Raspberry Pi is great to create Secure Wireless Access Points but it
doesn’t have a good range, I used a TP Link WN7200ND USB Wireless Adapter to extend it. I want to share how to do it
Why do I want to use a raspberry pi instead of a router?
The answer is really simple, SECURITY. Router manufacturers just want to sell devices, they don’t care if there is a security flaw that will affect you. You raspberry pi will be up to date with the latest security patches.
Teachers! Did you use this instructable in your classroom?
Add a Teacher Note to share how you incorporated it into your lesson.
Step 1: Install Raspbian Stretch Lite Image on a SD Card
Connect the TP Link WN7200ND Adapter to any of the USB ports, make sure that the power supply provides enough current. A power supply that provides 1 Ampere should be enough. The interface will be wlan1, internal R Pi Wifi adapter is wlan0.
Step 2: Edit DHCP Configuration
We don’t need a dynamic IP for the WN7200ND adapter so we need to change
the configuration file of dhcpd. Use a text editor edit the configuration file /etc/dhcpcd.conf and add the following line
Now we need to restart the DHCP service by using the command
sudo service dhcpcd restart
Step 3: Setup the Network Interfaces
Ethernet port eth0 will work normally (It will get a dynamic IP address when you connect it), but we need to setup a Bridge interface br0 that bridges the TP Link adapter wlan1 and Ethernet port eth0. Install bridge utils with the following command
sudo apt-get install bridge-utils
Setup the interfaces by creating a new text file /etc/network/interfaces.d/ap with the following text:
allow-hotplug eth0 iface eth0 inet manual auto wlan1 allow-hotplug wlan1 iface wlan1 inet manual pre-up service hostapd start post-up brctl addif br0 wlan1 auto br0 iface br0 inet dhcp bridge_ports eth0 wlan1
Step 4: Install and Setup Hostapd
Hostapd implements the wireless access Point. Install it with the following command
sudo apt-get install hostapd
To setup the access point we need to setup hostapd. Create a new text file /etc/hostapd/hostapd.conf with the following text:
interface=wlan1 #wlan is WN7200ND adapter
driver=nl80211 # this is the driver required by WN7200ND hw_mode=g # g means 2.4GHz band channel=11 # this is the channel we will use, you can select any channel between 1 and 13 ieee80211n=1 # limit frequencies to the ones allowed in your country wmm_enabled=1 # ht_capab=[HT40][SHORT-GI-20] # setup the capabilities of WN7200ND macaddr_acl=0 # comment this line to limit devices that can connect #macaddr_acl=1 # uncomment this to limit devices that can connect #accept_mac_file=/etc/hostapd/accept # this file has the list of mac addresses of the devices that hostapd will accept ignore_broadcast_ssid=0 # will broadcast SSID # Use WPA2 auth_algs=1 wpa=2 # USE WPA v2 only wpa_key_mgmt=WPA-PSK rsn_pairwise=CCMP ssid=MyNetwork # use the name of your network wpa_passphrase=MyUniquePassword # the passphrase for your network
To limit devices that will connect to the Access Point create the file /etc/hostapd/accept and enter the list of mac addresses like the following:
14:1a:93:eb:31:55 #mac address of your device
To load the configuration file when hostapd starts edit the file /etc/default/hostapd, uncomment DAEMON_CONF line and change it to
Step 5: Enable IP Forwarding
We need to enable IP forwarding for the bridge to work propery. To enable it edit edit the file /etc/sysctl.conf and uncomment the line net.ipv4.ip_forward=1
Step 6: Install and Setup DHCP Relay
To complete the setup and have all the devices on the same network (it
is a good idea to have everything on the same network if you want to use Chromecast or send videos to youtube on your smart TV). To send DHCP requests to ISP router we need to install isc dhcp relay and setup Pi to send requests to that server. To install it use the following command:
sudo apt-get install isc-dhcp-relay
Enter the Router IP on the relay server configuration
To check if everything is setup correctly you can run the command
sudo hostapd /etc/hostapd/hostapd.conf
After connect successfully to the new Access Point you can reboot