If you've ever wanted a secondary Wi-Fi network, use this project to find out how to do so with a Raspberry Pi 3!
Ever needed to create a secondary Wi-Fi network in addition to your primary network? You may need an internal network that is cut off from the internet, for example, to exchange files within a small company, and so on.
The simplest solution is to create what is called a hotspot, a private network that you can control and your users can use to connect to access the internet. In this tutorial, letâs see how we can use a Raspberry Pi to create our own homemade hotspot in less than 10 minutes!
Raspberry Pi network diagram
The Raspberry Pi can be used as a wireless access point to run a separate network. This can be done using the built-in wireless capabilities of the Raspberry Pi 3 or Raspberry Pi Zero W, or using a suitable USB wireless dongle that supports access points.
Please note that this project has been tested on the Raspberry Pi 3. If you are using a USB wireless dongle instead of the Pi 3, you will have to search the forums for troubleshooting.
To work as an access point, the Raspberry Pi will need to install access point software and DHCP server software to provide network addresses for connected devices. Make sure your Raspberry Pi is using the latest version of Raspbian (2017 or later).
Getting Started
Collect your hardware:
- Raspberry Pi 3
- microSD Card Loaded with Raspbian
- Some input devices: keyboard, mouse and HDMI Display
Use the following to update your Raspbian installation:
- sudo apt-get update
- sudo apt-get upgrade
Install all the required software in one go with this command:
sudo apt-get install dnsmasq hostapd
Since the configuration files are not ready yet, stop running the new software as follows:
- sudo systemctl stop dnsmasq
- sudo systemctl stop hostapd
Configure the Static IP
We are configuring a separate network as a server, so the Raspberry Pi needs to assign a static IP address to the wireless port. Assuming that we use the standard 192.168.x.x IP address for our wireless network, we will assign the server an IP address of 192.168.4.1., also assuming that the wireless device being used is wlan0.
To configure a static IP address, use the following command to edit the dhcpcd configuration file:
sudo nano /etc/dhcpcd.conf
Go to the end of the file and edit it so that it looks like the following:
- interface wlan0
- static ip_address=192.168.4.1/24
Now restart the dhcpcd daemon and set up the new wlan0 configuration:
sudo service dhcpcd restart
Configuring the DHCP Server (dnsmasq)
The DHCP service is provided by dnsmasq. By default, the configuration file contains a lot of information that is not needed, and it is easier to start from scratch. Rename this configuration file, and edit a new one:
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo nano /etc/dnsmasq.conf
Type or copy the following information into the dnsmasq configuration file and save it:
interface=wlan0 # Use the require wireless interface - usually wlan0
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h
So for wlan0, we are going to provide IP addresses between 192.168.4.2 and 192.168.4.20, with a lease time of 24 hours. If you are providing DHCP services for other network devices (e.g., eth0), you could add more sections with the appropriate interface header, with the range of addresses you intend to provide to that interface.
There are many more options for dnsmasq. See the dnsmasq documentation for more details.
Configuring the Access Point Host Software (hostapd)
You need to edit the hostapd configuration file, located at /etc/hostapd/hostapd.conf, to add the various parameters for your wireless network. After initial install, this will be a new/empty file.
sudo nano /etc/hostapd/hostapd.conf
Add the information below to the configuration file. This configuration assumes we are using channel 7, with a network name of NameOfNetwork, and a password AardvarkBadgerHedgehog. Note that the name and password should not have quotes around them. The passphrase should be between 8 and 64 characters in length.
interface=wlan0driver=nl80211ssid=AnyNamehw_mode=gchannel=7wmm_enabled=0macaddr_acl=0auth_algs=1ignore_broadcast_ssid=0wpa=2wpa_passphrase=Passwordwpa_key_mgmt=WPA-PSKwpa_pairwise=TKIPrsn_pairwise=CCMP
We now need to tell the system where to find this configuration file.
sudo nano /etc/default/hostapd
Find the line with #DAEMON_CONF, and replace it with this:
DAEMON_CONF="/etc/hostapd/hostapd.conf"
Start It Up!
Now start up the remaining services:
sudo systemctl start hostapd
sudo systemctl start dnsmasq
Add Routing And Masquerade
Edit /etc/sysctl.conf and uncomment this line:
sudo nano /etc/sysctl.conf
net.ipv4.ip_forward=1
Add a masquerade for outbound traffic on eth0:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Hit Enter and Save the iptables rule:
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"
Edit/etc/rc.local and add this just above "exit 0" to install these rules on boot:
sudo nano /etc/rc.local
iptables-restore < /etc/iptables.ipv4.nat
Reboot the System
Next, you need to reboot your system with this command:
sudo nano reboot
Once that is complete, use a wireless device to search for networks. The network SSID you specified in the hostapd configuration should now be present, and it should be accessible with the specified password.
If SSH is enabled on the Raspberry Pi access point, it should be possible to connect to it from another Linux box (or a system with SSH connectivity present) as follows, assuming the Pi account is present:
ssh [email protected]
The Raspberry Pi is now Your Access Point!
At this point, the Raspberry Pi is acting as an access point, and other devices can associate with it. Associated devices can access the Raspberry Pi access point via its IP address for operations such as rsync, scp, or ssh.