[script] create_ap: Create a NATed or Bridged WiFi Access Point

This script use hostapd + dnsmasq + iptables to create a NATed Access Point OR hostapd + brctl + dhclient to create a bridged Access Point.
The default behavior is a NATed Access Point.
updated script will be here: https://github.com/oblique/create_ap and http://git.2f30.org/create_ap/
Examples
No passphrase (open network):
./create_ap wlan0 eth0 MyAccessPoint
OR
echo -e "MyAccessPoint" | ./create_ap wlan0 eth0
WPA + WPA2 passphrase:
./create_ap wlan0 eth0 MyAccessPoint MyPassPhrase
OR
echo -e "MyAccessPoint\nMyPassPhrase" | ./create_ap wlan0 eth0
AP without Internet sharing:
./create_ap -n wlan0 MyAccessPoint MyPassPhrase
Bridged Internet sharing:
./create_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase
Internet sharing from the same WiFi interface:
./create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase
Usage
Usage: create_ap [options] <wifi-interface> [<interface-with-internet>] [<access-point-name> [<passphrase>]]
Options:
-h, --help Show this help
-c <channel> Channel number (default: 1)
-w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)
-n Disable Internet sharing (if you use this, don't pass
the <interface-with-internet> argument)
-m <method> Method for Internet sharing.
Use: 'nat' for NAT (default)
'bridge' for bridging
'none' for no Internet sharing (equivalent to -n)
--hidden Make the Access Point hidden (do not broadcast the SSID)
--ieee80211n Enable IEEE 802.11n (HT)
--ht_capab <HT> HT capabilities (default: [HT40+])
--driver Choose your WiFi adapter driver (default: nl80211)
--no-virt Do not create virtual interface
Non-Bridging Options:
-g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)
-d DNS server will take into account /etc/hosts
Useful informations:
* If you're not using the --no-virt option, then you can create an AP with the same
interface you are getting your Internet connection.
* You can pass your SSID and password through pipe or through arguments (see examples).
Examples:
create_ap wlan0 eth0 MyAccessPoint MyPassPhrase
echo -e 'MyAccessPoint\nMyPassPhrase' | create_ap wlan0 eth0
create_ap wlan0 eth0 MyAccessPoint
echo 'MyAccessPoint' | create_ap wlan0 eth0
create_ap wlan0 wlan0 MyAccessPoint MyPassPhrase
create_ap -n wlan0 MyAccessPoint MyPassPhrase
create_ap -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase
create_ap --driver rtl871xdrv wlan0 eth0 MyAccessPoint MyPassPhrase
Code
#!/bin/bash
# general dependencies:
# bash (to run this script)
# util-linux (for getopt)
# hostapd
# iproute2
# iw
# iwconfig (you only need this if 'iw' can not recognize your adapter)
# haveged (optional)
# dependencies for 'nat' or 'none' Internet sharing method
# dnsmasq
# iptables
# dependencies for 'bridge' Internet sharing method
# bridge-utils
usage() {
echo "Usage: $(basename $0) [options] <wifi-interface> [<interface-with-internet>] [<access-point-name> [<passphrase>]]"
echo
echo "Options:"
echo " -h, --help Show this help"
echo " -c <channel> Channel number (default: 1)"
echo " -w <WPA version> Use 1 for WPA, use 2 for WPA2, use 1+2 for both (default: 1+2)"
echo " -n Disable Internet sharing (if you use this, don't pass"
echo " the <interface-with-internet> argument)"
echo " -m <method> Method for Internet sharing."
echo " Use: 'nat' for NAT (default)"
echo " 'bridge' for bridging"
echo " 'none' for no Internet sharing (equivalent to -n)"
echo " --hidden Make the Access Point hidden (do not broadcast the SSID)"
echo " --ieee80211n Enable IEEE 802.11n (HT)"
echo " --ht_capab <HT> HT capabilities (default: [HT40+])"
echo " --driver Choose your WiFi adapter driver (default: nl80211)"
echo " --no-virt Do not create virtual interface"
echo
echo "Non-Bridging Options:"
echo " -g <gateway> IPv4 Gateway for the Access Point (default: 192.168.12.1)"
echo " -d DNS server will take into account /etc/hosts"
echo
echo "Useful informations:"
echo " * If you're not using the --no-virt option, then you can create an AP with the same"
echo " interface you are getting your Internet connection."
echo " * You can pass your SSID and password through pipe or through arguments (see examples)."
echo
echo "Examples:"
