Gianni Romano

Members
  • Content Count

    15
  • Joined

  • Last visited

  1. Hello there, I finally solved the issue! For sake of information I explain how I solved it: First the required iptables' rules are (these give access to the remote VPN's machines): * -A FORWARD -i wlan0 -o ppp0 -j ACCEPT * -A POSTROUTING -o ppp0 -j MASQUERADE Then to indicate which IP or range of IPs have to have a different route it is required the usage of policy rules: * open /etc/iproute2/rt_tables and put your entry (ID tablename): 100 my_custom_table * ip rule add from 172.24.1.114/32 table my_custom_table (tells to go to another table other than the main one for the source IP 172.x.x.x) * ip route add 172.24.1.0/24 dev wlan0 table my_custom_table (required to receive packets back from ppp0) * ip route add default via 10.10.10.1 dev ppp0 table my_custom_table (routes packet to the VPN's gateway) Make sure Firewall on the VPN server allows incoming traffic from VPN IPs Tha's all!
  2. Ok so the title can confuse more than it really is! So basically I have a armbian distro configured as NAT where wlan0 is the internal interface and eth0 is the "pubic" interface that provides internet (this set is provided out of the box by armbian-config). My devices connect over wlan0 grabbing an IP, say 172.24.1.114 I have added a VPN to a remote network resulting in the creation of ppp0, with IP 10.10.10.12 Having these info, what I want to achieve is: * Only one IP (e.g. 172.24.1.114) has to always go towards ppp0 (that is all traffic back and forth should go to ppp0, so I can either reach machines and navigate on internet with the remote IP) * All other IPs can normally go towards eth0 Starting from the configured NAT from armbian-config I have added the extra iptables rules: -A FORWARD -s 172.24.1.114/32 -i wlan0 -o ppp0 -j ACCEPT (this is before -A FORWARD -i wlan0-o eth0 -j ACCEPT created by armbian-config) -A POSTROUTING -o ppp0 -j MASQUERADE (order shouldn't impact with -A POSTROUTING -o eth0 -j MASQUERADE created by armbian-config) -A FORWARD -i ppp0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT (just to be sure!) These extra rules + the one from armbian-config seem to work all most well: From 172.24.1.114 client I can see content of a remote web server, say http://10.10.10.20 ( so apparently it goes thru ppp0) From 172.24.1.114 client I can navigate on internet, but unfortunately checking the IP I go out with (using a geo ip website), it still results the one from eth0 All other clients correctly navigate going out thru eth0 So to summarize it, I can now reach the remote network over VPN for that IP but it is not able to navigate thru ppp0 Is there someone that can help me with this since I ran out of ideas? Thanks Gio
  3. Gianni Romano

    bananapi and realtek hostapd problem

    Sometimes it get stuck...it happend the first time after 2 weeks and now really often every second day...could it be the warm?
  4. Gianni Romano

    bananapi and realtek hostapd problem

    So everything seems to work, but... I can only see the AP from smartphone or laptop but not from a PC either using an external dongle or the integrated one.
  5. Gianni Romano

    bananapi and realtek hostapd problem

    Ok so now I am trapped because I have have enbled it again, but file is not there... Another issue comes: the dongle randomly switch off and is no more available! EDIT: I used again armbian-config to disable the AP (when this voice is popping up!) and I reinstalled the AP again; now it seems everything is working properly and also internet access is valid... I will now test the stability of the dongle and of the AP
  6. Gianni Romano

