Raspberry Pi: Wireless Access Point

From Embedded Lab Vienna for IoT & Security
Jump to navigation Jump to search

Summary

This Documentation is a step by step guidance to convert your Raspberry Pi into a Wlan Access Point

Requirements

  • at least a Raspberry Pi 3B+

Description

Step 1: Updating the package repositories of your system

sudo apt update 
sudo apt upgrade

Step 2: Installing the needed packages

Install hostapd, which is an package that allows you to use your raspberry pi as an access point:

sudo apt install hostapd

Install dnsmasq, which allows your Pi to operate as an DHCP and DNS server

sudo apt install dnsmasq

Step 3: Configure the packages

Set up the DNS, DHCP service

sudo nano /etc/dnsmasq.conf

Add the following lines:

# Set active Interfaces
interface=wlan0
# Set passvie Interfaces
no-dhcp-interface=eth0
# Set IPv4 Address range and the leas time 
# The IP doesn't have to be 10.0.5.X you can use an preferred one
# syntax dhcp-range= start of range, end of range, lease time
dhcp-range=10.0.5.100,10.0.5.160,24h
# Setting the dns Server
dhcp-option=option:dns-server,10.0.5.1

Test the DHCP service configuration

dnsmasq --test -C /etc/dnsmasq.conf

Restart the DHCP service to apply changes

sudo systemctl restart dnsmasq
sudo systemctl status dnsmasq

Set dnsmasq as an startup service

sudo systemctl enable dnsmasq

Create a static IPv4 address for wlan0

sudo nano /etc/dhcpcd.conf

add the following lines

interface wlan0
   static ip_address=10.0.5.1/24
   nohook wpa_supplicant

and reboot your system

sudo reboot

Note: The wlan0 IP address has to be the same as the dns address in the dnsmasq.conf file

Set up the WLAN-AP-Host service

sudo nano /etc/hostapd/hostapd.conf

This file shloud not be existen by now and there fore it should be empty by now. Insert the following lines and modfiy them as needed.

# Interface and Driver
interface=wlan0
#driver=nl80211

# WLAN-Configuration
ssid=<Insert Wland Router Name Here>
channel=1
hw_mode=g
ieee80211n=1
ieee80211d=1
country_code=DE
wmm_enabled=1

# WLAN-Encryption
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
wpa_passphrase=<Insert Password Here>

Change the UNIX permissions of the hostapd.conf file

sudo chmod 600 /etc/hostapd/hostapd.conf

Test the hostapd configuration

sudo hostapd -dd /etc/hostapd/hostapd.conf

The configuraten is valid if you see the following lines

...
wlan0: interface state COUNTRY_UPDATE->ENABLED
...
wlan0: AP-ENABLED
...

Exit the debug mode with STRG + C

Configure hostapd to be an daemon background process

sudo nano /etc/default/hostapd

and add the following lines

RUN_DAEMON=yes
DAEMON_CONF="/etc/hostapd/hostapd.conf"

Start hostapd with the configuration and set it up as an startup service

sudo systemctl unmask hostapd
sudo systemctl start hostapd
sudo systemctl enable hostapd

Allow NAT routing to between eth0 and wlan0

Enable IPv4 Routing permanently: Open /etc/sysctl.conf

sudo nano /etc/sysctl.conf

and uncomment or add the following line of code

net.ipv4.ip_forward=1

Creating a iptable entry for NAT routing

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE


Persist the iptbales rules:

Install iptables-persistent and choose to save the current settings in the install process

sudo apt-get install iptables-persistent

Used Hardware

Raspberry Pi 3B+

References