This will setup an access point on an Raspberry Pi 4 OS Lite. Ethernet port is connected to the internet, wireless will become an wireless access point and share the internet to any device connected to it.
This tutorial starts from a fresh installed OS lite.
Set Static IP Address
Configure static ip using Dhcpcd method.
sudo nano /etc/dhcpcd.conf
At the bottom, paste this:
interface wlan0
static ip_address=192.168.4.1/24
nohook wpa_supplicant
Save and exit
Install Hostapd
sudo apt-get install hostapd
Stop the hostapd service
sudo service hostapd stop
Open Hostapd configuration file
sudo nano /etc/hostapd/hostapd.conf
Paste this configuration:
interface=wlan0
ssid=RPI4
wpa_passphrase=12345678901
hw_mode=g
ieee80211n=1
channel=6
wmm_enabled=1
ignore_broadcast_ssid=0
auth_algs=1
wpa=2
wpa_key_mgmt=WPA-PSK
rsn_pairwise=CCMP
Save and exit
To apply the configuration we made:
sudo nano /etc/default/hostapd
Find #DAEMON_CONF, below this line, paste this:
DAEMON_CONF="/etc/hostapd/hostapd.conf"
Enable the wireless access point
sudo systemctl unmask hostapd
sudo systemctl enable hostapd
Activate IPv4 forwarding
sudo nano /etc/sysctl.conf
Un-comment #net.ipv4.ip_foward=1
net.ipv4.ip_forward=1
Save and exit
Run this code:
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
Install Dnsmasq
We will install DHCP server
sudo apt install dnsmasq
Stop Dnsmasq service
systemctl stop dnsmasq
Backup the default configuration
sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig
Create your own configuration:
sudo nano /etc/dnsmasq.conf
Paste this:
interface=wlan0
dhcp-range=192.168.4.2,192.168.4.50,255.255.255.0,24h
domain=wlan
address=/gw.wlan/192.168.4.1
Exit and save.
Setting up the Firewall
Change the firewall rules
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
Check the iptables to see the changes made
sudo iptables -L -n -v
Save the rules
sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"
Making this rule to load automatically every system reboot.
sudo nano /etc/rc.local
Paste this code before “exit 0”
iptables-restore < /etc/iptables.ipv4.nat
Enable the service and start
systemctl enable dnsmasq
systemctl start dnsmasq
systemctl status dnsmasq
Optional:
sudo reboot
You can now see a Hotspot named RPI4. Please connect a device to the hostpot. If you can browse a website, then congratulation, you just installed a Hostpot on a Raspberry Pi 4.