0

I follow link below for setting up RPi access point with a bridge
Setting up a Raspberry Pi as an access point - the easy way

I install cloudstack manager which has cloudbr0 bridge
Now I want to have access point but I need NAT to isolate it from router
So the topology should look like below
What should I change for such configuration?

                               RPi
               wifi   ┌──────bridge──────┐   wired            wan
mobile-phone <.~.~.~> │(wlan0) br0 (eth0)│ <-------> router <-----> INTERNET
            \                   |                   / DHCP-server
      (dhcp 192.168.4.x   (dhcp 192.168.50.x      192.168.50.1
       from RPi)           from router)
dondon
  • 1
  • 1
    your topology looks a lot like the topology in the answer you refer to - not sure what's different – Jaromanda X Jan 15 '21 at 04:30
  • There is NAT available in the guide you used. What is *cloudstack manager*? What is *cloudbr0 bridge*? What do you installed first? Access point or cloudstack manager? – Ingo Jan 16 '21 at 15:58
  • @JaromandaX : the difference is how mobile-phone IP being assigned. I want RPi to assign IP instead of router – dondon Jan 21 '21 at 01:47
  • @Ingo : I have RPi with already cloudstack manager installed. Now I want to make use of RPi wifi to become access point. – dondon Jan 21 '21 at 01:48
  • I haven't used cloudstack manager so far so I don't know if it is able to operate with modern systemd-networkd. *I follow link below for setting up RPi access point with a bridge* - what practical problems do you have? – Ingo Jan 21 '21 at 11:37
  • @Ingo, the problem is router DHCP will assign wifi IP. This means RPi IP will have same subnet like wifi IP, which means no NAT – dondon Jan 21 '21 at 21:57
  • @Ingo, also another problem since router dhcp will assign wifi ip, router will assign also dns for wifi. I have setup cloudflare DOH (DNS-Over-HTTPS) which point to 127.0.0.1#5053. So I want to assign this DOH to wifi. The idea is anybody who connect to this wifi, will have secured connection where router cannot snoop activity on wifi. – dondon Jan 22 '21 at 01:33
  • "*This means RPi IP will have same subnet like wifi IP*" - this is exactly what a bridge do. If you don't want it, then don't use a bridge. – Ingo Jan 22 '21 at 02:17
  • @Ingo, my understanding when telling /sbin/wpa_supplicant with option -dbr0 then to use a bridge for wlan0. So I try not include this option, but now no IP for wifi. How to make RPi assign IP with different subnet ? – dondon Jan 22 '21 at 02:32
  • when I google, found most of all configuration using dnsmasq (old ways) and very difficult to find using systemd-network for ex : https://raspberrytips.com/raspberry-pi-firewall/ – dondon Jan 22 '21 at 03:04

0 Answers0