echo " $(basename $0) wlan0 eth0 MyAccessPoint MyPassPhrase"
echo " echo -e 'MyAccessPoint\nMyPassPhrase' | $(basename $0) wlan0 eth0"
echo " $(basename $0) wlan0 eth0 MyAccessPoint"
echo " echo 'MyAccessPoint' | $(basename $0) wlan0 eth0"
echo " $(basename $0) wlan0 wlan0 MyAccessPoint MyPassPhrase"
echo " $(basename $0) -n wlan0 MyAccessPoint MyPassPhrase"
echo " $(basename $0) -m bridge wlan0 eth0 MyAccessPoint MyPassPhrase"
echo " $(basename $0) --driver rtl871xdrv wlan0 eth0 MyAccessPoint MyPassPhrase"
# it takes 2 arguments
# returns:
# 0 if v1 (1st argument) and v2 (2nd argument) are the same
# 1 if v1 is less than v2
# 2 if v1 is greater than v2
version_cmp() {
[[ ! $1 =~ ^[0-9]+(\.[0-9]+)*$ ]] && die "Wrong version format!"
[[ ! $2 =~ ^[0-9]+(\.[0-9]+)*$ ]] && die "Wrong version format!"
V1=( $(echo $1 | tr '.' ' ') )
V2=( $(echo $2 | tr '.' ' ') )
VN=${#V1[@]}
[[ $VN -lt ${#V2[@]} ]] && VN=${#V2[@]}
for ((x = 0; x < $VN; x++)); do
[[ ${V1[x]} -lt ${V2[x]} ]] && return 1
[[ ${V1[x]} -gt ${V2[x]} ]] && return 2
done
return 0
USE_IWCONFIG=0
is_wifi_interface() {
which iw > /dev/null 2>&1 && iw dev $1 info > /dev/null 2>&1 && return 0
if which iwconfig > /dev/null 2>&1 && iwconfig $1 > /dev/null 2>&1; then
USE_IWCONFIG=1
return 0
fi
return 1
get_phy_device() {
for x in /sys/class/ieee80211/*; do
[[ ! -d "$x" ]] && continue
if [[ "${x##*/}" = "$1" ]]; then
echo $1
return 0
elif [[ -e "$x/device/net/$1" ]]; then
echo ${x##*/}
return 0
elif [[ -e "$x/device/net:$1" ]]; then
echo ${x##*/}
return 0
fi
done
echo "Failed to get phy interface" >&2
return 1
get_adapter_info() {
PHY=$(get_phy_device "$1")
[[ $? -ne 0 ]] && return 1
iw phy $PHY info
can_have_sta_and_ap() {
# iwconfig does not provide this information, assume false
[[ $USE_IWCONFIG -eq 1 ]] && return 1
get_adapter_info "$1" | grep -E '{.* managed.* AP.*}' > /dev/null 2>&1 && return 0
get_adapter_info "$1" | grep -E '{.* AP.* managed.*}' > /dev/null 2>&1 && return 0
return 1
can_have_ap() {
# iwconfig does not provide this information, assume true
[[ $USE_IWCONFIG -eq 1 ]] && return 0
get_adapter_info "$1" | grep -E '\* AP$' > /dev/null 2>&1 && return 0
return 1
can_transmit_to_channel() {
IFACE=$1
CHANNEL=$2
if [[ $USE_IWCONFIG -eq 0 ]]; then
CHANNEL_INFO=$(get_adapter_info ${IFACE} | grep "MHz \[${CHANNEL}\]")
[[ -z "${CHANNEL_INFO}" ]] && return 1
[[ "${CHANNEL_INFO}" == *no\ IR* ]] && return 1
[[ "${CHANNEL_INFO}" == *disabled* ]] && return 1
return 0
else
CHANNEL=$(printf '%02d' ${CHANNEL})
CHANNEL_INFO=$(iwlist ${IFACE} channel | grep "Channel ${CHANNEL} :")
[[ -z "${CHANNEL_INFO}" ]] && return 1
return 0
fi
is_wifi_connected() {
if [[ $USE_IWCONFIG -eq 0 ]]; then
iw dev "$1" link 2>&1 | grep -E '^Connected to' > /dev/null 2>&1 && return 0
else
iwconfig "$1" 2>&1 | grep -E 'Access Point: [0-9a-fA-F]{2}:' > /dev/null 2>&1 && return 0
fi
return 1
get_macaddr() {
ip link show "$1" | grep ether | grep -Eo '([0-9a-f]{2}:){5}[0-9a-f]{2}[[:space:]]' | tr -d '[[:space:]]'
get_avail_bridge() {
for i in {0..100}; do
curr_bridge=$(brctl show | grep "br$i" | cut -s -f1)
if [[ -z $curr_bridge ]]; then
echo "br$i"
return
fi
done
get_new_macaddr() {
OLDMAC=$(get_macaddr "$1")
for i in {20..255}; do
NEWMAC="${OLDMAC%:*}:$(printf %02x $i)"
(ip link | grep "ether ${NEWMAC}" > /dev/null 2>&1) || break
done
echo $NEWMAC
ADDED_UNMANAGED=0
NETWORKMANAGER_CONF=/etc/NetworkManager/NetworkManager.conf
NM_OLDER_VERSION=1
networkmanager_exists() {
which nmcli > /dev/null 2>&1 || return 1
NM_VER=$(nmcli -v | grep -m1 -oE '[0-9]+(\.[0-9]+)*\.[0-9]+')
version_cmp $NM_VER 0.9.10
if [[ $? -eq 1 ]]; then
NM_OLDER_VERSION=1
else
NM_OLDER_VERSION=0
fi
return 0
networkmanager_is_running() {
networkmanager_exists || return 1
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
NMCLI_OUT=$(nmcli -t -f RUNNING nm)
else
NMCLI_OUT=$(nmcli -t -f RUNNING g)
fi
[[ "$NMCLI_OUT" == "running" ]]
networkmanager_iface_is_unmanaged() {
nmcli -t -f DEVICE,STATE d | grep -E "^$1:unmanaged$" > /dev/null 2>&1
ADDED_UNMANAGED=
networkmanager_add_unmanaged() {
networkmanager_exists || return 1
[[ -d ${NETWORKMANAGER_CONF%/*} ]] || mkdir -p ${NETWORKMANAGER_CONF%/*}
[[ -f ${NETWORKMANAGER_CONF} ]] || touch ${NETWORKMANAGER_CONF}
