If you have a wifi LAN card / USB adapter, then you can use it as an access point so that other machines can connect to the internet via your machine using Wifi. The process is fairly simple, but requires you to have a compatible set of drivers which allow a wifi lan card to come into “Master” mode.
It didn’t work well for
- Linksys WUSB54GC v3 USB adapter. Till Ubuntu 10.04, there were no good drivers for use with hostapd (supporting mac80211 / nl80211). In Ubuntu 10.10, though the drivers were working, but the connection was highly unstable – in fact unusable. The drivers that I tried were rt2800usb (which allowed the adapter to come into Master mode), and rt2870sta which didn’t allow the adapter to come into “Master” mode. It always remained “Auto” or “Managed” (checked via iwconfig). Need to test in 11.04 when it arrives.
What worked pretty well
- 02:00.0 Ethernet controller: Atheros Communications Inc. AR5001 Wireless Network Adapter (rev 01), using ath5k drivers. hostapd didn’t complain at all and all was smooth. This was in Ubuntu 10.04.
Concept
- There’s an application called hostapd which allows converting a wifi adapter into an access point and provide privileges such as WPA authentication and ssid name definition etc. I used it and it worked well.
- When a client connects to the access point, apart from authentication it’ll require IP addresses to be assigned. For that a DHCP server is used.
- You need to have 2 interfaces, one which accesses the net (e.g. eth0), and other which provides the access point services (e.g. wlan0).
- You start the wlan interface, assign it an IP address, start the dhcp server, setup firewall/nat and start hostapd. That’s all to it. Your devices would be able to use the wifi adapter as the access point.
Procedure
apt-get install dhcp3-server hostapd
Modify /etc/hostapd/hostapd.conf and put the following
interface=wlan0 driver=nl80211 ssid=MyAP hw_mode=g channel=11 wpa=1 wpa_passphrase=MyPasswordHere wpa_key_mgmt=WPA-PSK wpa_pairwise=TKIP CCMP wpa_ptk_rekey=600
The dhcpd.conf section in /etc/dhcp3/dhcpd.conf would have something like the following
subnet 10.10.0.0 netmask 255.255.255.0 {
range 10.10.0.25 10.10.0.50;
option domain-name-servers 8.8.4.4, 208.67.222.222;
option routers 10.10.0.1;
}
Modify /etc/default/dhcp3-server
INTERFACES="wlan0"
Check what name your adapter got via iwconfig. You can change the name also and make it persistent via /etc/udev/rules.d/70-persistent-net.rules so that it always gets a single type of name. In our example we’re assuming wlan0, but it could be changed. Make necessary changes in your configuration too.
Configure the new interface
ifconfig wlan0 10.10.0.1
The above could also be done in a better way via the /etc/network/interfaces file, but didn’t try it out. In any case if you shutdown hostapd, the network interface (wlan0) loses its address, so need to put a script which assigns it again before hostapd is started. An example could be
iface wlan0 inet static address 10.10.0.1 netmask 255.255.255.0
Restart the dhcp3-server. It should now be ready to serve addresses and is also bound to the network interface too.
Allow ip masquerading
echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Now start hostapd and see the messages that it shows
hostapd -dd /etc/hostapd/hostapd.conf
Wait for a few seconds, it should show some probes being done by other wifi devices. If it shows, then probably you’re in good luck.
Now try to connect via your device to this access point. It should work.
To make this work on boot, can put the relevant config in /etc/default/hostapd
RUN_DAEMON="yes" DAEMON_CONF="/etc/hostapd/hostapd.conf" DAEMON_OPTS="-dd"
and also put the firewall rules in /etc/rc.local (make sure its executable).
Remember – if you shutdown your hostapd, the network card would lose its address. So you have to assign that again before starting hostapd. The usual practice would be
- Stop hostapd
- Stop dhcp server
- Restart network (or rather ifup wlan0 / ifconfig wlan0 10.10.0.1 would do)
- Restart dhcp server
- Start hostapd
Miscellaneous
- You can check the wifi interfaces via
iwconfig
- To set a wifi adapter into master mode, try the following. If it doesn’t work and shows an error that it’s not possible or something, fret not – use hostapd as that’ll do that in any case.
iwconfig wlan0 mode Master
- Network Manager could create issues, though in my test environment – instead of using an ethernet interface, I used two wlan interfaces, one being controlled by Network Manager for internet access, and other for making it an access point.
- modprobe -r ath5k / modprobe -r rt2800usb etc. is to be used for unloading the modules.
- If you wish to proceed without using authentication so that you can test it easy, then put the following in /etc/hostapd/hostapd.conf
interface=wlan0 driver=nl80211 ssid=MyAP hw_mode=g channel=11
Vivek's blog 
Vivek thanks a *lot* for this great how-to. I have tried a handful of others but this one is the first that worked for me. I hope it will go up in the search results of $SEARCH-ENGINE so that others can save all the time that I lost with outdated information before I found your page 😉
Robert
Am glad you found it useful. What wlan card/drivers did you use?
Hi
Are you aware of any usb device that can work in master mode or as an access point in linux?
Some time ago I did a deep research and could not find anyone reporting success with any usb device. Perhaps drivers grew up and now it is possible. That would be nice.
Regards
I’m afraid I cannot say which USB adapter would work. In any case it would vary from country to country so maybe you can take a laptop with ubuntu 11.04 to a shop and try and attach different adapters to see if they work.
Hi Vivek
I don’t think it has anything to do with countries. Depending of the chipset some pci devices work and some don’t work. I guess not any usb devices work yet.
I remember someone was working in a driver for a ralink chipset. I wish him the best.
Regards
Yes it shouldn’t, but at least here it’s about availability of that particular chipset. Unless you’re ordering of ebay, you are limited to only what’s available in the market. That’s what I did while I got my Linksys Adapter.
http://www.usbwifi.orconhosting.net.nz/ has some instructions on extending the range of wifi via USB adapters though not sure if they mean it as an AP. Maybe you can check that out and see if any devices are listed.
Thanks.
