Jump to content

How to configure as WISP Client ?


ayyeah

Recommended Posts

I plan to implement this function to armbian-config, but until then, check this working example. Except for an extra wireless AP, this is what you want and it can be little simplified since you don't need a bridge when using a single adaptor.

 

/etc/network/interfaces

Spoiler

auto lo
iface lo inet loopback

allow-hotplug eth0
iface eth0 inet manual

allow-hotplug wlx7cdd905518f9
iface wlx7cdd905518f9 inet manual

allow-hotplug br0
auto br0
iface br0 inet static
address 172.24.1.1
netmask 255.255.255.0
network 172.24.1.0
broadcast 172.24.1.255

bridge_ports eth0 wlx7cdd905518f9

 

 

 

/etc/dnsmasq.conf (you need to install dnsmasq)

Spoiler

interface=br0                           # Use bridge interface br0
listen-address=172.24.1.1               # Explicitly specify the address to listen on
bind-interfaces                         # Bind to the interface to make sure we aren't sending things elsewhere
server=8.8.8.8                          # Forward DNS requests to Google DNS
domain-needed                           # Don't forward short names
bogus-priv                              # Never forward addresses in the non-routed address spaces
dhcp-range=172.24.1.50,172.24.1.150,12h # Assign IP addresses between 172.24.1.50 and 172.24.1.150 with a 12 hour lease time

 

 

 

 /etc/iptables.ipv4.wlan.nat # add this to rc.local right before exit0: iptables-restore < /etc/iptables.ipv4.wlan.nat 

Spoiler

# Generated by iptables-save v1.6.0 on Thu Jul  6 18:23:43 2017
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A FORWARD -i wlan0 -o br0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i br0 -o wlan0 -j ACCEPT
COMMIT
# Completed on Thu Jul  6 18:23:43 2017
# Generated by iptables-save v1.6.0 on Thu Jul  6 18:23:43 2017
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o wlan0 -j MASQUERADE
COMMIT
# Completed on Thu Jul  6 18:23:43 2017

 

 

 

Edit and enable net.ipv4.ip_forward=1 in /etc/sysctl.conf

 

We have two wireless adapters, one (wlan0) is connected to the internet via nmcli-connect. That's why it's not in a interfaces config, but you can add it there and forget about Network manager role. The other wireless adaptor acts as an AP and it's optional for this setup since it's a part of a bridge, together with ethernet. There, on the bridge br0, a DHCP service is giving IP addresses and iptables are here to provide masquerading.

 

Remember that access to the machine is possible from both networks.

 

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Terms of Use - Privacy Policy - Guidelines