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
if [[ -z "$2" ]]; then
MAC=$(get_macaddr "$1")
else
MAC="$2"
fi
[[ -z "$MAC" ]] && return 1
fi
UNMANAGED=$(grep -m1 -Eo '^unmanaged-devices=[[:alnum:]:;,-]*' /etc/NetworkManager/NetworkManager.conf | sed 's/unmanaged-devices=//' | tr ';,' ' ')
WAS_EMPTY=0
[[ -z "$UNMANAGED" ]] && WAS_EMPTY=1
for x in $UNMANAGED; do
[[ $x == "mac:${MAC}" ]] && return 2
[[ $NM_OLDER_VERSION -eq 0 && $x == "interface-name:${1}" ]] && return 2
done
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
UNMANAGED="${UNMANAGED} mac:${MAC}"
else
UNMANAGED="${UNMANAGED} interface-name:${1}"
fi
UNMANAGED=$(echo $UNMANAGED | sed -e 's/^ //')
UNMANAGED="${UNMANAGED// /;}"
UNMANAGED="unmanaged-devices=${UNMANAGED}"
if ! grep -E '^\[keyfile\]' ${NETWORKMANAGER_CONF} > /dev/null 2>&1; then
echo -e "\n\n[keyfile]\n${UNMANAGED}" >> ${NETWORKMANAGER_CONF}
elif [[ $WAS_EMPTY -eq 1 ]]; then
sed -e "s/^\(\[keyfile\].*\)$/\1\n${UNMANAGED}/" -i ${NETWORKMANAGER_CONF}
else
sed -e "s/^unmanaged-devices=.*/${UNMANAGED}/" -i ${NETWORKMANAGER_CONF}
fi
ADDED_UNMANAGED="${ADDED_UNMANAGED} ${1} "
return 0
networkmanager_rm_unmanaged() {
networkmanager_exists || return 1
[[ ! -f ${NETWORKMANAGER_CONF} ]] && return 1
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
if [[ -z "$2" ]]; then
MAC=$(get_macaddr "$1")
else
MAC="$2"
fi
[[ -z "$MAC" ]] && return 1
fi
UNMANAGED=$(grep -m1 -Eo '^unmanaged-devices=[[:alnum:]:;,-]*' /etc/NetworkManager/NetworkManager.conf | sed 's/unmanaged-devices=//' | tr ';,' ' ')
[[ -z "$UNMANAGED" ]] && return 1
[[ -n "$MAC" ]] && UNMANAGED=$(echo $UNMANAGED | sed -e "s/mac:${MAC}\( \|$\)//g")
UNMANAGED=$(echo $UNMANAGED | sed -e "s/interface-name:${1}\( \|$\)//g")
UNMANAGED=$(echo $UNMANAGED | sed -e 's/ $//')
if [[ -z "$UNMANAGED" ]]; then
sed -e "/^unmanaged-devices=.*/d" -i ${NETWORKMANAGER_CONF}
else
UNMANAGED="${UNMANAGED// /;}"
UNMANAGED="unmanaged-devices=${UNMANAGED}"
sed -e "s/^unmanaged-devices=.*/${UNMANAGED}/" -i ${NETWORKMANAGER_CONF}
fi
ADDED_UNMANAGED="${ADDED_UNMANAGED/ ${1} /}"
return 0
networkmanager_rm_unmanaged_if_needed() {
[[ $ADDED_UNMANAGED =~ .*\ ${1}\ .* ]] && networkmanager_rm_unmanaged ${1}
networkmanager_wait_until_unmanaged() {
networkmanager_is_running || return 1
while ! networkmanager_iface_is_unmanaged "$1"; do
sleep 1
done
sleep 2
return 0
CHANNEL=1
GATEWAY=192.168.12.1
WPA_VERSION=1+2
ETC_HOSTS=0
HIDDEN=0
SHARE_METHOD=nat
IEEE80211N=0
HT_CAPAB='[HT40+]'
DRIVER=nl80211
NO_VIRT=0
CONFDIR=
WIFI_IFACE=
VWIFI_IFACE=
INTERNET_IFACE=
BRIDGE_IFACE=
OLD_IP_FORWARD=
OLD_BRIDGE_IPTABLES=
OLD_MACADDR=
cleanup() {
trap "" SIGINT
echo
echo "Doing cleanup..."
# exiting
for x in $CONFDIR/*.pid; do
# even if the $CONFDIR is empty, the for loop will assign
# a value in $x. so we need to check if the value is a file
[[ -f $x ]] && kill -9 $(cat $x)
done
rm -rf $CONFDIR
if [[ "$SHARE_METHOD" != "none" ]]; then
if [[ "$SHARE_METHOD" == "nat" ]]; then
iptables -t nat -D POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE > /dev/null 2>&1
iptables -D FORWARD -i ${WIFI_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT > /dev/null 2>&1
iptables -D FORWARD -i ${INTERNET_IFACE} -d ${GATEWAY%.*}.0/24 -j ACCEPT > /dev/null 2>&1
[[ -n $OLD_IP_FORWARD ]] && echo $OLD_IP_FORWARD > /proc/sys/net/ipv4/ip_forward
elif [[ "$SHARE_METHOD" == "bridge" ]]; then
ip link set down $BRIDGE_IFACE
brctl delbr $BRIDGE_IFACE
[[ -n $OLD_BRIDGE_IPTABLES ]] && echo $OLD_BRIDGE_IPTABLES > /proc/sys/net/bridge/bridge-nf-call-iptables
fi
fi
if [[ "$SHARE_METHOD" != "bridge" ]]; then
iptables -D INPUT -p tcp -m tcp --dport 53 -j ACCEPT > /dev/null 2>&1
iptables -D INPUT -p udp -m udp --dport 53 -j ACCEPT > /dev/null 2>&1
iptables -D INPUT -p udp -m udp --dport 67 -j ACCEPT > /dev/null 2>&1
fi
if [[ $NO_VIRT -eq 0 ]]; then
if [[ -n $VWIFI_IFACE ]]; then
ip link set down dev ${VWIFI_IFACE}
ip addr flush ${VWIFI_IFACE}
networkmanager_rm_unmanaged_if_needed ${VWIFI_IFACE} ${OLD_MACADDR}
iw dev ${VWIFI_IFACE} del
fi
else
ip link set down dev ${WIFI_IFACE}
ip addr flush ${WIFI_IFACE}
networkmanager_rm_unmanaged_if_needed ${WIFI_IFACE}
fi
die() {
[[ -n "$1" ]] && echo -e "\nERROR: $1\n" >&2
cleanup
exit 1
clean_exit() {
cleanup
exit 0