It seems like a good article. But I’m afraid they don’t talk about linux.
I wish to be wrong. Hotspot’s with usb devices are one of the few thinngs one can do with windows but not yet with linux.
Hey xmz – Check this out. May help
http://forums.gentoo.org/viewtopic-t-873901-start-0.html
To summarize
D-Link dwa160 rev A2 and the driver carl9170
Many thanks Viveck,
This carl9170 new driver seems to offer a quite interesting bunch of nice features.
And there are several devices using thae Atheros AR9170 chipset.
http://wireless.kernel.org/en/users/Drivers/carl9170
I have to check for the most convenient, I mean high power transmission, changeable antennas, and affordable price.
Regards
The AR9170 chip is quite old by now. I would instead give a try at the newest linux driver http://wireless.kernel.org/en/users/Drivers/ath9k_htc which has support for Access Point. This chipset is already used in quite a good bunch of devices http://wireless.kernel.org/en/users/Drivers/ath9k_htc/devices
Nice post, ask permission to post/translate to my blog
Thank you. Please go ahead on posting/translating it on your blog.
Hi Vivek, this is a great tutorial and the first one that worked for me. Thank You.
I have a question. This method is great if we have Ethernet as the connection source. I have a reliance mobile broadband connection that comes up as ppp0 in my ifconfig results. Is there a way I can use the mobile broadband to be the internet source for my wifi ? Any help in the matter would be appreciated.
Thank You very much
—
Ikram
@Ikramjit – ppp0 would only come up when you’re connected. The simplest solution here would be to keep everything as is (that is have eth0 serve the IP addresses via DHCP), but make a minor change in the firewall/NAT.
So in the iptables script above, you can instead do this
iptables -t nat -F # just to flush nat rules as you'll be running it multiple timesecho "1" > /proc/sys/net/ipv4/ip_dynaddr
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
You may have to run it every time when a ppp0 connection is established, or you can put it inside /etc/ppp/ip-up.d so that it automatically runs. I’ve not tried the above, so if you can try it out and see if it works and update here.
Thank you.
can you please explain a little bit more on this..?? everything else works ok but DHCP.. need urgent help in this.
Thank you
add to /etc/dhcp3/dhcpd.conf to description of the subnet this:
“interface wlan0;”
if your iface for dhcp is wlan0
Hi Vivek,
I’ve tried this on Ubuntu 11.04 Live CD, ofcourse with a few modification due to new implementation of dhcp & it works. I’d like to try sharing the ppp0 or mobile broadband connection into the wifi-access-point. Thanks for your blog I will have a back-up 3G wifi-router soon.
@Redd – glad it worked for you. As for using ppp0, you may refer to one of the comments in this page (to @Ikramjit) and see if you can make it functional.
Hi Vivek,
Thank you once again it work for me. I’d like to ask if it’s possible if you can share the internet from ppp0 both in wlan & eth0 of the same machine to other pc or switch hub?
Thank you.
Regards,
Redd
@Redd – I think it should be possible. There are two interfaces wlan0 and eth0 and I think once you setup masquerading (iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE) for ppp0, then it should be accessible both via wlan0 and eth0.
I’ve not personally tried it, but I don’t see any reason for it to not work. Of course the gateway that you use in the other pc/client machine should be your main Internet machine’s wlan0 or eth0’s IP.
Oh great, how about the settings the in /etc/default/dhcp3-server, how can I set the DHCP to serve the wlan0 and eth0? I have read some blog they bridged (br0) the eth0 & wlan0. I’ve tried setting the INTERFACES=br0 on /etc/default/dhcp3-server but it didn’t work. Please help. Thank you for your quick response.
Regards,
Redd
@Redd – bridging wouldn’t work reliably between a wlan and ethernet connection. It’s more suited towards ethernet connections only (e.g. eth0 & eth1) unless ofcourse your Wireless card allows bridging (you’d have to google that, but usually wireless cards don’t allow bridging).
I wouldn’t be able to test it, but it shouldn’t be difficult to change dhcp config in /etc/default/dhcp3-server to make it listen to both wlan0 & eth0 so that IP addresses can be assigned easily.
Hi Vivek
Here are my config:
ifconfig wlan0 192.168.0.1 netmask 255.255.255.0 up
ifconfig eth0 10.152.187.1 netmask 255.255.255.0
Below is the config for the /etc/dhcp/dhcpd.conf
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.25 192.168.0.50;
option domain-name-servers 8.8.4.4, 208.67.222.222;
option routers 192.168.0.1;
}
subnet 10.152.187.0 netmask 255.255.255.0 {
range 10.152.187.25 10.152.187.50;
option domain-name-servers 8.8.4.4, 208.67.222.222;
option routers 10.152.187.1;
}
Other Config I put:
echo “1” > /proc/sys/net/ipv4/ip_dynaddr
echo “1” > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
I was able to start the DHCP server, below is the config:
INTERFACES=”wlan0 eth0″
Scenario:
When I tried connecting to the wifi I was able to browse. But when I connected the laptop’s eth0 to the eth0 of my server I can’t browse both on my laptop & on my desktop (server), (I tried cross & straight cable). Any additional config I need to add or change? Please help. Thank you.
Regards,
Redd
@Redd – do you get the IP Addresses assigned from DHCP? What if you assign a static IP Address to the server and try pinging. I think first you’d need to resolve the connectivity between your two machines. Only after that the access point testing can happen.
At first. Thanks a log great tutorial, however on Ubuntu 11.04
the setting folder changed due to deprecation of dhcp3-server.
Configuration file for dhcpd.conf is now is placed here:
/etc/dhcp/dhcpd.conf
and the dhcp3-server itself is renamed to:
/etc/init.d/isc-dhcp-server
Secondly I wanted to ask for help.
Do you know any reason why this tutorial work for me
with no wpa authentication and
with wpa authentication I cannot see the hot spot and following
output is created by hostapd.
