Skip to content

Instantly share code, notes, and snippets.

@doktor500

doktor500/wifi-rpi.md

Last active February 7, 2021 19:09
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save doktor500/6f78e7578960d068e9bf8e16463f97ee to your computer and use it in GitHub Desktop.
Save doktor500/6f78e7578960d068e9bf8e16463f97ee to your computer and use it in GitHub Desktop.
Download ZIP
Setup WiFi AP in RPi
Raw
wifi-rpi.md

Setup WiFi AP in RPi

Install packages
sudo apt-get update
sudo apt-get upgrade

sudo apt install hostapd
sudo apt install dnsmasq
sudo apt install -y netfilter-persistent iptables-persistent
Define the wireless interface static ip

sudo nano /etc/network/interfaces

auto wlan0
iface wlan0 inet static
 	address 192.168.2.73
 	netmask 255.255.255.0
Define the wireless interface configuration

sudo nano /etc/dhcpcd.conf

interface wlan0
	static ip_address=192.168.2.1/24
	static domain_name_servers=8.8.8.8 8.8.4.4
	nohook wpa_supplicant
Set up traffic forwarding to the ethernet interface

sudo nano /etc/sysctl.conf

net.ipv4.ip_forward=1
Allow traffic between clients on the wireless network and the internet by substituting the IP address of wireless clients with the IP address on the LAN using a "masquerade" firewall rule
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
sudo netfilter-persistent save

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.backup
sudo nano /etc/dnsmasq.conf

Use tun0 instead of eth0 to redirect traffic through the VPN tunnel

Configure the DHCP and DNS services for the wireless network
interface=wlan0
server=8.8.8.8
dhcp-range=192.168.2.2,192.168.2.150,255.255.255.0,24h
domain=wlan
Ensure 5 GHz wireless networking is enabled

sudo rfkill unblock wlan

Configure the access point software

sudo nano /etc/hostapd/hostapd.conf

country_code=GB
interface=wlan0
ssid=dmcom-vpn
hw_mode=g
channel=7
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=passphrase
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

sudo nano /etc/default/hostapd

Enable the access point software
sudo systemctl stop hostapd
sudo systemctl unmask hostapd
sudo systemctl enable hostapd
Link the configuration from the default hostapd file
DAEMON_CONF="/etc/hostapd/hostapd.conf"
Start wlan network

sudo ifconfig wlan0 up

Start access point software
sudo hostapd /etc/hostapd/hostapd.conf
Create setup to execute vpn, wlan and the access point on startup
cd ~
touch network.sh
chmod +700 network.sh

sudo nano ~/network.sh

expressvpn connect esba2
sudo hostapd /etc/hostapd/hostapd.conf

crontab -e

@reboot ~/network.sh /dev/null 2>&1`
Configure expressvpn
expressvpn protocol tcp
expressvpn preferences set network_lock off
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment