, there is some temporary problems with connectivity. This was with 1.07, so I'm not sure how 1.10 stacks up.
  GeeTek

    GeeTek Guest

    With 1.07 I noticed the same behaviour. If one radio reboots the connection will stay down for 5 or 10 minutes sometimes. Enabling STP solved all of the connectivity problems even though it was a link on just 2 radios. For WPA you must use WPA personal and each radio must have the same SSID.
  dvd-guy

    dvd-guy Guest

    Do I need to enable STP on both routers or just one?
  m078

    m078 LI Guru Member

    I'm using WDS with WPA Personal +AES, on Tomato 1.10

    Configuration is:

    WRT54G V2 (WDS) ---- Buffalo WHR-G54S (WDS+AP) ---- WRT54G V2 (WDS) wired to WMA11B

    I have STP enabled on all boxes but haven't tried it without.

    All are on same channel, with same SSID

    (Before you ask, I did it this way because the WMA11B struggled to get a good signal from the Buffalo, and I didn't want to support B+G mode just for this single device. With this configuration the signal strength is good enough. In any case the WMA11B doesn't support WPA.)

    Works just fine. Laptop connects wirelessly to the Buffalo and I can get 5 or 6mb/sec downloads which is the max my WAN connection can provide.
  GeeTek

    GeeTek Guest

    I enabled it on both and it worked great. As far as I know it should always be enabled at each end of the link, especially with multiple radios.
  gotamd

    gotamd Network Guru Member

    Thanks for the info. I may be giving WPA another shot :)
  fiurico

    fiurico Network Guru Member

    I feel the need to ring in here. I was on 1.07 with a GSv4 and one of the buffalo routers (dont recall model). I ran WPA AES WDS+AP for over a month ROCK SOLID without one glitch. I only ran into problems when using it with TKIP instead of AES. NO STP was involved if I recall correctly. So if your using WDS+AP on AES WPA then you should be good to go.
  GeeTek

    GeeTek Guest

    It was with WPA Personal AES only that I was having problems with. You can test it yourself. With STP turned off, run a ping loop to the distant WDS radio. Reboot the local radio while the loop is running. With no STP it would take up to 10 minutes or more to resume pings, sometimes never. With STP enabled the ping responses and connectivity would resume in 35 seconds every time, as soon as the router was booted and functional. Any other factors that caused a dropped connection would also result in a very long re-connection time. This was with Buffalo HP radios, and occurred on several test radios. Rebooting both radios would also re-establish the link right away. It is only when one radio drops that the problem occurs. There seemed to be some sort of session binding with the WPA encryption protocol. Spanning tree protocol establishes alternate connections which is why I think it solved the problem.
  Odin-60

    Odin-60 LI Guru Member

    WDS works flawlessly with WPA+TKIP here,
    whereas it seems not to work with WPA2.
    STP should be enabled on all WDS stations.
  fiurico

    fiurico Network Guru Member

    Although I do not doubt your experience with your setup, my experience with my setup has been stated above with ZERO problems for over a month. I think that is a fare amount of testing time. WDS+AP on both routers, AES encryption, STP turned OFF as that is what Jon over at Polarcloud FAQ says to do unless there are 3 routers in the mix (I only had two).

    Odin-60: AFAIK, WDS2 works with none of the firmware’s out there. Although that may not be the case with every firmware/router, that is the general consensus I have read over the years thus far. I have no idea why I could not get TKIP to work. Unfortunately, I need it for a wireless Netgear USB print server I have at that location that makes life easy, networking wise anyway. Ended up being when I used tomato on WDS+AP TKIP, the wireless print server would fall off for a certain amount of time (say a minute), then come back on for a minute, then fall off for a minute...in a repeated never ending cycle. Quite frustrating. After trying every combination possible in tomato as well as Thibor 15c, I was forced to try DD-WRT 24 RC3 or RC4 (don't recall which is on there now) and it works FLAWLESSLY for that application. So that’s what I had to stay with. I still run tomato everywhere else that I install for others as well as myself across GS/GL/G routers as well as 2 buffalo (GS 54 I think is one of the models and another that I do not recall what it is).
