2

I have a range extender on one side of the house but it gives out really poor signal and looks to be slowly dying.

I have a spare UniFi AP that I want to use but no Ethernet connection on that side of the house, so I want to make a Pi that connects to my WiFi and then I can plug the AP into the lan port on the pi.

I know you can do this using NAT and have a dhcp server on the lan port. But I want it to be a full passthrough almost like a bridge.

Can anyone help with this?

Nick Carlton
  • 29
  • 1

2 Answers2

3

I did something similar. Now this isn't a bridge because it's using NAT, but you mentioned NAT so I think you really just want an AP Client Router.

You could also genuinely route across the Pi just by binding a network to each side and giving it a route to use (like a default) after enabling IP forwarding. But that tends to give people a harder time to do it this way because it's not very intuitive how it just "works".

If you just need to access something behind the Pi, you can set up port-forwards in the firewall. There's plenty of help out there to cover that.

I have a Pi connect to my apartment's wifi, then put it on a switch so my PCs can share it and see each other (the wifi has segregation turned on)

Now you need to put a static IP on the LAN side...

sudo /etc/dhcpcd.conf

interface eth0
static ip_address=10.10.10.1/24
static routers=
static domain_name_servers=8.8.8.8

Now set up the DHCP server

sudo apt-get install isc-dhcp-server

sudo pico /etc/dhcp/dhcpd.conf

option domain-name "mydomain.com";
option domain-name-servers 8.8.8.8, 8.8.4.4;
default-lease-time 600;
max-lease-time 2400;
ddns-update-style none;
authoritative;
subnet 10.10.10.0 netmask 255.255.255.0 {
       range 10.10.10.50 10.10.10.200;
       option routers 10.10.10.1;
       option domain-name-servers 8.8.8.8, 8.8.4.4;
}

Now enable IP forwarding in the kernel

sudo pico /etc/sysctl.conf

Uncomment where it says net.ipv4.ip_forward=1 Now create the iptable rules to allow for NAT forwarding

sudo iptables -t nat -A  POSTROUTING -o wlan0 -j MASQUERADE
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

Find exit 0 and put this above it in the rc.local file

sudo pico /etc/rc.local

iptables-restore < /etc/iptables.ipv4.nat

You can just join a network with the GUI to speed things along. It will keep connecting to that one over and over until it can't upon reboot. However to make things more robust and "correct"...

See what wireless networks are available you can type

sudo iwlist wlan0 scan | egrep "Quality|ESSID|Signal|Rates"

which will give you a shortened output of just SSIDs, signal strengths, channels, and such like below:

pi@raspberrypi:~ $ sudo iwlist wlan0 scan | egrep "Quality|ESSID|Signal|Rates"
                   Quality=39/70  Signal level=-71 dBm
                   ESSID:"Best Western Hotel"
                   Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
                   Quality=37/70  Signal level=-73 dBm
                   ESSID:""
                   Bit Rates:6 Mb/s; 9 Mb/s; 12 Mb/s; 18 Mb/s; 24 Mb/s
                   Quality=50/70  Signal level=-60 dBm
                   ESSID:"My Home Network"
                   Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 6 Mb/s
                   Bit Rates:24 Mb/s; 36 Mb/s; 48 Mb/s; 54 Mb/s

Once you know which network you want to use, it's up to you to first get the formatting correct to add it to your configuration:

pi@raspberrypi:~ $ sudo wpa_passphrase "Best Western Hotel" "Room112passwd"

That will return something like this:

network={
       ssid="Best Western Hotel"
       #psk="Room112passwd"
       psk=88aeedbf2750015a5a2ed81e6d71202f606aea4d646d03df6fef6012091f34f2
}

Now you will want to cut and paste that output into your /etc/wpa_supplicant/wpa_supplicant.conf file. The first few lines are global configuration terms, the rest determine how to join various networks.

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
country=US

network={
       ssid="Coffeeshop Guest"
       key_mgmt=NONE
       priority=2
}
network={
       ssid="Best Western Hotel"
       #psk="Room112passwd"
       priority=1
       psk=88aeedbf2750015a5a2ed81e6d71202f606aea4d646d03df6fef6012091f34f2
}

The priority commands indicate what order the SSIDs should be attempted.

If I missed something, I'm sorry.. this was a good bit to do from memory... I think I got everything..

John

John S
  • 31
  • 2
  • Ill give it a go and see what I end up with. Only problem I will have is if devices on my main lan 192.168.0.0/24 want to communicate with any devices on the eth0 port of the Pi. – Nick Carlton Apr 03 '20 at 18:42
1

The problem with a Raspberry Pi is, that it cannot bridge a client connection on interface wlan0 to a remote hotspot. This needs hardware support on the WiFi chip, which isn't available. But there is a workaround to emulate a real OSI layer 2 bridge using proxy arp. This is not a real bridge but it behave like one. How to setup it you can look at Workaround for a wifi bridge on a Raspberry Pi with proxy arp. Because you have a static environment you should follow section ♦ Static configuration of proxy arp. It is simpler to setup.

Ingo
  • 40,606
  • 15
  • 76
  • 189