Ubuntu/Bespin/Second AP Tunnel: Difference between revisions

From charlesreid1
Line 28: Line 28:
Modify the hostapd configuration file to define a second access point.
Modify the hostapd configuration file to define a second access point.


You will also need to specify a mac address for the access point to use. Just bump the last octet by one.
You will also need to specify a mac address for the access point to use.
 
Specify the real mac address for the first LAN. Bump the last octet by one and list that as the mac address of the second LAN.


<code>/etc/hostapd/hostapd.conf</code>
<code>/etc/hostapd/hostapd.conf</code>

Revision as of 21:26, 8 July 2020

Main article: Ubuntu/Bespin

Old version (ended in failure): Ubuntu/Bespin/Second AP Tunnel/Fail

This page contains instructions for modifying the existing Access Point-to-VPN tunnel to include multiple access points and multiple tunnels, with each access point going through a different tunnel.

Overview of Setup

Recall that our existing setup is as follows:

  • One hostapd process running a single AP
  • One VPN tunnel to PIA servers, tun1
  • One access point to serve clients, wlan1
  • Iptables rules to forward traffic from wlan1 to tun1 and vice-versa
  • dnsmasq running DHCP and DNS for the access point on 127.0.0.1:53

The modifications we will make are as follows:

  • Update the hostapd file so it will run two APs
  • Open second VPN tunnel to different PIA servers, tun2
  • One access point to serve clients, wlan2
  • Iptables rules to forward traffic from wlan2 to tun2 and vice-versa
  • dnsmasq will do DHCP and DNS for BOTH access points


Hostapd Config Modifications

Modify the hostapd configuration file to define a second access point.

You will also need to specify a mac address for the access point to use.

Specify the real mac address for the first LAN. Bump the last octet by one and list that as the mac address of the second LAN.

/etc/hostapd/hostapd.conf 

interface=wlan1
driver=nl80211
hw_mode=g
channel=1
macaddr_acl=0
ignore_broadcast_ssid=0

# First LAN
ssid=YOURNETWORKNAMEHERE
auth_algs=1
wpa=3
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
wpa_passphrase=YOURPASSPHRASEHERE
bssid=00:11:22:33:44:55:66

# Second LAN
bss=wlan1:0
ssid=YOURNETWORKNAMEHERE
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
wpa_passphrase=YOURPASSPHRASEHERE
bssid=00:11:22:33:44:55:67

Network Interface Modifications

Modify the wlan1 stanza of /etc/network/interfaces so that the new wireless device that will be created by hostapd will have a static IP address. We assign it the range 192.168.30.0/24 (LAN30 = 192.168.30.*)

It should look like the following: 


allow-hotplug wlan1 wlan1:0
iface wlan1 inet static
    address 192.168.10.1
    netmask 255.255.255.0
    gateway 192.168.10.1
iface wlan1:0 inet static
    address 192.168.30.1
    netmask 255.255.255.0
    gateway 192.168.30.1
Retrieved from "https://charlesreid1.com/w/index.php?title=Ubuntu/Bespin/Second_AP_Tunnel&oldid=28147"