Recently my cable modem refused to connect to my provider, stating “Connection Refused”. The provider (UPC Austria) stated, that they have to come to my place and make some measurements. But this will be in one week…. WTF?? One week without internet? No way!
Fortunately, my provider offers a service, that every router provides two networks, a private one for the single customer, and a free network for all customers of UPC. This “UPC Wi-Free” was also available from some neighbours of mine.
It would be easy to connect all of my PCs to the network, but this is not enough for me. I needed a better solution. Also the PC of my girlfriend refused to connect to this network, my big PC has no WiFi and the server for sure not. Also the chromecast and the firestick…. no I will not configure all devices to configure them later again!
My previous setup included the router from my provider connected to my own router, a Fritz Box. All my devices are then behind the Fritz Box. So the only thing I had to change was to replace the UPC router with my Raspberry PI.
My starting point was the following:
- Raspberry PI 2B
- Alfa AWUS036H Wifi Adapter
- a network cable 🙂
First I powered up the Raspberry and was curious what I had done with this firmware before. Apparently, I used it before for some photographing stuff… 🙂 Anyway, first the Debian needed to be updated from 7 (wheezy) to 8 (jessie).
First we make sure the current system is up to date:
sudo apt-get update
sudo apt-get upgrade
Then we edit
/etc/apt/sources.list and replace
wheezy with
jessie
deb http://mirrordirector.raspbian.org/raspbian/ jessie main contrib non-free rpi
Then the upgrade:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
This took a while, the raspi is not a fast gaming machine… After the upgrade, I configured the WiFi adapter to work with the UPC Wi-Free. For this the
wpa_supplicant and the the network interfaces have to be configured:
The following content belongs to /etc/wpa_supplicant/wpa_supplicant.conf:
network={
ssid="UPC Wi-Free"
scan_ssid=1
key_mgmt=WPA-EAP
eap=PEAP
identity="your@e.mail"
password="password"
phase1="peaplabel=0"
phase2="auth=MSCHAPV2"
}
And this belongs to
/etc/network/interfaces:
auto lo
iface lo inet loopback
# give the ethernet a static ip for acting as DHCP Server
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
dns-nameservers 8.8.8.8
# configure the WiFi interface and enable auto start
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
You can use different IPs for sure and also you can specify any other DNS than Googles
8.8.8.8. Now we restart the network service and test the connection:
sudo service networking restart
ping google.de
PING google.de (173.194.116.111) 56(84) bytes of data.
64 bytes from fra02s27-in-f15.1e100.net (173.194.116.111): icmp_seq=1 ttl=55 time=23.2 ms
64 bytes from fra02s27-in-f15.1e100.net (173.194.116.111): icmp_seq=2 ttl=55 time=35.2 ms
64 bytes from fra02s27-in-f15.1e100.net (173.194.116.111): icmp_seq=3 ttl=55 time=30.6 ms
The Ethernet interface need a static IP in order to serve DHCP. For this we need also a DHCP server installed on the raspi. We achieve this with the ISC DHCP Server.
sudo apt-get install isc-dhcp-server
We need then to configure the server with a really basic configuration. The configuration is done by editing the file
/etc/dhcp/dhcpd.conf.
default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.201 192.168.1.250;
option routers 192.168.1.1;
}
Basically the set here some lease times for the server, with
authoritative we tell the server that he will server this range alone. Later we define a small subnet. The
“option routers” is important, because here the DHCP server will tell clients that he will also serve requests later as the gateway.
Now we can start the server:
sudo service isc-dhcp-server restart
Now we can connect the router and we will see that the raspi serves with an IP address. Now we have to connect both interfaces. In my case the interfaces have the names
eth0 and
wlan0. We use iptables for this:
/sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
/sbin/iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT
This is only temporary so we have to make the rules persist. The easy way here is with the package
iptables-persistent:
sudo apt-get install iptables-persistent
During the installation you will be asked to save the current rules, answer with yes and the installer will save the rules to
/etc/iptables/rules.v4:
# Generated by iptables-save v1.4.21 on Tue Jan 5 19:22:29 2016
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o wlan0 -j MASQUERADE
COMMIT
# Completed on Tue Jan 5 19:22:29 2016
# Generated by iptables-save v1.4.21 on Tue Jan 5 19:22:29 2016
*filter
:INPUT ACCEPT [1:52]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:152]
-A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o wlan0 -j ACCEPT
COMMIT
# Completed on Tue Jan 5 19:22:29 2016
Now you have to activate also the ipv4 forwarding by executing the following line:
sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
And you are done!
Update:
THX to the users u/ZoLustIkErNogWelEen and u/Q3_benji who pointed out I forgot to write down the steps with the sources.list and the activation of the ipV4 forwarding!
Update2:
THX to Rob who showed me a mistake in the post!