PSK (from passphrase) – hexdump(len=32): a1 92 10 7b 32 …. b2 f3 d9 ef 2f 48 30 9d c4 7f fd 58 84 c6 6e f7 56
WPA: group state machine entering state GTK_INIT (VLAN-ID 0)
GMK – hexdump(len=32): [REMOVED]
GTK – hexdump(len=32): [REMOVED]
WPA: group state machine entering state SETKEYSDONE (VLAN-ID 0)
wlan0: Setup of interface done.
MGMT (TX callback) ACK
MGMT (TX callback) ACK
unknown mgmt cb frame subtype 4
.
.
.
MGMT (TX callback) ACK
unknown mgmt cb frame subtype 4
Malformed netlink message: len=992 left=256 plen=976
256 extra bytes in the end of netlink message
Wireless event: cmd=0x8b19 len=8
Malformed netlink message: len=992 left=256 plen=976
256 extra bytes in the end of netlink message
l2_packet_receive – recvfrom: Network is down
Wireless event: cmd=0x8b06 len=8
Thank you in advance for your responce
PS: Can you please send me the response to “ondrej dot platek at seznam dot cz” too?
Thanks
@ondrej – I’m afraid I’m not sure why the error is appearing. It could possibly be
– a hostapd issue, and thus maybe you’d need to do hostapd related searches or upgrade hostapd version/compile yourself, or
– driver issue for your wlan card, and thus either you could try a different driver (maybe try with Ubuntu 11.10) or a different wlan card for testing and see if it works there.
– maybe try with wpa-psk + tkip instead of wpa2, or start with WEP, then WPA
That’s what I can suggest at this stage. Let us know what works. Thanks.
I finally got it working after Upgrade to (L)Ubuntu 11.10. Probably the driver in 11.04 caused the problems with wpa.
So thanks again for great howto and for your support
I published the configuration that I followed according this guide at http://oplatek.wordpress.com/ could you grant me the permissions to let it there (because it’s based on your tutorial) or let me know to delete it(via email, or comment on it there.
Vivek,
Thanks for the awesome how-to. It took me flat 15 mins to set-up my Ubuntu 11.04 Netbook as wifi AP 🙂
I am using GPRS/3G dongle to connect to the net and I am able to share this connection with minor changes in iptables rule.
Now it’s working with WPA and I will configure further for WPA2 with MAC filter for better security.
Thanks for putting together such a great how-to.
@Dinesh – glad it worked for you. Can you post your iptables settings through which it was made possible? Maybe it would be of help to the readers. Thank you.
Cisco-Linksys WUSBF54G Wireless-G USB Network Adapter with Wi-Fi Finder | Wifi Camera Direct
Hi Vivek,
thanks for your tutorial, it works for my setup (ubuntu 10.10 k 2.6.35.28 atheros card driver ath9k) with a little problem: the authentication goes wrong.
I configured hostapd without security for testing and daemon says (when I try to connect from my phone)
unknown vendor specific information element ignored (vendor OUI 00:10:18 len=9)
STA 34:c3:ac:ea:52:b5 sent probe request for our SSID
MGMT (TX callback) ACK
mgmt::proberesp cb (seven times)
mgmt::auth
authentication: STA=34:c3:ac:ea:52:b5 auth_alg=0 auth_transaction=1 status_code=0 wep=0
New STA
wlan0: STA 34:c3:ac:ea:52:b5 IEEE 802.11: authentication OK (open system)
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-AUTHENTICATE.indication(34:c3:ac:ea:52:b5, OPEN_SYSTEM)
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-DELETEKEYS.request(34:c3:ac:ea:52:b5)
authentication reply: STA=34:c3:ac:ea:52:b5 auth_alg=0 auth_transaction=2 resp=0 (IE len=0)
MGMT (TX callback) ACK
mgmt::auth cb
wlan0: STA 34:c3:ac:ea:52:b5 IEEE 802.11: authenticated
MGMT
mgmt::assoc_req
association request: STA=34:c3:ac:ea:52:b5 capab_info=0x421 listen_interval=10
unknown vendor specific information element ignored (vendor OUI 00:10:18 len=9)
new AID 1
wlan0: STA 34:c3:ac:ea:52:b5 IEEE 802.11: association OK (aid 1)
MGMT (TX callback) ACK
mgmt::assoc_resp cb
wlan0: STA 34:c3:ac:ea:52:b5 IEEE 802.11: associated (aid 1)
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-ASSOCIATE.indication(34:c3:ac:ea:52:b5)
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-DELETEKEYS.request(34:c3:ac:ea:52:b5)
wlan0: STA 34:c3:ac:ea:52:b5 RADIUS: starting accounting session 4ECA944E-00000001
MGMT
mgmt::disassoc
disassocation: STA=34:c3:ac:ea:52:b5 reason_code=8
wlan0: STA 34:c3:ac:ea:52:b5 IEEE 802.11: disassociated
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-DISASSOCIATE.indication(34:c3:ac:ea:52:b5, 8)
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-DELETEKEYS.request(34:c3:ac:ea:52:b5)
again 12 times the messages above and finally
Sending deauthentication info to STA 34:c3:ac:ea:52:b5
wlan0: STA 34:c3:ac:ea:52:b5 IEEE 802.11: deauthenticated due to inactivity
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-DEAUTHENTICATE.indication(34:c3:ac:ea:52:b5, 2)
wlan0: STA 34:c3:ac:ea:52:b5 MLME: MLME-DELETEKEYS.request(34:c3:ac:ea:52:b5)
I tried to connect from a second wificard (tplink usb dongle) with same result
Could you help me?
@maramau – I’m not sure what could be the issue. Did you try upgrading from 10.10 to 11.10. There is a possibility of updated drivers which support authentication.
Also you may try @oplatek’s comment above to review your setup.
How I set up the hotspot on Ubuntu on second attempt | Oplatek Tech Spec
Hi there
Thank you for this tutorial.
I just wanted to ask if there is any way to implement a wireless access point in the 802.11n hardware mode.
