WOW-TO convert a Raspberry Pi B2 standalone Wifi-AP

using REALTEK chipset (e.g. EDIMAX)

see all WOW-TO’s

/

v1.2.3   [20150522]

v2.0.0   [20160501]

Proven Dummy Tutorial

WOW-TO convert a Raspberry Pi B2 standalone Wifi-AP

using REALTEK chipset (e.g. EDIMAX)

pi2.jpg71P8Pfd7npL._SL1500_.jpg

components used herein:

1 x Raspberry Pi 2

1 x EDIMAX EW-7811UN, wifi dongle, WiFi 802.11b/g/n nano USB Adapter, 150 MBit/s, RTL8188CUS

1 x Raspbian wheezy software : http://downloads.raspberrypi.org/raspbian_latest 


Videos

Paper   : Videovisualisation of this paper

Part I   : Video-Demo - Part I   [Preparations]

Part II  : Video-Demo - Part II  [Installation] 

Part III : Video-Demo - Part III [last steps]

Dear RASBERRY PI B2 fans all over the world:

yes I am a RASPBERRY Pi B2 fan too..

This paper is about making a stand alone wifi accesspoint using EDIMAX aka REALTEK chipset WiFI dongle.

Raspberry Pi 2 with EDIMAX Wifi Adapter:

Before we proceed I want to point out the importance of buying the right USB WiFi Adapter. As you may have experienced with other types of hardware devices not all devices are plug-n-play. Sometimes you will need to download a driver to make them work. While drivers are normally readily available for Windows computers – it is a different world for Linux and Raspberry Pi’s.

This is why it is very important to buy a WiFi Adapter that mentions “Linux” in the product description or package.

I use the Edimax – Wireless 802.11b/g/n nano USB adapter because I have found it to be cheap and very easy to work with. I very recommend you do the same – it could save you a lot of headaches.

I found some good instructions in the net, but none of them seemed to fit perfectly and was not a 100 % solution. Therefore i wrote this new one. Hope this helps -  where it is needed.

Feedback and criticism are welcome …. :)

You may comment online in http://docs.google.com 

regards from berlin, germany, europe

may, 2016

e-mail: pimail.project@gmail.com

blog   : http://pimail.blogspot.de/

explanation

linux commands will appear with yellow background color like this

modifying file content will appear with green background color like this

Vision:

This paper ist trying to describe in very detail, how to change settings, making a RASPBERRY PI 2 usable for those EDIMAX = REALTEK WiFi dongles as an absolute autonomous standalone WiFi AP. 71P8Pfd7npL._SL1500_.jpg

51HlFaKYIYL._SL1000_.jpg

This project is not intended to spread wifi with an existing internet connection. My intention was to create a complete autonomous island solution in regions, where access is NOT and will not be available. And: there are many. Mostly in developing countries, but also in schools in the developed world. It will work like a “wallet garden” also, because of security considerations.

If you would like to spread ethernet via WiFi you must select another approach. There are enougth tutorials available in the net. This tutorial handles only some very special case.

In Germany you can get those dongles, e.g., there:

http://www.amazon.de/EDIMAX-EW-7811UN-Wireless-Adapter-IEEE802-11b/dp/B003MTTJOY/ref=sr_1_1?ie=UTF8&qid=1426498717&sr=8-1&keywords=edimax 

First let’s take our microSD card and format it.

microsd.jpg

Best formatting tool to me was:

HP USB DISK STORAGE FORMAT TOOL V2.2.3

You will find it there and on a variety of other locations:

http://www.computerbild.de/download/HP-USB-Disk-Storage-Format-Tool-7600965.html

Search for it: https://www.google.de/search?q=hp+usb+disk+storage+format+tool+V2.2.3

Download the latest RASPBERRY PI whezzy - software image and transfer it to your microSD card. Use Win32 Disk Imager if you are using WINDOWS. You may obtain this freeware there:

http://sourceforge.net/projects/win32diskimager/files/latest/download

Note: New Raspberry Pi 2/3 models will only accept microSD cards now!

Those “normal” SD-cards are no longer hardware supported!

Plug your USB EDIMAX WiFi adapter into one of the 4 free USB ports on the Raspberry Pi 2. Power up your Raspberry Pi 2. At this point you need to either connect to the Raspberry Pi 2 via an Ethernet cable using a keyboard. Now connect with ssh:// in firefox browser to access the Raspberry Pi 2.

If you use firefox browser, you may install SSH addon and login into your Raspberry Pi using firefox only.

Just type into your firefox browser this: ssh:// and it will work.

credentials are:  pi | raspberry

Next steps:

Update and upgrade the Raspberry Pi software now as usual.