# if the user press ctrl+c then execute die()
trap "die" SIGINT
ARGS=$(getopt -o hc:w:g:dnm: -l "help","hidden","ieee80211n","ht_capab:","driver:","no-virt" -n $(basename $0) -- "$@")
[[ $? -ne 0 ]] && exit 1
eval set -- "$ARGS"
while :; do
case "$1" in
-h|--help)
usage >&2
exit 1
--hidden)
shift
HIDDEN=1
-c)
shift
CHANNEL="$1"
shift
-w)
shift
WPA_VERSION="$1"
shift
-g)
shift
GATEWAY="$1"
shift
-d)
shift
ETC_HOSTS=1
-n)
shift
SHARE_METHOD=none
-m)
shift
SHARE_METHOD="$1"
shift
--ieee80211n)
shift
IEEE80211N=1
--ht_capab)
shift
HT_CAPAB="$1"
shift
--driver)
shift
DRIVER="$1"
shift
--no-virt)
shift
NO_VIRT=1
shift
break
esac
done
if [[ $# -lt 1 ]]; then
usage >&2
exit 1
fi
if [[ $(id -u) -ne 0 ]]; then
echo "You must run it as root." >&2
exit 1
fi
WIFI_IFACE=$1
if ! is_wifi_interface ${WIFI_IFACE}; then
echo "ERROR: '${WIFI_IFACE}' is not a WiFi interface" >&2
exit 1
fi
if ! can_have_ap ${WIFI_IFACE}; then
echo "ERROR: Your adapter does not support AP (master) mode" >&2
exit 1
fi
if ! can_have_sta_and_ap ${WIFI_IFACE}; then
if is_wifi_connected ${WIFI_IFACE}; then
echo "ERROR: Your adapter can not be connected to an AP and at the same time transmit as an AP" >&2
exit 1
elif [[ $NO_VIRT -eq 0 ]]; then
echo "WARN: Your adapter does not fully support AP virtual interface, enabling --no-virt" >&2
NO_VIRT=1
fi
fi
if [[ "$SHARE_METHOD" != "nat" && "$SHARE_METHOD" != "bridge" && "$SHARE_METHOD" != "none" ]]; then
echo "ERROR: Wrong Internet sharing method" >&2
echo
usage >&2
exit 1
fi
if [[ "$SHARE_METHOD" == "bridge" ]]; then
OLD_BRIDGE_IPTABLES=$(cat /proc/sys/net/bridge/bridge-nf-call-iptables)
BRIDGE_IFACE=$(get_avail_bridge)
if [[ -z $BRIDGE_IFACE ]]; then
echo "ERROR: No availabe bridges < br100" >&2
exit 1
fi
elif [[ "$SHARE_METHOD" == "nat" ]]; then
OLD_IP_FORWARD=$(cat /proc/sys/net/ipv4/ip_forward)
fi
if [[ "$SHARE_METHOD" != "none" ]]; then
MIN_REQUIRED_ARGS=2
else
MIN_REQUIRED_ARGS=1
fi
if [[ $# -gt $MIN_REQUIRED_ARGS ]]; then
if [[ "$SHARE_METHOD" != "none" ]]; then
if [[ $# -ne 3 && $# -ne 4 ]]; then
usage >&2
exit 1
fi
INTERNET_IFACE=$2
SSID=$3
PASSPHRASE=$4
else
if [[ $# -ne 2 && $# -ne 3 ]]; then
usage >&2
exit 1
fi
SSID=$2
PASSPHRASE=$3
fi
else
if [[ "$SHARE_METHOD" != "none" ]]; then
if [[ $# -ne 2 ]]; then
usage >&2
exit 1
fi
INTERNET_IFACE=$2
fi
if tty -s; then
read -p "SSID: " SSID
while :; do
read -p "Passphrase: " -s PASSPHRASE
echo
read -p "Retype passphrase: " -s PASSPHRASE2
echo
if [[ "$PASSPHRASE" != "$PASSPHRASE2" ]]; then
echo "Passphrases do not match."
else
break
fi
done
else
read SSID
read PASSPHRASE
fi
fi
if [[ $NO_VIRT -eq 1 && "$WIFI_IFACE" == "$INTERNET_IFACE" ]]; then
echo -n "ERROR: You can not share your connection from the same" >&2
echo " interface if you are using --no-virt option." >&2
exit 1
fi
CONFDIR=$(mktemp -d /tmp/create_ap.${WIFI_IFACE}.conf.XXXXXXXX)
echo "Config dir: $CONFDIR"
if [[ $NO_VIRT -eq 0 ]]; then
VWIFI_IFACE=${WIFI_IFACE}ap
# in NetworkManager 0.9.10 and above we can set the interface as unmanaged without
# the need of MAC address, so we set it before we create the virtual interface.
if networkmanager_is_running && [[ $NM_OLDER_VERSION -eq 0 ]]; then
echo -n "Network Manager found, set $1 as unmanaged device... "
networkmanager_add_unmanaged ${VWIFI_IFACE}
# do not call networkmanager_wait_until_unmanaged because interface does not
# exist yet
echo "DONE"
fi
WIFI_IFACE_CHANNEL=$(iw dev ${WIFI_IFACE} info | grep channel | awk '{print $2}')
if [[ -n $WIFI_IFACE_CHANNEL && $WIFI_IFACE_CHANNEL -ne $CHANNEL ]]; then
echo "hostapd will fail to use channel $CHANNEL because $WIFI_IFACE is already set to channel $WIFI_IFACE_CHANNEL, fallback to channel $WIFI_IFACE_CHANNEL."
CHANNEL=$WIFI_IFACE_CHANNEL
fi
VIRTDIEMSG="Maybe your WiFi adapter does not fully support virtual interfaces.
Try again with --no-virt."
echo -n "Creating a virtual WiFi interface... "
iw dev ${VWIFI_IFACE} del > /dev/null 2>&1
if iw dev ${WIFI_IFACE} interface add ${VWIFI_IFACE} type __ap; then
# now we can call networkmanager_wait_until_unmanaged
networkmanager_is_running && [[ $NM_OLDER_VERSION -eq 0 ]] && networkmanager_wait_until_unmanaged ${VWIFI_IFACE}
echo "${VWIFI_IFACE} created."
else
VWIFI_IFACE=
die "$VIRTDIEMSG"