Is there any chipset supporting this type of configuration
Regards
Connectify 2.2.0 – Make Your Laptop Become a WiFi Hotspot | Daily Freeware Download
Hi man,
thanks a lot for simple solution. It’s been pain in my ass or a long time, now everything works like a charm. 😉
hi im using ubantu 11.4 on my laptop compaq 510
i want to make it wifi hotspot so that i can use it for my android phone
im not that good with codes
so please can you please tell me how to do it in easier way (step by step)
thank you
Hi dhiraj, allow me to help in behalf of Vivek, you need to check if your wireless LAN supports AP or master mode.
Here is thye command:
1.
Get iw package & perform “iw list”
sudo apt-get install iw
sudo iw list
2.
If there is ‘AP’ in the list of “Supported interface modes” your device will support the Access Point mode with hostapd.
…
Supported interface modes:
* IBSS
* managed
* AP
* AP/VLAN
* monitor
* mesh point
then perform,
sudo ifconfig -a
I will send a script
Good luck
If the apt-get did not work, you download them here
http://pkgs.org/search/?keyword=iw_0.9.19-1_i386.deb
http://pkgs.org/search/?keyword=libnl
and install it using the following:
sudo dpkg –install libnl1_1.1-6ubuntu1_i386.deb
sudo dpkg –install iw_0.9.19-1_i386.deb
sudo iw list
Hi Vivek,
I’ve been busy lately, I just got back to this hobby lately. I’ve noticed that when I set this up on WLAN & for LAN , whoever got connected 1st, the WLAN or LAN will had the internet connection. Is this normal for the script you suggest here? or Is there an additional script for that to function both in WLAN & LAN? My target now is to share the internet from my notebook with Wlan & LAN both in my wifi phone & to my pc using it’s LAN card. I hope you understand what I mean. Thank you.
hi i couldnt start dhcp server so i used this http://ubuntuforums.org/showthread.php?t=1663788 and it worked but but adding security like your conf file stoped it.Can you pls help.thanx in advance
Anyone having problems with permissions on
echo “1” > /proc/sys/net/ipv4/ip_forward
can try:
echo 1|sudo tee /proc/sys/net/ipv4/ip_forward
sudo sh -c “echo 1 > /proc/sys/net/ipv4/ip_forward”
works too
Simple, fast, clear.
THANK YOU
Hi vivek,
1. thank you for great tutorial
2. i have question about something close to this topic….
is it possible to create a kind of wifi hotspot WITHOUT INTERNET CONNECTION. (to make it work as LOCAL wifi network?
@jz – I think it should work. It’s not necessary to have an internet connection sharing. In such a scenario, you would not require any firewall changes, that is no ip_forward or iptables changes are necessary.
I’m in the process of testing this. The guide looks very promising.
I wonder if it is really necessary to use the DHCP server.
I’m used to assigning static IP addresses to all network appliances so every appliances that is *supposed* to connect to this new AP has already a preconfigured IP address and other settings it needs.
Will it work without a DHCP server or does this require additional actions?
Thanks for writing such a nice tutorial.
@ikke – It should work without a DHCP server. The DHCP server is only necessary to assign the IP addresses. You can assign them statically and there shouldn’t be any issue.
Vivek, thanks for you reply.
Indeed in a testing situation it did work without DHCP so that’s nice.
So now I’m proceeding and I want to establish connectivity in a real situation. But I’ve difficulties in getting the IP routing correct.
My server is equipped with two wireless USB dongles and an additional ethernet card which I don’t use. So the network is completely wireless.
Until now I connect to my ISP with the dongle designated as wlan1 (through a regular wireless modemrouter). I’m not planning to replace that modemrouter completely.
This interface has the IP address 10.0.0.19
The second USB dongle that is supposed to be the AP in the near future is wlan0. That interface will have the IP address 10.10.0.19.
The server is known on my network as 10.0.0.19 (because of interface wlan1) and has some services and devices that should be reachable from the internal network.
So I need traffic rerouted between wlan0 (10.10.0.19) and wlan1 (10.0.0.19) while services and devices should be reachable from the internal network but of course not from external computers.
Do you have suggestions how to do this?
@ikke – The way possibly I’d have done it was to put the subnet as 255.0.0.0, so the interconnectivity issue would have resolved automatically. Otherwise I’m not very good with routing, and would need a bit of experimentation. I’d have used the `route` command instead of `iptables` here.
Vivek, Thanks for your guide. It seems to be almost working for me but I’m facing a problem:
I’m able to initialize the AP but, after (around) 10 seconds it prints this message:
Malformed netlink message: len=440 left=256 plen=424
256 extra bytes in the end of netlink message
l2_packet_receive – recvfrom: Network is down
and I’m unable to see the AP ever again. It seems to be crashing for some reason. Do you have any sugestion?
Thank you in advance
PS: Not using any wap autentication at all
PS2: Conf File:
interface=wlan0
driver=nl80211
ssid=MyAP
hw_mode=g
channel=11
PS3: The problem may come from the /etc/dhcp3/dhcpd.conf
If I use your example I get a fail when I: sudo /etc/init.d/dhcp3-server start
SO (after googling) I’m using:
subnet 192.168.0.0 netmask 255.255.255.0 {
option domain-name “example.com”;
option broadcast-address 192.168.0.255;
option subnet-mask 255.255.255.0;
option domain-name-servers 192.168.0.47, 192.168.1.5; # Comma between domain
option routers 192.168.0.10;
range 192.168.0.20 192.168.0.50; # No comma, just whitespace
}
After editing with this I’m able to start the dhcp3-server. Can the problem arise from here?
@João – Which distribution and kernel are you using? A DHCP server does not have a role here.
The error that you’ve mentioned above seems to portray that your device is not supported. Ideally you can try for the latest kernel (maybe Ubuntu 11.10 or even try 12.04 with kernel 3.x series). I’m afraid that’s all I would be able to suggest.
Every day I seem to get a new error -.-
Today I can’t even initialize the AP as i get:
Failed to create interface mon.wlan0.
nl80211 driver initialization failed.
wlan0: Unable to setup interface.
Any ideas? Thank you for your help.
PS: Using 10.10 with 2.6.35
Solved. Stuck with the “old” one 😛
Soved. Thank you soo much. Had a background process accessing the device…..which i didn’t know about => kill => solved.