RASPBERRY PI 2 login credentials are:  pi | raspberry

sudo bash

sudo apt-get update && sudo apt-get upgrade

Then also update the Raspberry Pi firmware to the latest version:

Lets have a look what firmware is actually installed

uname -a

result will be e.g.:

Linux xx...x 3.18.9-v7+ #768 SMP PREEMPT Sun Mar 15 19:41:56 GMT 2015 armv7l GNU/Linux

Linux xx...x 3.18.11-v7+ #776 SMP PREEMPT Mon Apr 6 13:19:43 BST 2015 armv7l GNU/Linux

Linux raspberrypi 3.18.11-v7+ #777 SMP PREEMPT Sat Apr 11 17:30:37 BST 2015 armv7l GNU/Linux

Linux raspberrypi 3.18.12-v7+ #782 SMP PREEMPT Tue Apr 28 19:54:13 BST 2015 armv7l GNU/Linux

Linux xx...x 3.18.13-v7+ #784 SMP PREEMPT Sat May 9 15:57:36 BST 2015 armv7l GNU/Linux

Linux xx...x 3.18.13-v7+ #785 SMP PREEMPT Mon May 18 17:53:02 BST 2015 armv7l GNU/Linux

sudo rpi-update

sudo reboot

After booting and logging-in you want to make sure that the Raspberry Pi 2 has found your new wireless adapter. To inspect, which peripherals the operating system found when booting run the following command:

sudo dmesg | more

[note: You may use the spacebar to scroll down a whole page at a time – towards the end you will see something similar to the following lines:]

here:

3.605726: this means, that the operating system has recognized yourEDIMAX USB WiFi Adapter using one of the built-in drivers. All is left, is to configure your WiFi connection.

To achieve this, we need to install 2 new scripts

Lets do step A.):

        

To install the DHCP software run the following command:

sudo apt-get install isc-dhcp-server

Now, let’s do step B.):

Since we are building our own hostapd version, we have to remove the original hostapd, you might have installed before:

sudo apt-get autoremove hostapd

Next comes the tricky part of this instruction. Installing a special driver. Note, that there is a new release: v2.0.tar.gz, delivered 03.02.2015.

Special thanks to

http://www.jenssegers.be/blog/43/Realtek-RTL8188-based-access-point-on-Raspberry-Pi. So you can use EDIMAX based RASPBERRY Pi 2 as a standalone accesspoint. Just follow the next instruction. Be careful. This is really very essential.

Note: processing will take some time!

Because your EDIMAX USB WiFi stick needs an access point driver not supported by the native HostAPD application, we must install a custom version, compiled with the driver we need. This can be done by running the following commands.

sudo wget https://github.com/jenssegers/RTL8188-hostapd/archive/v2.0.tar.gz
tar -zxvf v2.0.tar.gz

cd RTL8188-hostapd-2.0/hostapd

sudo make install

sudo service hostapd restart

This last step will move the created hostapd binary to /usr/local/bin, add a startup script and create a configuration file in /etc/hostapd/hostapd.conf. We will config this later.

Note: this process will take a while/a few minutes; so, stay calm pls...! 

The blue LED of your EDIMAX WiFi Stick will blink now!

Once downloaded and installed, we are ready to configure the software now.

@ A.) Configuring the ISC-DHCP-Server

To configure the DHCP server just open the file

sudo nano /etc/dhcp/dhcpd.conf 

in your favorite text editor, eg. nano

Find the following section and comment it out by placing a hashtag at the beginning of the line like that:

#option domain-name "example.org";
#option domain-name-servers ns1.example.org, ns2.example.org;

Next find the section below and un-comment the word authoritative (remove hashtag):

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.


authoritative;

The corrected file now should look like this now, when perfect:

We are still in this file

Next we need to define the network and network addresses that the DHCP server will be serving. This is done by adding the following block of configuration to the end of the opened file:

subnet 10.10.10.0 netmask 255.255.255.0

{
range 10.10.10.20 10.10.10.90;
option broadcast-address 10.10.10.255;
option routers 10.10.10.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name "pinetwork";
option domain-name-servers 8.8.8.8, 8.8.4.4;
}

This will enable the DHCP server to hand out the max. of 70 IP addresses starting with 10.10.10.20 to 10.10.10.90 in it’s own local network.

People who are skilled in network configuration can change these values if they wish to use some other network addresses and/or other DNS servers. This configuration will use the Google DNS servers at 8.8.8.8 and 8.8.4.4. One of german T-com DNS : 194.25.2.129 .

[note: to save the file press Ctrl+O . This will write the file to the disk – afterwards you can exit nano by pressing Ctrl+X. If nano asks if you want to save modified buffer? Press “Y”  followed by hitting enter to confirm the filename.]