fi
OLD_MACADDR=$(get_macaddr ${VWIFI_IFACE})
[[ ${OLD_MACADDR} == $(get_macaddr ${WIFI_IFACE}) ]] && NEW_MACADDR=$(get_new_macaddr ${VWIFI_IFACE})
WIFI_IFACE=${VWIFI_IFACE}
fi
can_transmit_to_channel ${WIFI_IFACE} ${CHANNEL} || die "Your adapter can not transmit to channel ${CHANNEL}."
if networkmanager_is_running && ! networkmanager_iface_is_unmanaged ${WIFI_IFACE}; then
echo -n "Network Manager found, set $1 as unmanaged device... "
networkmanager_add_unmanaged ${WIFI_IFACE}
networkmanager_wait_until_unmanaged ${WIFI_IFACE}
echo "DONE"
fi
[[ $HIDDEN -eq 1 ]] && echo "Access Point's SSID is hidden!"
# hostapd config
cat << EOF > $CONFDIR/hostapd.conf
ssid=${SSID}
interface=${WIFI_IFACE}
driver=${DRIVER}
hw_mode=g
channel=${CHANNEL}
ctrl_interface=$CONFDIR/hostapd_ctrl
ctrl_interface_group=0
ignore_broadcast_ssid=$HIDDEN
EOF
if [[ $IEEE80211N -eq 1 ]]; then
cat << EOF >> $CONFDIR/hostapd.conf
ieee80211n=1
wmm_enabled=1
ht_capab=${HT_CAPAB}
EOF
fi
if [[ -n "$PASSPHRASE" ]]; then
[[ "$WPA_VERSION" == "1+2" || "$WPA_VERSION" == "2+1" ]] && WPA_VERSION=3
cat << EOF >> $CONFDIR/hostapd.conf
wpa=${WPA_VERSION}
wpa_passphrase=$PASSPHRASE
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP CCMP
rsn_pairwise=CCMP
EOF
fi
if [[ "$SHARE_METHOD" == "bridge" ]]; then
echo "bridge=${BRIDGE_IFACE}" >> $CONFDIR/hostapd.conf
else
# dnsmasq config (dhcp + dns)
DNSMASQ_VER=$(dnsmasq -v | grep -m1 -oE '[0-9]+(\.[0-9]+)*\.[0-9]+')
version_cmp $DNSMASQ_VER 2.63
if [[ $? -eq 1 ]]; then
DNSMASQ_BIND=bind-interfaces
else
DNSMASQ_BIND=bind-dynamic
fi
cat << EOF > $CONFDIR/dnsmasq.conf
interface=${WIFI_IFACE}
${DNSMASQ_BIND}
dhcp-range=${GATEWAY%.*}.1,${GATEWAY%.*}.254,255.255.255.0,24h
dhcp-option=option:router,${GATEWAY}
EOF
[[ $ETC_HOSTS -eq 0 ]] && echo no-hosts >> $CONFDIR/dnsmasq.conf
fi
# initialize WiFi interface
if [[ $NO_VIRT -eq 0 && -n "$NEW_MACADDR" ]]; then
ip link set dev ${WIFI_IFACE} address ${NEW_MACADDR} || die "$VIRTDIEMSG"
fi
ip link set down dev ${WIFI_IFACE} || die "$VIRTDIEMSG"
ip addr flush ${WIFI_IFACE} || die "$VIRTDIEMSG"
if [[ "$SHARE_METHOD" != "bridge" ]]; then
ip link set up dev ${WIFI_IFACE} || die "$VIRTDIEMSG"
ip addr add ${GATEWAY}/24 broadcast ${GATEWAY%.*}.255 dev ${WIFI_IFACE} || die "$VIRTDIEMSG"
fi
# enable Internet sharing
if [[ "$SHARE_METHOD" != "none" ]]; then
echo "Sharing Internet using method: $SHARE_METHOD"
if [[ "$SHARE_METHOD" == "nat" ]]; then
iptables -t nat -I POSTROUTING -o ${INTERNET_IFACE} -j MASQUERADE || die
iptables -I FORWARD -i ${WIFI_IFACE} -s ${GATEWAY%.*}.0/24 -j ACCEPT || die
iptables -I FORWARD -i ${INTERNET_IFACE} -d ${GATEWAY%.*}.0/24 -j ACCEPT || die
echo 1 > /proc/sys/net/ipv4/ip_forward || die
elif [[ "$SHARE_METHOD" == "bridge" ]]; then
# disable iptables rules for bridged interfaces
echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables || die
# create and initialize bridged interface
brctl addbr ${BRIDGE_IFACE} || die
brctl addif ${BRIDGE_IFACE} ${INTERNET_IFACE} || die
ip link set dev ${BRIDGE_IFACE} up || die
fi
else
echo "No Internet sharing"
fi
# boost low-entropy
if [[ $(cat /proc/sys/kernel/random/entropy_avail) -lt 1000 ]]; then
which haveged > /dev/null 2>&1 && {
haveged -w 1024 -p $CONFDIR/haveged.pid
fi
# start dns + dhcp server
if [[ "$SHARE_METHOD" != "bridge" ]]; then
iptables -I INPUT -p tcp -m tcp --dport 53 -j ACCEPT || die
iptables -I INPUT -p udp -m udp --dport 53 -j ACCEPT || die
iptables -I INPUT -p udp -m udp --dport 67 -j ACCEPT || die
dnsmasq -C $CONFDIR/dnsmasq.conf -x $CONFDIR/dnsmasq.pid || die
fi
# start access point
echo "hostapd command-line interface: hostapd_cli -p $CONFDIR/hostapd_ctrl"
# from now on we exit with 0 on SIGINT
trap "clean_exit" SIGINT
if ! hostapd $CONFDIR/hostapd.conf; then
echo -e "\nError: Failed to run hostapd, maybe a program is interfering." >&2
if networkmanager_is_running; then
echo "If an error like 'n80211: Could not configure driver mode' was thrown" >&2
echo "try running the following before starting create_ap:" >&2
if [[ $NM_OLDER_VERSION -eq 1 ]]; then
echo " nmcli nm wifi off" >&2
else
echo " nmcli r wifi off" >&2
fi
echo " rfkill unblock wlan" >&2
fi
die
fi
clean_exit
Last edited by OBLiQUE (2014-09-02 20:26:22)

