We have upgraded the community system as part of the upgrade a password reset is required for all users before login in.

Omega2+ fails to connect to wifi

  • @M-S192 This worked for me. Thanks! How did changing the router mode fix the issue?

  • @Nilay-Desai Well, I don't know about the mt76 driver from onion firmware but the one in official LEDE builds can disable 11n by setting htmode 'NONE' in wifi-device section. Maybe this is default behavior of onion driver.
    You can try to set htmode 'HT20' (or HT40 depending on your settings) and switch your router to 11n-only mode again.
    If this won't work I've no idea why it happens.

  • I try all solution but don"t work with my router mikrotik RB2011UiAS-2HnD-IN
    On other routers it works

  • @pvadam I had to change my country from US to CAN and that solved this whole thing
    I feel like this should be PINNED somewhere @administrators

  • I am just as disappointed, unhappy and annoyed as you guys.
    Fact is, I could not connect to any MikroTik router.
    (WPA1PSKWPA2PSK/AES, 802 b/g/n) - I am just not in the mood to play around with the settings yet.

    It did connect to my Cisco E2000 (WPA2PSK/AES)

  • This post is deleted!

  • Think my problem is the same, but in my case I can connected to both my home access points (although I still haven't managed to set a fixed IP via dhcp), but it's my android phone's hotspot I can not connect to which is a shame as that's what I really want to connect to.
    Everything I can see suggests that all three SSIDs are using WPA2 with AES.

  • Same issue here (all those “solutions” recommended on forum – don’t work), cannot resolve for months.

    What pisses me of the most - all those "exciting news!" emails from Omega team about some new features and how cool omega 2 is. Sounds like a f%$%ing mockery, considering that basic functionality does not work (or does not work reliably).
    And what Omega team done? Correct answer – nothing, pretending the problem with WiFi does not exist.

    Don't buy Omega Onion, don't support them, may be losing money will make them do something, as civilized approach does not work.

  • As this seems to still be an ongoing issue and I've had my unit for some crazy amount of time, after testing the latest firmware every month or so I seem to have finally cracked this issue.

    No promises that this will work for everybody but it certainly worked for me.

    I have my MT set to some pretty vanilla standards

    0_1499251745653_Screenshot from 2017-07-05 20-48-35.png

    I have static channels configured

    0_1499252068013_Screenshot from 2017-07-05 20-54-06.png

    But again, all really normal bizwack.

    The only change required on my onion in order to connect cleanly was the following

    root@Omega-2EB7:/etc/config# cat wireless 
    config wifi-device 'ra0'
            option type 'ralink'
    #        option mode '9' # This doesn't seem to work on an MT
            option mode 'sta' # This works on an MT
            option channel '6' # This shouldn't be required to be a number and can be left as 'auto'
            option txpower '100'
            option ht '20+40' # Meh, 20, this works but so does 20 or 40 from memory
            option country 'AU' # Whatever your country is
            option disabled '0'

    I'm not going to say that this is the magic bullet but it certainly got me up and running.

    Caveat I still don't have network access other than ICMP. I think this is a firewall issue on the unit itself but I can't work it out yet. This is just my first step so sharing in case it corrects the problem for anybody else.

    Hope that helps somebody

  • @Scott-Horsley thanks! I wasn't able to reproduce your config - for me, the change from option mode '9' to 'sta' doesn't change a thing. I still get "wlan1: disconnected, unicast key exchange timeout" in router logs.

    However, I made some observations that might help you move forward:

    • with option mode 'sta' and security profile on Mikrotik set to default (open - no password), my Onion2 connects to wifi (!)
    • I also observed only ICMP traffic passing through
    • it seems to be a local firewall issue, as Mikrotik sniffing shows no outbound attempts
    • you can disable Onion firewall by /etc/init.d/firewall stop, but it doesn't change a thing - the only traffic that the router receives is ICMP and ARP, but not TCP


  • @Scott-Horsley further observations:

    • firewall is controlled by fw3 which in turn controls iptables
    • flushing iptables (iptables -F) does not solve the problem
    • a device connected to the Omega can connect to the Internet but DNS won't work (seems to be an issue with Omega's NAT config)
    • if you instruct iptables to log outbound traffic (iptables -t filter -A OUTPUT -o apcli0 -j LOG), then dmesg actually shows those missing packets that don't arrive to the router

    Seems like there is a second firewall layer after iptables are applied.


  • @Michal-Rok thanks for the feedback, sorry it got you no further either.

    Yep, I disabled the firewall entirely, even as far as removing the rc startup link and rebooting with no change. iptables -L shows nothing at all at this point (what you'd expect really). I tried forcing the wlan interface into the bridge (br-wlan) also with no change at all. I disabled dnsmasq and forced the resolution to Google ( with, of course, no change either (which you'd expect as nothing appears to arrive on the router itself).

    Was there a reference anywhere to what the "option mode '9'" (or 'sta') does and any other options relating to this area of the config? I searched on anything WRT but didn't show anything about the ralink unit so was rather roadblocked at that point.

    One other point that I noted was that I needed to ensure my channel was low in order to work at all, almost like the AU flag wasn't being used. Not a huge deal as a quick scan on the MT suggested 6 was the best channel for me but changing from AU to US and/or back didn't seem to change anything at all.

    As far as running with no security, I might try that trick and see if I can get any ideas of what is happening.

    I originally tried connecting to my mobiles hotspot to get running and that worked, then modified the config to suite the MT, hoping that the initial config was doing something more when it was first coming online but as mentioned by a few others, that made no difference either.

    Frustration to say the least.

    Has anybody had any luck with a USB wifi adaptor and an MT on these units?

    I love my MT(s, I have a few running in the house) so a decision to swap them isn't going to fly and I'd rather just accept that the Omega isn't for me than contemplate the alternative.

  • @Scott-Horsley I was suspecting that some default firewall kicks in when Omega's software sees an open, unencrypted wifi network. But that assumes you're running an open network too, but I'm reading this wasn't the case.

    I wasn't able to reproduce your observations regarding encryption - for me, Omega never connects to a WPA2PSK/AES network.

  • @Michal-Rok Seems rather inconsistent if that is the case, I originally couldn't connect with anything of course, this configuration I can reproduce directly after a firstboot -y, sync.... which means it's certainly working.

    My SSID and Passphrase are really simple words only, ECLIPSE being the SSID (as referenced, and strangely, I blanked out in the SSID box), but the password may as well be abc123 with how simple it is.

    I'm dumping my MT config for the information it may or may not share with regards to this. I'm running RouterOS v6.39.2 (stable) at this time.

    [scott@ap2] > /interface wireless print where name=wlan-ECLIPSE                     
    Flags: X - disabled, R - running 
     0  R name="wlan-ECLIPSE" mtu=1500 l2mtu=1600 mac-address=XX:XX:XX:XX:XX:XX arp=enabled interface-type=Atheros AR9300 mode=ap-bridge ssid="ECLIPSE" frequency=channel-6 band=2ghz-b/g/n channel-width=20mhz 
          scan-list=default wireless-protocol=any vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled default-authentication=yes default-forwarding=yes 
          default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no security-profile=profile-ECLIPSE compression=no 
    [scott@ap2] > /interface wireless security-profiles print where name=profile-ECLIPSE
    Flags: * - default 
     0   name="profile-ECLIPSE" mode=dynamic-keys authentication-types=wpa2-psk unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="xxxxx" wpa2-pre-shared-key="xxxxx" 
         supplicant-identity="MikroTik" eap-methods=passthrough tls-mode=no-certificates tls-certificate=none mschapv2-username="" mschapv2-password="" static-algo-0=none static-key-0="" static-algo-1=none 
         static-key-1="" static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none static-sta-private-key="" radius-mac-authentication=no 
         radius-mac-accounting=yes radius-eap-accounting=no interim-update=0s radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username radius-mac-caching=disabled group-key-update=5m 
         management-protection=disabled management-protection-key="" 

  • @Scott-Horsley can you please post results of /interface wireless export here? It will show just the non-default parameters and might make it easier to reproduce.

  • @Scott-Horsley well done! Setting
    option mode 'sta'
    worked for me!

  • @Alex-Thow are you also experiencing an issue with firewall or do you have full connectivity?

  • @Michal-Rok full connectivity. Though on reboot it doesn't connect to wifi...in etc/config/wireless the ApCliEnable is being reset to '0'! I have to connect via serial port to set to '1' and restart wifi. I need to sort that next!

  • This is what I did to get my Omega2p (0.1.5 b130) working with SKY Q Hub using WPA2PSK/AES in UK.

    Basically, after configuring the wireless connection with the wifisetup tool (from serial console) I needed to edit the /etc/config/wireless and set the country to UK and ApCliEnable to 1.

    config wifi-device 'ra0'
            option type 'ralink'
            option mode '9'
            option channel 'auto'
            option txpower '100'
            option ht '20'
            option country 'UK'
            option disabled '0'
    config wifi-iface
            option device 'ra0'
            option network 'wlan'
            option mode 'ap'
            option encryption 'psk2'
            option key '12345678'
            option ssid 'Omega-XXXX'
            option ApCliSsid 'SKYFECB3'
            option ApCliPassWord 'XXX'
            option ApCliEncrypType 'AES'
            option ApCliAuthMode 'WPA2PSK'
            option ApCliEnable '1'
    config wifi-config
            option ssid 'SKYFECB3'
            option encryption 'WPA2PSK'
            option key 'XXX'

    But every reboot I need to set ApCliEnable to 1 after I uploaded to "0.1.10 b160" version. And sometimes the wifi connects, sometimes not. Maybe I'll downgrade to "0.1.5 b130" version.

    It is incredible how buggy is this device.

  • @Alex-Thow, I can confirm that this is happening to me in the Omega2+ 0.1.10 b160.

Looks like your connection to Community was lost, please wait while we try to reconnect.