The result should look like this now:

note: in this example 10.11.10.11 has been chosen by me as network address space.

Next file we will have to edit is /etc/default/isc-dhcp-server. You can open it also in nano using this command:

sudo nano /etc/default/isc-dhcp-server

Scroll down to the line saying interfaces and update the line to say:

INTERFACES="wlan0"

This will make the DHCP server hand out network addresses on the wireless interface. Now save the file you have modified and exit the nano editor.

The result of your good work now should look like that:

The last step in configuring the DHCP server is to configure a static ip address for the wireless network adapter. This is done in the file /etc/network/interfaces – before opening it, make sure the WLAN interface is down. Do this with the following commands:

sudo ifdown wlan0


sudo nano /etc/network/interfaces

add the following three lines now:

iface wlan0 inet static

address 10.10.10.10

netmask 255.255.255.0

This will make the wireless adapter take the address 10.10.10.10 (or 10.11.10.11 in my case) in our new local network. Remember to comment out the last 3 lines of the file!

#iface wlan0 inet manual

#wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

#iface default inet dhcp

Of course you can also delete these 3 lines. This will result in the same effects. This action concludes the setup of the DHCP server.

Change the file to look like this:

Configuring HostAPD

To configure HostAPD, open the file called /etc/hostapd/hostapd.conf in your favorite text editor. You can open it in nano using this command:

sudo nano /etc/hostapd/hostapd.conf

The standard configuration will create a new wireless network called wifi ( of course you may select all other names allowed) with the password YourPassPhrase. You can change the parameter “ssid=wifi” to the SSID wifi name suiting your needs and the parameter “wpa_passphrase=YourPassPhrase” to your own password.

Here you can change the name of SSID, that will be broadcasted into air.

This concludes the configuration of our access point software HostAPD.

If you dont want to login without any password, take this:

# WPA and WPA2 configuration

macaddr_acl=0

auth_algs=1

ignore_broadcast_ssid=0

#wpa=3

#wpa_passphrase=YourPassPhrase

#wpa_key_mgmt=WPA-PSK

#wpa_pairwise=TKIP

#rsn_pairwise=CCMP

The result of your good work should look like this:

Note: In the above configuration no password has been configured for WiFi login procedure! This may be critical, but depends on your scenario.

SSID is set my me to http://10.10.10.10 because of memotech considerations, regarding the showcase.

Next pic will show you a secured wifi. The passphrase is: 01234567

This is maybe crucial, because there will be NO WARNINGS:

Be sure! If your phassphrase has not a minimum of characters (8) AP will NOT work for you!

[note: hw_mode=g is enough. Will be b/g/n as the result, because /g/n is upset on g :)]!

Next step will be: enabling NAT.

The last step before we can start the access point is setting up Network Address Translation (NAT).

< get more infos about sysctl.conf: http://wiki.manitu.de/index.php/

sysctl net.ipv4.ip_forward=1

/>

Open /etc/sysctl.conf with:

sudo nano /etc/sysctl.conf

Scroll down to the last line of this file and add this line:

net.ipv4.ip_forward=1

Now save and close file in nano editor.

The result of your good work should look like this:

You may control the success of the operation typing:

reloading the configuration

sysctl -p

checking success of operation

sysctl net.ipv4.ip_forward

This should give the right answer:

net.ipv4.ip_forward = 1


Next we have to start the translation right away by running:

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

you may control the effect of your typing

cat /proc/sys/net/ipv4/ip_forward

the answer should be just one number:

1

Start the wireless network now by running:

sudo ifup wlan0

Next step is setting up the actual translation between

---

info purposes only

https://help.ubuntu.com/community/IptablesHowTo 

sudo iptables -L

this command will list your current rules in iptables.

If you have just set up your server, you will have no rules, and you should see this:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

https://www.raspberrypi.org/forums/viewtopic.php?t=99928&p=694848 

deleting ip tables:

iptables -F

iptables -t nat -F

iptables -t mangle -F

Listing the results

iptables -t nat -n -L

We will configure routing now by executing (assuming eth0 is your WAN interface):                                

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT

sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT  

-----

sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

<explanation

To avoid having to configure NAT every time the Raspberry Pi reboots we will do the following.

Run this command to backup the NAT configuration.

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

restart and testing configuration with

sudo /etc/init.d/networking restart

/>

Add the following to the end of the file /etc/network/interfaces to restore the configuration when the network interface comes up:

sudo nano /etc/network/interfaces

up iptables-restore < /etc/iptables.ipv4.nat

The file should now look like this:

Starting our wireless router

You are now ready to start the DHCP server and the HostAPD access point application. You can do so by running:

sudo service isc-dhcp-server start

sudo service hostapd start

as a result of this operations, the blue LED of your EDIMAX should blink again.