adam777 wrote:
Thank, just what I was looking for.
Unfortunately, it seems that currently my Intel 5300 card (using the iwlwifi driver), does not support AP mode.
From what I understand, hostapd can be used in bridge mode as well, which should have no compatibility problems.
Can some one point me in the right direction?
* EDIT *
After more attempts, I think I got it wrong and AP mode is indeed required.
Sorry for the late reply, I didn't noticed your message.. Did you got any errors? I have Intel 6205 and it works.
Also if you use NetworkManager, then you have to say to NetworkManager to stop using your interface.
You can do it by editing the /etc/NetworkManager/NetworkManager.conf file and put the following (without the <>):
[keyfile]
unmanaged-devices=mac:<interface's mac address here>
and restart your NetworkManager. Ofcourse after you finish, you have to remove it in order to get your wifi back to working with NetworkManager.

Similar Messages

  • Can an Aironet WiFi Access Point bridge multiple internal VLANs?

    I have Cisco Aironet 2700e access points.  Historically they were configured with a single SSID on both radios with WEP 128bit security.
    I now need to add new WiFi devices to the network that have limited flexibility.  They must be associated only with a specific radio (2.4ghz or 5ghz) and WPA2PSK security.
    My thought was to create two additional SSIDs on the 2700 access points, one for 2.4gz WPA2PSK and the other for 5ghz WPA2PSK.  The pre-existing SSID will continue to use 128bit WEP.  To do that  I need to use VLANs on the 2700e.
    I have no other VLANS on my network.  I only need VLANs on the 2700e because I have different physical devices that support different WiFi frequencies and security options.  I don't need to segment the network.
    How do I bridge the VLANs on the 2700e?
    Devices that connect to the non-native VLANs appear to be isolated from the rest of the network (as I would suspect with VLANs).  But that's not what I want .  I'm only using VLANs because I need multiple SSIDs, and I need multiple SSIDs because I have different physical devices that want different WiFI access point configurations.  I can't seem to find any way to configure the 2700e to bridge the VLANs for the multiple SSIDs.
    Any guidance would be appreciated.  I could buy additional access points but that seems to be defeating the purpose of having a device like the 2700e.
    Any help would be appreciated.
    Thank you.

    I made these changes to the example here:
    https://supportforums.cisco.com/document/55561/multiple-ssid-multiple-vlans-configuration-example-cisco-aironet-aps
    and it seems to be working.  (By "working" I mean that I can now ping to/from devices connected on different SSIDs.) I had to make these changes from the CLI.  There does not seem to be a way to make these changes from the GUI.  Is that correct? If there is a way to make these changes from the GUI please let me know.
    The changes I made were to make the sub interface for Dot11 radio 0 on the VLANs part of bridge-group 1.  So assuming the config in the example:
    ap(config)#interface Dot11Radio0.2
    ap(config-subif)#no bridge-group 2
    ap(config-subif)#bridge-group 1
    ap(config-subif)#exit
    ap(config)#interface Dot11Radio0.3
    ap(config-subif)#no bridge-group 3
    ap(config-subif)#bridge-group 1
    ap(config-subif)#exit
    I did not change the bridge group on the Ethernet interface.
    Questions:
    1. Did I create any new problems making this change? It seems to work, but am I going to get myself in trouble somewhere else?  Intuitively it makes sense to me: the VLANs are now part of the same bridge group (1, the native VLAN).  So all traffic should be bridged together.  Correct?
    2. I didn't change the Ethernet sub interfaces.  I don't seem to need to make that change.  I also don't like things sitting out there that I don't understand.  Should I do anything to clean up the Ethernet interfaces?
    3. The original configuration was made entirely from the GUI.  This change needs to be made from the CLI.  Can it be done from the GUI?  I can't seem to find a way to change bridge groups for a sub interface from the GUI. It worried me that it can't be done from the GUI.
    Thank you.
    Larry