Do you know any way of improving the power of the AP? 😛
Thanks Vivek.
You said: “The way possibly I’d have done it was to put the subnet as 255.0.0.0, so the interconnectivity issue would have resolved automatically.”
Well, in the meantime I can tell you that this is not an advice that is going to work.
I’ve tried it and it breaks the connectivity on the other wireless interface (some sort of IP address confusion, I guess).
OK, I’ve experimented a bit and now I can ping the new AP and logged in on the AP/server I can ping the client, so that works.
However I cannot ping to external servers so I guess the client cannot find either the gateway or the DNS server.
The DNS server is supposed to be the AP/server and in the situation without the server being AP it just works. So what do I need to set as DNS server is it the original IP (10.0.0.19) or is it the new one (10.10.0.19) and what about the gateway. I guess the gateway is still the modemrouter so the IP remains the same, right?
@ikke – From what I’ve understood from your comment, you can ping 10.0.0.19, and 10.10.0.19 from your client (say 10.10.0.20) without any problem. If that’s the case, then the routing issue is taken care of. Considering you can ping external servers from 10.0.0.19 machine, all you need to do is
a) Enable ip forwarding (echo ‘1’ > /proc/sys/net/ipv4/ip_forward)
and
b) Enable masquerading on your interface which is connected to your ISP (iptables -t nat -A POSTROUTING -o wlan1 -j MASQUERADE)
DNS would come later in the picture.
– The first task is to ensure that from 10.10.0.20 you are able to ping both 10.10.0.19 and 10.0.0.19.
– Second is to ensure that in the configuration of 10.10.0.20, the default gateway mentioned is 10.10.0.19 (which you can find via `route -n`) and not 10.0.0.19.
– Third, find out after doing ip forwarding and masquerading, if you are able to ping external servers, such as 8.8.4.4 or 8.8.8.8. If that’s happening then all’s well and everything is working well.
– Use the DNS servers that you have (or use 8.8.8.8 or 208.67.222.222), in 10.10.0.20 and then see if you are able to resolve a domain name. If it’s working then everything is fine. If you are running your own DNS services and those are not working, maybe you can check its configuration and review to which interface it is binding.
I use the carl9170 driver with the ar9170 chipset (which is standard now) and it works great in access point mode.
There are a number of advantages to the ar9170 chipset over the ath9k_htc dependent cards. The newer card isn’t compatible with numerous distributions for instance. It’s not free software compatible. If you really look at the good drivers they are frequently a bit dated. With the dated chipsets the community has had time to enhance and develop better drivers for them. That can’t even happen with the ath9k_htc driver or any other N USB chipset because Atheros and others are refusing to release the complete code or specifications on the newer chipset.
There are a number of cards from http://www.thinkpenguin.com/ which include support for access points. Two are USB wifi cards. One of the USB cards even has an external antenna for extended range.
The carl9170 driver also has some major improvements over the ar9170usb driver so if you have a recent distribution (anything with 3.0.x kernel or newer) it works great. This includes 11.04 and 11.10. 11.104 requires the blacklisting of the ar9170usb driver though (a simple file edit).
Vivek, thanks again for your advice and patience.
I’m sorry, but I just don’t get the whole principle of routing apparently.
I’ve found examples on the internet and they’re just completely the other way around than what you tell me. Any way, both methods don’t work so it’s clearly me doing things wrong.
Let’s recap to make the picture more clear:
My situation looks very much like the one depicted here:
http://dornea.nu/articles/2010/11/25/howto-source-nat-ip-masquerade-between-2-wlan-cards-linux
There are a few differences:
The subnet depicted on the left is in my case: 10.10.0.x. That is in the case of working with the AP. Otherwise it is 10.0.0.x because then all computers are in the same subnet.
The connection between the subnet left and the computer in the middle is in my case: wlan0.
The computer in the middle is in my case: 10.0.0.19. That is in the original situation it not being an AP, if it is an AP it has to deal with the other wireless subnet and then it is 10.10.0.19. This is something I don’t understand.
The connection between the computer in the middle and the subnet on the right is in my case: wlan1.
The subnet depicted on the right is in my case also a fritzbox, but it has the range 10.0.0.x. The fritzbox (“gateway”) itself being: 10.0.0.140).
So the main problem I guess is that I don’t understand what has to be done with the computer (AP to be) in the middle.
Concerning your previous advice:
When logged in on the computer in the middle I can ping external servers regardless if I use the AP network or the network from the modemrouter (fritzbox).
But from the client I cannot ping 10.0.0.19 and 10.10.0.19 at the same time. If I use the network from the AP (10.10.0.x) I can ping 10.10.0.19 only and when using the network from the modemrouter (10.0.0.x) I can ping 10.0.0.19 only.
All right, I’ve removed all forwarding rules because I doubt if they’re correct and inserted these:
iptables –table nat –append POSTROUTING –out-interface wlan1 -j MASQUERADE
iptables –append FORWARD –in-interface wlan0 -j ACCEPT
Now the situation is improved. The ping results are now:
from client (10.0.0.20)
ping 10.0.0.19 OK
ping 10.10.0.19 OK
ping 10.0.0.140 OK
ping to external server FAIL
from server (10.0.0.19/10.10.0.19)
ping 10.0.0.20 FAIL
ping 10.10.0.20 OK
ping 10.0.0.140 OK
ping to external server OK
(10.0.0.140 being the IP address of the modemrouter which connects to the ISP’s network)
So now it seems to be a more DNS related problem.
And now it’s working.
Everything was all right from the start more or less. However BIND DNS and Squid weren’t accepting connections from the new network segment and after this was fixed it all worked.
Vivek, thanks for your suggestions and patience.
Your help has certainly be valuable for me in realizing this project.
@ikke – glad to know it worked 🙂
Hi,
I’m planning on, eventually, getting a Raspberry Pi and using it to extend my wifi network using two wifi adapters (tp link with an atheros chip). Using your method looks great but just wondering if you can use the original router to assign the IP addresses through DHCP?