At this point you should be able to find your wireless network SID on your gadget and connect to it!

In order to start AP on boot run the following commands:

sudo update-rc.d hostapd enable

sudo update-rc.d isc-dhcp-server enable

--------

<info only

Nach einer Recherche im Internet fand ich heraus, das ich nicht der einzige war, der dieses Problem hatte. In einem Forum stieß ich auf einen Eintrag, dass beim Hochfahren des Systems sich die interfaces und der DHCP- Server in die Quere kommen. Eine konkrete Lösung für das Problem fand ich jedoch nicht, also habe ich als workaround folgendes in der /etc/rc.local vor exit 0 eingetragen.

translation:

 to avoid conflicts between DHCP-server and Interfaces, as reported often, this is a workaround solution

/>

--------

for security purposes add these two lines

before exit 0 in

sudo nano /etc/rc.local

sleep 5

service isc-dhcp-server restart

sleep5

service hostapd restart

(screendump will follow soon)

Now we are finished.

At this point try to reboot the Raspberry Pi 2 B, just to make sure, everything works as intended – you can reboot with the command:

reboot is good :)

sudo reboot

note: pls, allow about 90 - 120 secs to get 100% operational.

Have fun!

+++

COOKING BOOK

Here a short summary of all the commands (cooking book) without any of the comments above in serial order. So if you succeeded once, don’t care about comments, just do the essential work from here!

sudo bash

sudo apt-get update && sudo apt-get upgrade -f && sudo apt-get dist-upgrade

sudo apt-get clean

sudo apt-get autoremove

sudo apt-get install git

sudo wget https://raw.github.com/Hexxeh/rpi-update/master/rpi-update -O /usr/bin/rpi-update && sudo chmod +x /usr/bin/rpi-update

sudo rpi-update

sudo reboot

sudo apt-get install isc-dhcp-server

sudo apt-get autoremove hostapd

sudo wget https://github.com/jenssegers/RTL8188-hostapd/archive/v2.0.tar.gz
tar -zxvf v2.0.tar.gz

cd RTL8188-hostapd-2.0/hostapd

sudo make install

sudo service hostapd restart

sudo nano /etc/dhcp/dhcpd.conf

#option domain-name "example.org";
#option domain-name-servers ns1.example.org, ns2.example.org;

authoritative;

subnet 10.10.10.0 netmask 255.255.255.0

{
range 10.10.10.20 10.10.10.80;
option broadcast-address 10.10.10.255;
option routers 10.10.10.1;
default-lease-time 600;
max-lease-time 7200;
option domain-name "local-network";
option domain-name-servers 8.8.8.8, 8.8.4.4;
}

sudo nano /etc/default/isc-dhcp-server

INTERFACES="wlan0"

sudo nano /etc/network/interfaces

iface wlan0 inet static

 address 10.10.10.10 [ or e.g.: 10.11.10.11 ]

 netmask 255.255.255.0

#iface wlan0 inet manual

#wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

#iface default inet dhcp

sudo nano /etc/sysctl.conf

net.ipv4.ip_forward=1

sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"

sudo ifup wlan0

sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

sudo service isc-dhcp-server start
sudo service hostapd start

sudo update-rc.d hostapd enable
sudo update-rc.d isc-dhcp-server enable

sudo nano /etc/network/interfaces

up iptables-restore < /etc/iptables.ipv4.nat

sudo nano /etc/rc.local

sleep 5

service isc-dhcp-server restart

sleep5

service hostapd restart

sudo reboot

next 2 come

trying to compose a configuration script, that will do all this stuff automagically

wget "..... /make_saap_realtek.sh"

chmod +x make_saap_realtek.sh

sudo ./make_saap_realtek.sh

HOW-To’s / Q&A:

HOW-TO: change SSID?

sudo nano /etc/dhcp/dhcpd.conf

HOW-TO: change/delete SSID - password?

sudo nano /etc/hostapd/hostapd.conf

HOW-TO: change hostname?

“Net-Literature” section:

About standalone APs:

There seem to be only two guys worldwide, who are capable to make deep insights in all those wired and complicated hardware and software processes concerning “WiFi standalone Access-Points” using REALTEK/EDIMAX WiFi-dongles AND are willing to share their very special knowledge with others all around the globe, too.

Most up-to-date seems Mr. Jens Segers from Belgium:

www.jenssegers.be

Second is Mr. Dave Conroy from Boston:

www.daveconroy.com 

Special thanks to those two guys. They both are extraordinary and extremly helpful!

about AP with wlan, not standalone

+++

 /

contact: pimail.project@gmail.com * blog: http://pimail.blogspot.de