Ubuntu/Bespin/Second AP Tunnel: Difference between revisions

Old version (ended in failure): Ubuntu/Bespin/Second AP Tunnel/Fail

This page contains instructions for modifying the existing Access Point-to-VPN tunnel to include multiple access points and multiple tunnels, with each access point going through a different tunnel.

Overview of Setup

Recall that our existing setup is as follows:

• One hostapd process running a single AP
• One VPN tunnel to PIA servers, tun1
• One access point to serve clients, wlan1
• Iptables rules to forward traffic from wlan1 to tun1 and vice-versa
• dnsmasq running DHCP and DNS for the access point on 127.0.0.1:53

The modifications we will make are as follows:

• Update the hostapd file so it will run two APs
• Open second VPN tunnel to different PIA servers, tun2
• One access point to serve clients, wlan2
• Iptables rules to forward traffic from wlan2 to tun2 and vice-versa
• dnsmasq will do DHCP and DNS for BOTH access points

Hostapd Configuration

Modify the hostapd configuration file to define a second access point.

You will also need to specify a mac address for the access point to use. Just bump the last octet by one.

/etc/hostapd/hostapd.conf

interface=wlan1
driver=nl80211
hw_mode=g
channel=1
macaddr_acl=0
ignore_broadcast_ssid=0

# First LAN
ssid=YOURNETWORKNAMEHERE
auth_algs=1
wpa=3
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
wpa_passphrase=YOURPASSPHRASEHERE
bssid=00:11:22:33:44:55:66

# Second LAN
bss=wlan1:0
ssid=YOURNETWORKNAMEHERE
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP
wpa_passphrase=YOURPASSPHRASEHERE
bssid=00:11:22:33:44:55:67