BPI-R2 Debian 10 Access Point Routing issues

I am unable to ping through the BPI-R2 ac0 and reach my DSL Rounter

  • you cannot ping dsl-router (or its clients) from ap0-client?
  • ap0-client is pingable from dsl-router-client?

Basicly it’s the same way because both are bidirectional (1 packet to target,1 packet back). So it look like a firewall-problem (i guess on dsl-router which blocks traffic coming from nets not directly connected and no responses to previous requests). Try to get firewall settings

you cannot ping dsl-router (or its clients) from ap0-client? YES Correct

ap0-client is pingable from dsl-router-client? YES Correct

As for DSL Router Firewall Rules the only rule is set to :slight_smile:

Action = Always Allow

LAN Users = Any

WAN Servers = Any

Above Rule is enabled

Now the R2 lan0 port I do have set as a static IP i cant see that being a problem especially since I am able to ping from client to client both ways

It is not a problem with lan0-ip,but good to have it static now (because of static route).

You could try to setup nat/pat on lan0 to fix firewall-issue. So all traffic coming from r2 have lan0-ip.

/sbin/iptables -t nat -A POSTROUTING -o lan0 -j MASQUERADE

Thats the problem with out-of-the-box routers…we do not know what firewall really does…

I agree thats the issue with out of the box routers, thats why initially i want to make the BPI-R2 the DSL Router but didnt realize there hadnt been enough or anything done in that direction.

Frank I had a couple of Raspberry Pi’s sitting around so I took an old RaspberryPi 3 Model B and was able to get it up as an Access Point “sharing the Internet” by performing the following steps:


Setting up a Raspberry Pi as an access point in a standalone network (NAT)

The Raspberry Pi can be used as a wireless access point, running a standalone network. This can be done using the inbuilt wireless features of the Raspberry Pi 3 or Raspberry Pi Zero W, or by using a suitable USB wireless dongle that supports access points.

Note that this documentation was tested on a Raspberry Pi 3, and it is possible that some USB dongles may need slight changes to their settings. If you are having trouble with a USB wireless dongle, please check the forums.

To add a Raspberry Pi-based access point to an existing network, see this section.

In order to work as an access point, the Raspberry Pi will need to have access point software installed, along with DHCP server software to provide connecting devices with a network address.

To create an access point, we’ll need DNSMasq and HostAPD. Install all the required software in one go with this command:

sudo apt install dnsmasq hostapd

Since the configuration files are not ready yet, turn the new software off as follows:

sudo systemctl stop dnsmasq
sudo systemctl stop hostapd

Configuring a static IP

We are configuring a standalone network to act as a server, so the Raspberry Pi needs to have a static IP address assigned to the wireless port. This documentation assumes that we are using the standard 192.168.x.x IP addresses for our wireless network, so we will assign the server the IP address 192.168.4.1. It is also assumed that the wireless device being used is wlan0 .

To configure the static IP address, edit the dhcpcd configuration file with:

sudo nano /etc/dhcpcd.conf

Go to the end of the file and edit it so that it looks like the following:

interface wlan0
    static ip_address=192.168.4.1/24
    nohook wpa_supplicant

Now restart the dhcpcd daemon and set up the new wlan0 configuration:

sudo service dhcpcd restart

Configuring the DHCP server (dnsmasq)

The DHCP service is provided by dnsmasq. By default, the configuration file contains a lot of information that is not needed, and it is easier to start from scratch. Rename this configuration file, and edit a new one:

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
sudo nano /etc/dnsmasq.conf

Type or copy the following information into the dnsmasq configuration file and save it:

interface=wlan0      # Use the require wireless interface - usually wlan0
dhcp-range=192.168.4.2,192.168.4.20,255.255.255.0,24h

So for wlan0 , we are going to provide IP addresses between 192.168.4.2 and 192.168.4.20, with a lease time of 24 hours. If you are providing DHCP services for other network devices (e.g. eth0), you could add more sections with the appropriate interface header, with the range of addresses you intend to provide to that interface.

There are many more options for dnsmasq; see the dnsmasq documentation for more details.

Reload dnsmasq to use the updated configuration:

sudo systemctl reload dnsmasq

Configuring the access point host software (hostapd)

You need to edit the hostapd configuration file, located at /etc/hostapd/hostapd.conf, to add the various parameters for your wireless network. After initial install, this will be a new/empty file.

sudo nano /etc/hostapd/hostapd.conf

Add the information below to the configuration file. This configuration assumes we are using channel 7, with a network name of NameOfNetwork, and a password AardvarkBadgerHedgehog. Note that the name and password should not have quotes around them. The passphrase should be between 8 and 64 characters in length.

To use the 5 GHz band, you can change the operations mode from hw_mode=g to hw_mode=a. Possible values for hw_mode are:

  • a = IEEE 802.11a (5 GHz)
  • b = IEEE 802.11b (2.4 GHz)
  • g = IEEE 802.11g (2.4 GHz)
  • ad = IEEE 802.11ad (60 GHz)
interface=wlan0
driver=nl80211
ssid=NameOfNetwork
hw_mode=g
channel=7
wmm_enabled=0
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=AardvarkBadgerHedgehog
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

We now need to tell the system where to find this configuration file.

sudo nano /etc/default/hostapd

Find the line with #DAEMON_CONF, and replace it with this:

DAEMON_CONF="/etc/hostapd/hostapd.conf"

Start it up

Now enable and start hostapd :

sudo systemctl unmask hostapd
sudo systemctl enable hostapd
sudo systemctl start hostapd

Do a quick check of their status to ensure they are active and running:

sudo systemctl status hostapd
sudo systemctl status dnsmasq

Add routing and masquerade

Edit /etc/sysctl.conf and uncomment this line:

net.ipv4.ip_forward=1

Add a masquerade for outbound traffic on eth0:

sudo iptables -t nat -A  POSTROUTING -o eth0 -j MASQUERADE

Save the iptables rule.

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

Edit /etc/rc.local and add this just above “exit 0” to install these rules on boot.

iptables-restore < /etc/iptables.ipv4.nat

Reboot and ensure it still functions.

Using a wireless device, search for networks. The network SSID you specified in the hostapd configuration should now be present, and it should be accessible with the specified password.

If SSH is enabled on the Raspberry Pi access point, it should be possible to connect to it from another Linux box (or a system with SSH connectivity present) as follows, assuming the pi account is present:

ssh pi@192.168.4.1

__________________________________________________________________________________

Now with that being said I should be able to do the same to the BananaPi-R2 correct? The only thing i question is there is no /etc/dhcpcd.conf already created on the BananaPi-R2  this can be created and utilized merely by following the steps above correct? There is no over riding setup as for the reason of not haveing a /etc/dhcpcd.conf is there?

-Brian-
  • Do not use wpa_supplicant because wifi-driver has issues with it => uninstall it
  • do not use any bootup/daemon-mode,because ap0 has to be created with wmt-tools

except these you can use this steps. For dhcpd.conf you may need install any dhcp-daemon…but you can use dnsmasq here…you find infos for it in my wiki