Thanks in advance,
i am trying to set this up but it seem the drivers for my card are built in to the kernel Bus 001 Device 002: ID 1737:0078 Linksys WUSB100 v2 RangePlus Wireless Network Adapter [Ralink RT3070]
when i try to start
hostapd -dd /etc/hostapd/hostapd.conf
I have tried many drivers
Line 2: invalid/unknown driver ‘rt3070’
the same with your default driver?
any help would be great
would you know what driver to use?
I really don’t understand why everybody wants to try this.
I’ve tried it now for about a month and I’m on the virge to ditch it.
May be it is worth the effort when your wireless card supports master mode natively, but if it isn’t and you need hostapd, it is completely useless to try it anyway.
I’m sorry to use this type of language but honestly hostapd is nothing more or less than crap.
The connection established with hostapd is not even stable for half an hour.
802.11N speed is reached NEVER.
WMM is not supported in a decent way.
SSID broadcast can be set to disabled but it is broadcasted anyway.
The instability problem was reported for the first time in 2009 and is known by the author but I found somewhere on the internet that he is not planning to correct it any time soon. He says he can *probably* solve it before version 1.0 of hostapd appears, so he means apparently he’s just not doing it.
If Debian/Ubuntu drops the hostapd project sooner or later I guess nobody needs to be surprised.Hostapd in the current state is sub-standard and useless.
Hey Guys,
I’ve got a problem. Please can someone help me?
I’ve got an ubuntu 11.10 and a TP-Link TL_WN821N.
my teacher want that I get this thing to work as a AP. I tried many different ways like the madwifi-project (doesn’t support usb) and carl9170 or hostap, but nothing has worked.
At the moment i fight against the hostap error “ioctl[PRISM2_IOCTL_PRISM2_PARAM]: Operation not supported
Could not enable hostapd mode for interface wlan1
hostap driver initialization failed.”
I work at the exercise for 3 months. It must work next wednesday.
Got anyone some ideas?
kthxbye
Charlii
Okey we got it.
Just a little spelling mistake in /etc/hostapd/hostapd.conf.
The Driver is not “n180211”, it´s “nl80211”.
Charli
Hi Vivek,
I am using wifi atheros card 9220 in my board, and trying to access the wifi by running the dhcp server. but am unable to connect to it.Using dnsmasq dhcp is running. but the port which dhcp is using is conflicting with other process, i mean some other process is using the same port(dhcp port).
root@NPO:/ # dnsmasq
dnsmasq: DIE message from dhcp.c:87!
dnsmasq: failed to bind DHCP server socket: Address already in use
dhcpd.conf file contains
authoritative;
ddns-update-style interim;
ignore client-updates;
subnet 110.0.0.0 netmask 255.0.0.0 {
range 110.0.0.20 110.0.0.30;
default-lease-time 3600;
max-lease-time 86400;
option routers 110.0.0.2;
option ip-forwarding off;
option subnet-mask 255.0.0.0;
option domain-name-servers 4.2.2.2;
}
subnet 192.168.1.0 netmask 255.255.255.0
{
host fedorabigbox
{
hardware ethernet 00:80:48:6A:91:09;
fixed-address 192.168.1.44;
option subnet-mask 255.255.255.0;
}
}
subnet 192.168.2.0 netmask 255.255.255.0
{
host fantasia
{
hardware ethernet 10:22:33:44:55:AB;
option subnet-mask 255.255.255.0;
option routers 192.168.2.1;
}
}
dnsmasq.conf file contains
strict-order
no-negcache
log-facility=/var/log/dnsmasq.log
interface=br0
retry-time=3
forward-timeout=30
cache-size=500
dhcp-range=default,192.168.2.100,192.168.2.200,255.255.255.0,3600
dhcp-option-force=default,1,255.255.255.0
please help me
Thanks
Santosh
Thanks so much for the guide!
Other than the small changes to the location of dhcp, it was very straightforward.
Running it off a live Ubuntu 11.10 USB with an Atheros card.
My first positive experience doing something like this with Linux!
Hello! I got an error when im trying to run the “hostapd -dd /etc/hostapd/hostapd.conf” command:
Failed to set interface wlan0 to master mode.
nl80211 driver initialization failed.
wlan0: Unable to setup interface.
ELOOP: remaining socket: sock=5 eloop_data=0x818fa48 user_data=(nil) handler=0x8087b60
What suppose to be the problem sir? Im very noob in Linux. TIA!!
Additional Info: Im using Netgear wg111v2. Thanks!
Ubuntu 12.04 – setting up my Wifi Hotspot « thenewbieblog
can you contact me i will like to speak to you about a possible proyect im working on
Hello! Thank you for the instructions! I did exactly what is written, but when I try
sudo ifconfig wlan0 10.10.0.1
i get the following error:
SIOCSIFFLAGS: Operation not possible due to RF-kill
What does it mean? (I have Ubuntu 12.04)
And two more questions:
1. Should I write the driver nl80211 or the driver of my wlan0 rtl8187?
2. The ip addresses in /etc/dhcp3/dhcpd.conf, are they arbitrary or should be taken from connection information?
Thanks a lot!
@Maria – a quick search on google led me to this http://askubuntu.com/questions/62166/siocsifflags-operation-not-possible-due-to-rf-kill
Maybe that should help.
Also, for the other two questions
1. It should be nl80211
2. The IP Addresses that you define here are to be of the same range as your wlan0 address. So in the example above, ideally you should use 10.10.0.x series as that’s for your wlan adapter too.
Thank You! this tutorial really helps me!!! Regards from Buenos Aires Argentina!!!
Hi vivek,
Great tutorial !
However do you know where I can find a list of PCI cards which are ok today for doing this job. In fact I already done that since 9 years with an PCI card :
“Standard Microsystems Corp [SMC] SMC2602W EZConnect / Addtron AWA-100 / Eumitcom PCI WL11000 (rev 02)”
But now the card is dead and I have to change it.