    bananapi and realtek hostapd problem

    Yes that is done over NAT with iptables so bananapi has a wifi AP that is redirecting or should the traffic towards eth0 that is connected to the main router that provides internet access. Anyway I used armbian-config to automatically set the wifi AP and it seems to not work well, because after this problem of connectivity now I get problem with dnsmasq: systemctl status dnsmasq.service ‚óŹ dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/lib/systemd/system/dnsmasq.service; disabled; vendor preset: enabled) Active: failed (Result: exit-code) since Tue 2018-06-19 22:05:19 CEST; 11h ago Process: 805 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=2) Process: 786 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS) Jun 19 22:05:19 bananapi systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server... Jun 19 22:05:19 bananapi dnsmasq[786]: dnsmasq: syntax check OK. Jun 19 22:05:19 bananapi dnsmasq[805]: dnsmasq: failed to create listening socket for 172.24.1.1: Cannot assign requested address Jun 19 22:05:19 bananapi systemd[1]: dnsmasq.service: Control process exited, code=exited status=2 Jun 19 22:05:19 bananapi systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server. Jun 19 22:05:19 bananapi systemd[1]: dnsmasq.service: Unit entered failed state. Jun 19 22:05:19 bananapi systemd[1]: dnsmasq.service: Failed with result 'exit-code'. and surprisingly the content of /etc/network/interfaces.d/armbian.ap.nat disappeared
  7. Gianni Romano

    bananapi and realtek hostapd problem

    What do you mean? Bananapi goes to internet thru eth0 over the main router. The wifi on bananapi is the AP and is not actually routing from wifi dongle to eth0 and thus to internet (thru the main router)
  8. Gianni Romano

    bananapi and realtek hostapd problem

    Ok I have reinstalled armbian and the dongle wifi at this point is UP and RUNNING...I configured the wifi to be AP I can connect thru wifi to the bananapi but no internet connection is available so it is not routing to the eth0 interface... I checked all, ip_forward is 1, rules in iptables are set and the default gateway is the one of the main router.
  9. Gianni Romano

    bananapi and realtek hostapd problem

    Hi sure...I had already the picture of this. I know that steady efforts are always asked when other changes or improvements are coming in. I was just speaking about wifi dongles by the way. Anyway it might be that those wifi dongles I have are well supported as "standard" use of wifi (as client) and it might be that are not well supported to be APs. Anyway thanks for the support. I will first test it with a startech.com wifi dongle that seems to use the same realtek chip of Edimax one to see if it is working and how stable it is. Thanks so far Gianni
  10. Gianni Romano

    bananapi and realtek hostapd problem

    Ok thank you so much... I Will opt for this one although it is a bit too much: Edimax EW-7811UTC Strange that I cannot make my dongles work since I specifically bought those after searching for linux support...
  11. Gianni Romano

    bananapi and realtek hostapd problem

    Ok, which dongle wifi you think if well supported?
  12. Gianni Romano

    bananapi and realtek hostapd problem

    In my humble understand, after I compiled also the realtek driver and always got the same error, is that the armbian kernel has a a glitch somewhere that is preventing rtl8188eu driver from working well... This is not a configuration problem on hostapd or other software, it is really something that is preventing the wifi dongle from being loaded correctly.
  13. Gianni Romano

    bananapi and realtek hostapd problem

    I set it in that file unfortunately same result link for monitor: http://ix.io/1dnw
  14. Gianni Romano

    bananapi and realtek hostapd problem

    I am sorry, but I don't know really the system. This is the output: armbianmonitor -u I have recompiled the latest hostapd 2.6 and applied the realtek patch; the result is the same. dnsmasq is working well. What I have noted is: wlxe8de279f1eae: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 172.24.1.1 netmask 255.255.255.0 broadcast 172.24.1.255 ether e8:de:27:9f:1e:ae txqueuelen 1000 (Ethernet) RX packets 1 bytes 0 (0.0 B) RX errors 0 dropped 6 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 As you can see the wifi device is UP but not RUNNING and I don't know how to fix this...on bananian it was "easy" nevertheless I performed everything on my own.
  15. Hi, I just migrated to armbian freom bananian using exactly the same hardware components (that were working well with bananian) and now after let armbian auto configure the wifi AP with armbian-config, I can see many problems in starting hostad: Can someone give me a hint? Thanks Gio