  • Script to fight buggy WiFi access points

    This is a script that implements automatic reconnect to WiFi access points. It's called hold-connect. It uses netcfg as backend, so any other connection types are also supported (like PPP link). It had been tested every day for 2 months with a buggy public wifi router (its DHCP server quite often failed).
    Features:
    - Checking of internet connection via host pinging with 1 packet;
    - Reconnecting if link failure is detected;
    - Informative output;
    - Customizable hostname, check interval and retry count.
    Dependencies:
    - bash;
    - netcfg 2.5.4;
    - optional: configured sudo. To run from root, all "sudo" strings can be safely removed.
    Syntax is simple:  hold-connect netcfg_profile_name . Also some parameters can be customized inside script (follow comments). Therefore it's advised to keep script file somewhere like /home/user and place a symlink to it in /usr/bin.
    Usage: start and enjoy! To stop it, simply kill it with ^C or kill -15.
    hold-connect.sh:
    #!/bin/bash
    # hold-connect - simple script to hold wifi link up in hard conditions.
    # Version: 060710
    # USAGE:
    # hold-connect profile_name
    # Profile name is a valid netcfg profile used to reconnect.
    # Return values:
    # 0 - happens only when script runs more than infinite time :-)
    # 1 - error in arguments
    # 2 - error while connecting
    # Adjustable constants are here:
    TEST_URL="qrz.ru" # URL to check via pinging
    CHECK_INTERVAL=30 # Network status checking interval, in seconds (default: 30)
    RETRY_LIMIT=3 # Maximum number of retries (default: 3)
    connect()
    sudo netcfg down $CURRENT_PROFILE > /dev/null 2>&1
    RETRY_COUNT=0
    CONN_STAT="" # Trigger the cycle at start
    while [ -z "`echo $CONN_STAT | grep DONE`" ]; do
    if [ -n "$CONN_STAT" ]; then
    echo "[`date +%H:%M:%S`] Failed to connect using $CURRENT_PROFILE, trying again"
    fi
    CONN_STAT="`sudo netcfg $CURRENT_PROFILE`"
    if [ -n "`echo $CONN_STAT | grep "Association Failed"`" ]; then
    if [ $RETRY_COUNT != $RETRY_LIMIT ]; then
    echo "Access point unreachable"
    RETRY_COUNT=$((RETRY_COUNT+1))
    else
    echo "More than $RETRY_LIMIT sequental errors, exiting"
    exit 2
    fi
    else RETRY_COUNT=0; # reset if error is not sequental
    fi
    sleep 2
    done
    # Check if there's no parameters
    if [ -z $1 ]; then
    echo "hold-connect: no profile specified"
    echo "Usage:"
    echo " hold-connect profile_name"
    exit 1
    fi
    # Check if profile exists
    if [ -z `sudo netcfg -l | grep -x $1` ]; then
    echo "hold-connect: profile $1 does not exist"
    exit 1
    fi
    CURRENT_PROFILE=$1
    echo "hold-connect 060710, using profile $CURRENT_PROFILE and test URL $TEST_URL"
    while [ "1" ]; do
    while [ -z "`ping -c 1 $TEST_URL 2> /dev/null`" ]; do # to be sure that netcfg isn't wrong
    echo "No connect to $TEST_URL, raising $CURRENT_PROFILE"
    connect
    done
    echo "[`date +%H:%M:%S`] *** Connection to $TEST_URL is up"
    sleep $CHECK_INTERVAL
    done

    Ignore my above post. It is just plane stupid and you cant stop or restart  the daemon.
    Heres howit should look like:
    /usr/bin/hold-connect:
    #!/bin/bash
    # hold-connect - simple script to hold wifi link up in hard conditions.
    # Version: 060710
    # USAGE:
    # hold-connect profile_name
    # Profile name is a valid netcfg profile used to reconnect.
    # Return values:
    # 0 - happens only when script runs more than infinite time :-)
    # 1 - error in arguments
    # 2 - error while connecting
    # Adjustable constants are here:
    TEST_URL="qrz.ru" # URL to check via pinging
    CHECK_INTERVAL=30 # Network status checking interval, in seconds (default: 30)
    RETRY_LIMIT=3 # Maximum number of retries (default: 3)
    connect()
    sudo netcfg down $CURRENT_PROFILE > /dev/null 2>&1
    RETRY_COUNT=0
    CONN_STAT="" # Trigger the cycle at start
    while [ -z "`echo $CONN_STAT | grep DONE`" ]; do
    if [ -n "$CONN_STAT" ]; then
    echo "[`date +%H:%M:%S`] Failed to connect using $CURRENT_PROFILE, trying again" >> /var/log/hold-connect.log
    fi
    CONN_STAT="`sudo netcfg $CURRENT_PROFILE`"
    if [ -n "`echo $CONN_STAT | grep "Association Failed"`" ]; then
    if [ $RETRY_COUNT != $RETRY_LIMIT ]; then
    echo "Access point unreachable" >> /var/log/hold-connect.log
    RETRY_COUNT=$((RETRY_COUNT+1))
    else
    echo "More than $RETRY_LIMIT sequental errors, exiting" >> /var/log/hold-connect.log
    exit 2
    fi
    else RETRY_COUNT=0; # reset if error is not sequental
    fi
    sleep 2
    done
    # Check if there's no parameters
    if [ -z $1 ]; then
    echo "hold-connect: no profile specified"
    echo "Usage:"
    echo " hold-connect profile_name"
    exit 1
    fi
    # Check if profile exists
    if [ -z `sudo netcfg -l | grep -x $1` ]; then
    echo "hold-connect: profile $1 does not exist"
    exit 1
    fi
    CURRENT_PROFILE=$1
    echo "hold-connect 060710, using profile $CURRENT_PROFILE and test URL $TEST_URL" >> /var/log/hold-connect.log
    while [ "1" ]; do
    while [ -z "`ping -c 1 $TEST_URL 2> /dev/null`" ]; do # to be sure that netcfg isn't wrong
    echo "No connect to $TEST_URL, raising $CURRENT_PROFILE" >> /var/log/hold-connect.log
    connect
    done
    echo "[`date +%H:%M:%S`] *** Connection to $TEST_URL is up" >> /var/log/hold-connect.log
    sleep $CHECK_INTERVAL
    done
    /etc/rc.d/hold-connect:
    #!/bin/bash
    . /etc/rc.conf
    . /etc/rc.d/functions
    CURRENT_PROFILE="korvmedmos" # Network profile to use
    DIE=`ps alx | grep hold-connect | grep -v "grep" | awk '{ print $3 }'`
    case "$1" in
    start)
    stat_busy "Starting hold-connect"
    /usr/bin/hold-connect $CURRENT_PROFILE & > /dev/null 2>&1
    if [ $? -gt 0 ]; then
    stat_fail
    else
    add_daemon hold-connect
    stat_done
    fi
    stop)
    stat_busy "Stopping hold-connect"
    rm_daemon ntpdate
    stat_done
    kill $DIE
    restart)
    $0 stop
    sleep 1
    $0 start
    echo "usage: $0 {start|stop|restart}"
    esac
    I need more brainzzz. Please give!
    Last edited by whacath (2010-09-16 18:11:16)