Thanks – Philippe
Hi,
I was following this tutorial and now I am able to connect from Android phone to my notebook Access Point (I’m working on ubuntu 12.04 x64). I wonder what changes should I make in order to use IPv6 instead of IPv4. I mean that I want my Android Phone to get IPv6 address when connecting to my ubuntu Access Point. Could you help me?
Hi guys,
I’m trying to get a DWA-125 working as a HotSpot on Ubuntu 10.04 and following this guide, upon entering ‘sudo hostapd -dd /etc/hostapd/hostapd.conf’
I get in response:
Configuration file: /etc/hostapd/hostapd.conf
nl80211 not found.
nl80211 driver initialization failed.
wlan0: Unable to setup interface.
How do I get the nl80211 driver installed?
Thanks
David
@Vivek
Thanks for such a wonderful tuts. However my wi-fi device doesnot support AP mode. It only supports monitor mode and managed mode. Is there any way I can make AP mode supported in my Broadcom device.
Eagerly Waiting for reply,
Many thanks for these tips — great info! One more hurdle: How do you create an “I agree to the terms of this access point” page? I guess hostapd can’t do this on its own..
This worked very well for me on day 1. However, after rebooting my computer and nothing plugged into the USB ports is recognized. The “lsusb” command ends up hanging the terminal. I am searching for help!
Thanks to your instructions I managed to do this with two wireless nics.
Unfortunately since updating ubuntu 11.04 to 11.10 I have really difficulties to start hostapd.
The nic not being the access point starts flawless. The other one refuses to start telling:
RTNETLINK answers: File exists
Failed to bring up wlan0.
I found on the internet that having two default gateways can cause this, but as far as I can tell I do have only one default gateway.
Recently I managed to get it up back again with a lot of experimenting but this time that does not work.
Each time I restart my server this problem causes a lot of hassle.
I assume it must have something to do with the upgrade of ubuntu.
Please can you advise me?
Hi there,
I got it all working BUT the dhcp server won’t lease the IP: my smartphone “sees” the AP but can’t get the IP. I’m stuck and frankly unable to make it work.
I’d like to try with a static IP, instead of using the dhcp server, could you possibly help me with that. That’d allow me to confirm that the proble is with dhcp.
BTW, I’m using Linux Mint Debian Edition.
Thanks a lot, René
Thanks man, I reached here after trying a few other sites. nice writeup.Straight forward solution. It worked perfectly for me. wired internet and TP-Link usb dongle
Making a WiFi Hotspot / Access Point using Linux & wifi lan card/USB adapter « Sem Memória
Hi Vivek,
I have been trying to get this working. It was working once, set up exactly as your instructions, and then I followed your instructions to make it start up on boot and it hasn’t worked since. I am trying to share my 3g connection (USB) to my USB wireless adapter.. AP appears in the list, so I know it is ok for access point. iwconfig reveals that it is in master mode. When I run the server, I can see devices requesting SSID broadcast and I can see my access point on my devices. When I try to connect now, it seems to get past authentication, but cannot get IP address.
Happy New Year !
@pete – if it is still authenticating but not getting the IP, then maybe you should initially try and give a static ip of the network you’re setting up and then see. If that works, then I guess the only hurdle is resolving dhcp issues as that’s the one which assigns IP Addresses to clients.
Worked for me on Linux Mint Debian Edition (LMDE) using isc-dhcp-server, thanks!
how can I
Modify /etc/hostapd/hostapd.conf
I use sudo gedit /etc/hostapd/hostapd.conf
got many error messages
You need to use gksudo to run executables with a GUI as root. Try:
gksudo gedit /etc/hostapd/hostapd.conf
On Linux Mint Debian Edition (LMDE) I had 2 problems with this:
1. gedit is called pluma, so substitute pluma for gedit above.
2. I got the error: “(gksudo:5775): GLib-CRITICAL **: g_str_has_prefix: assertion `str != NULL’ failed”. This is fixed by:
sudo visudo
and adding the line:
Defaults env_keep += HOME
I’m not very familiar with the editor ‘nano’ used by visudo, but to save the change and exit press:
Ctrl-o
Ctrl-x
Afterwards the following works as expected:
gksudo pluma /etc/hostapd/hostapd.conf
One more thing. On Debian gksudo requires the root password by default, not the user password like Ubuntu. To obtain this functionality use:
sudo update-alternatives –config libgksu-gconf-defaults
and choose the correct option number (2 for me).
Thanks Jonathan Blakes I got this using nano and it done
but I still have issue with other steps
hostapd work now and i detect the network on my phone
when I type
hostapd -dd /etc/hostapd/hostapd.conf
i got the network shown on the phone but i cant reach the Internet
@salim18salem – not reaching the internet on your phone (in one of the later posts), may mean that the gateway is not being assigned correctly or the firewall is not masquerading correctly.
The first step in my opinion is to use static IP addresse first in the phone and see if that works. If not, then you need to check the IP tables configuration. Once the static IP works, you need to check if the IP is being assigned dynamically. That’s the role of DHCP server.
Mar 13 15:09:13 dell rtkit-daemon[1585]: Supervising 6 threads of 2 processes of 2 users.
Mar 13 15:09:15 dell ntpdate[1669]: adjust time server 91.189.94.4 offset 0.340063 sec
Mar 13 15:09:24 dell NetworkManager[849]: (wlan0): IP6 addrconf timed out or failed.
Mar 13 15:09:24 dell NetworkManager[849]: Activation (wlan0) Stage 4 of 5 (IPv6 Configure Timeout) scheduled…
Mar 13 15:09:24 dell NetworkManager[849]: Activation (wlan0) Stage 4 of 5 (IPv6 Configure Timeout) started…
Mar 13 15:09:24 dell NetworkManager[849]: Activation (wlan0) Stage 4 of 5 (IPv6 Configure Timeout) complete.
