Manuel has clearly said, several times, that while m0n0wall has some
wireless AP support, a separate AP is a better solution. Here's
another strange piece of that puzzle, and another reason to heed his
I work a fair bit with community wireless LANs and we use quite a few
wireless to ethernet bridges. In particular the D-Link DWL-810+ (or a
hacked DWL-800AP+). But there are two versions of this box: both look
the same and run the same firmware, but they are labelled hardware
revisions 'A1' and 'B2'.
The A1 versions don't associate with a m0n0wall AP. At least not one
running on a Soekris 4511 with a Senao/EnGenius 200mW miniPCI card.
The exact same hardware running Pebble (www.nycwireless.net/pebble)
will let the bridge associate just fine. The exact same device, but
with the B2 hardware, will associate with either OS just fine.
It makes no sense, but I've been banging my head against this for 24
hours now, and this is the first puzzle piece to fall into place! I
was disappointed to discover that m0n0wall/FreeBSD was the critical
element, but oh well.
So... I'm headed right where Manuel suggested... a separate AP.
Delving into the LInux IP MASQ How To has me pausing about switching
to Pebble. Even if I got the NAT services working and the ruleset
turned on, it would be a major pain to tweak the rules by hand all the
time (not to mention getting the config right to start with!)
PS: For those interested, after sniffing with AirMagnet to try and
work out what was going on, the D-Link was sending out probes just
fine, and receipts were being sent by the AP OK, but it apparently
never recognised the receipts and it kept sending probes and never
tried to authenticate.