I have an unusual situation where an app I am using to control certain devices remotely has to be in the same broadcast domain as those devices. I do this by accessing a remote OpenVPN TAP (not TUN) server installed on a router on the remote end with a client installed on my router. The client is connected to its own internal bridge, which is in turn connected to a dedicated virtual wireless interface with its own unique SSID. When I connect to that ID, it is as if I am locally connected to the subnet and broadcast domain on the far end. I have all this working perfectly with Fresh Tomato on my local router.
I also am able to get it working with Merlin as long as the virtual wireless (a guest SSID) is set up for open authentication. The data flow works just great. But if I turn on WPA2-Personal, I always get a "Can't connect to this network" error. No messages of any kind are logged in the syslog.
I am thinking I might be missing some critical authentication configuration somewhere.
This is how I have it set up: with a custom script tat runs at startup I create a new bridge (br11). I delete my special guest virtual wireless interface (wl1.2) from br0, and add it to br11. I give br11 a statically assigned address consistent with the far end of the TAP VPN, and bring it up with ifconfig. When the TAP client connects, I run a script that deletes the client interface (tap11) from br0 and assigns it to br11. As I say, everything works great except for the authention. As soon as I change it from Open to WPA2-Personal, I get the "Can't connect" error.
Am I missing something somewhere, or is there a reason this just can't work?
I also am able to get it working with Merlin as long as the virtual wireless (a guest SSID) is set up for open authentication. The data flow works just great. But if I turn on WPA2-Personal, I always get a "Can't connect to this network" error. No messages of any kind are logged in the syslog.
I am thinking I might be missing some critical authentication configuration somewhere.
This is how I have it set up: with a custom script tat runs at startup I create a new bridge (br11). I delete my special guest virtual wireless interface (wl1.2) from br0, and add it to br11. I give br11 a statically assigned address consistent with the far end of the TAP VPN, and bring it up with ifconfig. When the TAP client connects, I run a script that deletes the client interface (tap11) from br0 and assigns it to br11. As I say, everything works great except for the authention. As soon as I change it from Open to WPA2-Personal, I get the "Can't connect" error.
Am I missing something somewhere, or is there a reason this just can't work?
