sudo apt-get update
sudo apt-get upgrade
sudo apt install hostapd
sudo apt install dnsmasq
sudo apt install -y netfilter-persistent iptables-persistent
sudo nano /etc/network/interfaces
auto wlan0
iface wlan0 inet static
address 192.168.2.73
netmask 255.255.255.0
sudo nano /etc/dhcpcd.conf
interface wlan0
static ip_address=192.168.2.1/24
static domain_name_servers=8.8.8.8 8.8.4.4
nohook wpa_supplicant
sudo nano /etc/sysctl.conf
net.ipv4.ip_forward=1
Allow traffic between clients on the wireless network and the internet by substituting the IP address of wireless clients with the IP address on the LAN using a "masquerade" firewall rule
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
sudo netfilter-persistent save
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.backup
sudo nano /etc/dnsmasq.conf
Use tun0
instead of eth0
to redirect traffic through the VPN tunnel
interface=wlan0
server=8.8.8.8
dhcp-range=192.168.2.2,192.168.2.150,255.255.255.0,24h
domain=wlan
sudo rfkill unblock wlan
sudo nano /etc/hostapd/hostapd.conf
country_code=GB
interface=wlan0
ssid=dmcom-vpn
hw_mode=g
channel=7
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=passphrase
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
sudo nano /etc/default/hostapd
sudo systemctl stop hostapd
sudo systemctl unmask hostapd
sudo systemctl enable hostapd
DAEMON_CONF="/etc/hostapd/hostapd.conf"
sudo ifconfig wlan0 up
sudo hostapd /etc/hostapd/hostapd.conf
cd ~
touch network.sh
chmod +700 network.sh
sudo nano ~/network.sh
expressvpn connect esba2
sudo hostapd /etc/hostapd/hostapd.conf
crontab -e
@reboot ~/network.sh /dev/null 2>&1`
expressvpn protocol tcp
expressvpn preferences set network_lock off