Requirements for new WiFi module setup


  • administrators

    I am working on the new WiFi module code for the Duet WiFi. Here is the provisional list of requirements that I plan to meet:

    1. Configuration of the WiFi module as a client to an existing WiFi network shall in future be done by sending a GCode command giving the SSID to connect to, the WiFi password for that network, and optionally an IP address.

    2. Passwords may include spaces, symbols and accented characters, but not non-printing characters.

    3. The SSID and password shall be stored in flash memory on the WiFi module. Therefore it is not necessary to put the gcode command containing the WiFi password in config.g, which would be a security hazard.

    4. It shall be possible to store several (probably 16) SSID/password/IP combinations in flash memory on the WiFi module. This is intended to facilitate printers that are moved between different locations. When asked to connect, it will look for the strongest known network, and attempt to connect to that network only.

    5. It shall be possible to list the remembered SSIDs, but not the associated passwords, using a GCode command.

    6. It shall be possible to delete one SSID and associated password from the list using a GCode command. The flash memory that was previously used to hold the password shall be overwritten when this is done.

    7. It shall also be possible to run the module as a combined access point and server using a GCode command. In this case, the SSID, password and IP address can be configured and will be stored in flash memory for future use. Only one set of such parameters shall be stored. This will facilitate use at exhibitions and for demonstration purposes.

    8. It shall be possible to "factory reset" the WiFi module, by erasing all SSIDs and the access point configuration data.

    9. It may be desirable to be able to list the SSIDs that can be seen by the module, along with the signal strengths.

    10. It is desirable to provide a mechanism to select a network and enter the password on PanelDue. This may present some difficulties, because of the limited number of characters available on the PanelDue keyboard.

    Does anyone see any issues with the above? Is anything important missing? One disadvantage compared to the current system is that you will have to enter the SSID of the network you want to connect to instead of selecting it from a list. Use of TLS/SSL is out of scope in this iteration.



  • I'm for these upgrades. I move my printer between home and often.



  • What kind of Authentication types will be allowed in the re-write?

    • WPA/WPA-2 (clear text passphrase, hex key, certificates)
    • WPS (send Gcode down to enable WPS for X seconds, press WPS button on home router to pair)

    Something that would be nice (but probably out of scope)

    • mDNS advertising to find your Duet on the network
    • DHCP client options (lease options, hostname, etc…)

  • administrators

    Is it possible that the default setting, when first configured/or when it cannot find a known network, is to provide a WiFi access point as per point 7 with some form of default, part random SSID (like Duet_3456).


  • administrators

    @Carlos:

    What kind of Authentication types will be allowed in the re-write?

    • WPA/WPA-2 (clear text passphrase, hex key, certificates)
    • WPS (send Gcode down to enable WPS for X seconds, press WPS button on home router to pair)

    Something that would be nice (but probably out of scope)

    • mDNS advertising to find your Duet on the network
    • DHCP client options (lease options, hostname, etc…)

    I was planning to support just WPA-2 with clear text passphrase initially. mDNS is certainly possible, but would come later.


  • administrators

    @T3P3Tony:

    Is it possible that the default setting, when first configured/or when it cannot find a known network, is to provide a WiFi access point as per point 7 with some form of default, part random SSID (like Duet_3456).

    The reason I wasn't planning any sort of default access point configuration is that it also requires a default passphrase, which is a security hazard.



  • No mDNS would be a bummer. Would you expect users to set up static IPs?


  • administrators

    I just remembered that mDNS is already implemented, so it will be included.



  • What about if the default access point could be enabled via a jumper/button on the io expansion header? This could be useful for first setup.


  • administrators

    @dc42:

    @T3P3Tony:

    Is it possible that the default setting, when first configured/or when it cannot find a known network, is to provide a WiFi access point as per point 7 with some form of default, part random SSID (like Duet_3456).

    The reason I wasn't planning any sort of default access point configuration is that it also requires a default passphrase, which is a security hazard.

    Does the SAM provide any form of unique ID? The gold solution would be somehting like a wifi router where the part random name and unique random password can be stuck on the board on a sticker.


  • administrators

    @T3P3Tony:

    Does the SAM provide any form of unique ID? The gold solution would be somehting like a wifi router where the part random name and unique random password can be stuck on the board on a sticker.

    Good point, yes it does. How about we generate an SSID and password from them, and also have a gcode that only works when sent from USB or PanelDue to display the generated SSID and password?



  • That sound sounds like a damned good Idea David


  • administrators

    @dc42:

    @T3P3Tony:

    Does the SAM provide any form of unique ID? The gold solution would be something like a wifi router where the part random name and unique random password can be stuck on the board on a sticker.

    Good point, yes it does. How about we generate an SSID and password from them, and also have a gcode that only works when sent from USB or PanelDue to display the generated SSID and password?

    Sounds like a plan, also disable this if the user had configured there own access point or set it to non access point mode.



  • Sounds like a very good list. Are spaces not allowed in passwords in the current firmware? I've received my DuetWiFi, but still probably a week away from setting it up. My home network has (at least one) space in the password.

    John


  • administrators

    I think spaces should be allowed, but I haven't tested it.



  • @T3P3Tony:

    @dc42:

    @T3P3Tony:

    Does the SAM provide any form of unique ID? The gold solution would be something like a wifi router where the part random name and unique random password can be stuck on the board on a sticker.

    Good point, yes it does. How about we generate an SSID and password from them, and also have a gcode that only works when sent from USB or PanelDue to display the generated SSID and password?

    Sounds like a plan, also disable this if the user had configured there own access point or set it to non access point mode.

    so the fact that i can power on my dust knowing i haven't connected it and find it as a hot spot, tell it where i want it to connect. and it just works is so nice.

    what drives me nuts is the fact that i have know idea what the IP is!!!

    so lets say we dont change much on that functionality.
    so, can we set up a password on the SD card, and the other functions still work?

    its one of the most elegant experience to set up, and when you move it.. .well it just pops back up and you do it again. so that function is so grand, i would try not to change that. just my experiences with the Duet.

    Making it more secure is for sure needed. but the ability to set up the way it is now and be able to set its IP would be great.

    I never plug in my duet. I however do have a Panel Due. so for those who only have the Duet, the ability to set it up with out ever interfacing it with a wire… well, that's just a dream. so i vote for trying to keep it that way.

    also, remember that you guys are SMART. so dont forget to program it for us dummy 🙂 KISS principle

    again, thanks for the hard work. i point people all the time to the work here, its really nice to see this kind of progress.

    ~Russ



  • I did not see a default gateway in the list. Wouldn't this be requirred for accessing from different network , aka port forwarding from public Internet / VPN ?

    Regards
    Andreas


  • administrators

    I've included the ability to set the default gateway and netmask when the IP address is set.



  • @dc42:

    I think spaces should be allowed, but I haven't tested it.

    I'm commissioning my printer now (using 1.18) and yes, spaces are working in the WiFi password.


 

Looks like your connection to Duet3D was lost, please wait while we try to reconnect.