Mar 13 15:09:26 dell goa[1965]: goa-daemon version 3.4.0 starting [main.c:112, main()]
Mar 13 15:09:27 dell kernel: [ 46.168993] audit_printk_skb: 39 callbacks suppressed
Mar 13 15:09:27 dell kernel: [ 46.169000] type=1400 audit(1363158567.011:25): apparmor=”DENIED” operation=”open” parent=1 profile=”/usr/lib/telepathy/mission-control-5″ name=”/usr/share/gvfs/remote-volume-monitors/” pid=1960 comm=”mission-control” requested_mask=”r” denied_mask=”r” fsuid=1000 ouid=0
Mar 13 15:09:56 dell avahi-daemon[682]: Invalid response packet from host fe80::2a6a:baff:fe77:5460.
I cannot even detect the hotspot from another laptop.
WHY ?
dell@dell:~$ sudo hostapd -dd /etc/hostapd/hostapd.conf
Configuration file: /etc/hostapd/hostapd.conf
nl80211: Register Action command failed: ret=-114 (Operation already in progress)
nl80211: Register Action match – hexdump(len=1): 06
nl80211: Failed to register Action frame processing – ignore for now
nl80211: Add own interface ifindex 3
nl80211: Failed to set interface 3 to mode 3: -95 (Operation not supported)
nl80211: Failed to set interface 3 to mode 3: -95 (Operation not supported)
nl80211: Interface mode change to 3 from 0 failed
nl80211: Failed to set interface wlan0 into AP mode
nl80211 driver initialization failed.
ELOOP: remaining socket: sock=4 eloop_data=0x96cc900 user_data=0x96ccea0 handler=0x807c5e0
ELOOP: remaining socket: sock=6 eloop_data=0x96ceca8 user_data=(nil) handler=0×8086770
dell@dell:~$ cat /etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
ssid=my_hotspot
channel=1
hw_mode=g
auth_algs=1
wpa=3
wpa_passphrase=1234567890
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
#hostapd -dd /etc/hostapd/hostapd.conf
/*when i run this command on bt5r3 it shows some error*/
Configuration file: /etc/hostapd/hostapd.conf
ctrl_interface_group=0
Failed to set interface wlan0 to master mode.
nl80211 driver initialization failed.
wlan0: Unable to setup interface.
rmdir[ctrl_interface]: No such file or directory
ELOOP: remaining socket: sock=5 eloop_data=0x22a6450 user_data=(nil) handler=0x43d3a0
There’s something interesting I would like to share with you all.
I’m trying to setup hostapd for about a year now and during this time I never managed to get a stable connection. The main problem was the dreadful “disconnecting on request” problem.
A few days ago I’ve rearranged some USB peripherals of my server.
Instead of plugging the USB wireless dongle right into the server I wondered what happened if I did plug it into an powered USB hub.
Guess what: Since I did this the wireless connection has never broken and the signal strength is quite reasonable. It’s not that strong as a regular router but it works. As far as I can tell the speed is comparable to that of a router.
So apparently connection problems with hostapd can be caused by power problems. It seems to me that the USB port of the server does not completely provide the wireless dongle with the amount of power it needs (probably due to certain USB logic it uses) while the powered USB hub just does it because it is a “dumb” device without any knowledge about what is exactly connected to it.
I’d been trying to set up an access point for a few hours before I found your blog. Your tutorial worked out just great. Thank you!
Great tutorial and very nice written! The Configuration layout is currently a bit different (/etc/dhcpd/dhcpd.conf not dhcpd3 etc.) and the service is called isc-dhcp-server (e.g. service isc-dhcp-server start). One more thing: It is not necessary to set a driver in the hostapd.conf (normally runs fine without). You can also add INTERFACES=”wlan0″; into the dhcpd.conf (but you need a semicolon ; !) Thank you!
Hi Vivek,
I am trying to get this done on my new Dell Inspiron with Opensuse 12.3.
Problem I am facing is Opensuse has changed the way Opensuse handles dhcpd.conf file (for security reasons as mentioned in their website). They have provided additional config to run dhcp server in chroot mode.
Tried to follow the steps from this & various other sites but no luck. At the end when I try to connect to hotspot from my phone, it connects to the pc but keeps trying to obtain the IP address.
Do I need to get specific version of dchp server on Opensuse?
http://doc.opensuse.org/documentation/html/openSUSE/opensuse-reference/cha.dhcp.html#sec.dhcp.server
I am sorry I may not be able to assist much. Instead of using DHCP, you can try assigning address statically so that you are sure it works. However, I am not sure if this method is useful anymore as there are hotspot creation options within Ubuntu by default (and I am assuming other distros too)
I appreciate, lead to I discovered exactly what I
was having a look for. You’ve ended my 4 day long hunt!
God Bless you man. Have a great day. Bye
Dear Sir,
i need a PCI based wi-fi card that support 300mbps that i can convert into WLAN access point,i will be using that card with Linux distribution,can you recommend some thing?
regards
Just what i needed. Did read the articel 3 times but i have figured it out. Thanks
Hi Vivek,
I was trying to put my WiPi in AP mode, and it worked.
Following is output of my “iw dev” command
phy#0
Interface mon.wlan2
ifindex 5
type monitor
Interface wlan2
ifindex 3
type AP
But When I’m trying to run “sudo iw dev wlan2 scan” command in this mode, it is giving me error
“command failed: Operation not supported (-95)”
Kindly respond back if you have any idea of the reason behind this.
Hi Vivek,
I have changed my WIFI adpater into AP mode.but I want when my WIFI adpater is in AP mode and I will conect to any wifi networks it should connect successfully and AP should be disable.But when I am trying to connect any WIFI network it always fails.when I stop dhcp,hostapd and gives IP address to wlan0 then it get connected successfully and adpater stops AP mode.( OR I have to restart my PC)
How can I do it automatically ,instead of stopping hostapd and dhcp manually ?
Membuat access point di ubuntu | loadportas
Jaime
如何利用 fedora 23 linux+雙無線網卡,打造出無線vpn路由器 | inmethodblog
如何利用 fedora 23 linux+雙無線網卡,打造出無線vpn路由器 | 癮方法
Can you create a new tutorial showing how to create a EAP-SIM/Hotspot 2,0 AP?
Making a WiFi Hotspot / Access Point using Linux & wifi lan card/USB adapter – Wi-Fi-Hotspot.com