  • Proxy Setting for Multiple WiFi Access Points

    I'm getting ready to roll out 30 iPads in a school setting.  They are going to be on a cart that teachers will be able to check out for class use, but will be returned to the computer lab each evening.  This creates a problem.
    Throughout the building, we have several WiFi access points - next year we will have an access point in each classroom.  And of course we connect through a proxy server so that the district can block various wbsites.  As I am setting up my iPad to connect to each access point, I have to set the proxy server address for the access point; I would really like to be able to simply say "This is my proxy server address and port for EVERY WiFi access point in the building." and be done with it.  I haven't been able to find a way to do this -- it looks like I have to configure each access point individually.
    Am I just missing something (I hope)?

    I suspect you have the D-Link set up to make its network an entirely new subnet using NAT.
    If you setup the D-Link as a bridge to the network created by the Extreme, things may work properly.
    You may need to refer to the D-Link documentation to find out the proper way to do this.

  • Software wifi access point: hostapd freezes system

    I have some scripts that set up a wifi access point through the laptop's onboard wifi card. Since a few weeks ago the system now freezes when running the hostapd command and I have to power off by holding down the power button:
    Here is the hostapd configuration file (taken from the wiki):
    ssid=foo
    wpa_passphrase=blahblah
    interface=wlan0
    #bridge=br0
    auth_algs=3
    # setting this appears to be the problem
    channel=7
    driver=nl80211
    hw_mode=g
    logger_stdout=-1
    logger_stdout_level=2
    max_num_sta=5
    rsn_pairwise=CCMP
    wpa=2
    wpa_key_mgmt=WPA-PSK
    wpa_pairwise=TKIP CCMP
    I am running the following command
    hostapd -d -t -K /path/to/aforementioned/hostapd.conf
    The onboard wifi adapter is this well-known POS:
    Realtek RTL8188CE 802.11b/g/n WiFi Adapter
    The adapter works for regular connections. Tweaking the hostapd.conf file has led me to conclude that the channel parameter is the problem. If I omit it, hostapd simply fails to establish an AP but exits. If I include it, it completely freezes all system input.
    Conky seems to keep updating in the background but journalctl -f freezes. The output from hostapd in "-d" and "--dd" mode flies past too quickly to follow and then infinitely prints blank lines.
    Up until a few weeks ago this worked without a hitch. Given that this interrupts user input I wonder if it might be a hardware problem (dying card?)  but I don't know how to check that. Again, connecting to wifi networks works without any issue (that I have noticed). Could this be related to a recent kernel upgrade?
    I'm going to try redirecting the output of hostapd to a file and then using the "magic" sysrq key to sync it before killing the system. If that works I'll post it. Until then, any suggestions of how to debug this would be appreciated.

    I have some scripts that set up a wifi access point through the laptop's onboard wifi card. Since a few weeks ago the system now freezes when running the hostapd command and I have to power off by holding down the power button:
    Here is the hostapd configuration file (taken from the wiki):
    ssid=foo
    wpa_passphrase=blahblah
    interface=wlan0
    #bridge=br0
    auth_algs=3
    # setting this appears to be the problem
    channel=7
    driver=nl80211
    hw_mode=g
    logger_stdout=-1
    logger_stdout_level=2
    max_num_sta=5
    rsn_pairwise=CCMP
    wpa=2
    wpa_key_mgmt=WPA-PSK
    wpa_pairwise=TKIP CCMP
    I am running the following command
    hostapd -d -t -K /path/to/aforementioned/hostapd.conf
    The onboard wifi adapter is this well-known POS:
    Realtek RTL8188CE 802.11b/g/n WiFi Adapter
    The adapter works for regular connections. Tweaking the hostapd.conf file has led me to conclude that the channel parameter is the problem. If I omit it, hostapd simply fails to establish an AP but exits. If I include it, it completely freezes all system input.
    Conky seems to keep updating in the background but journalctl -f freezes. The output from hostapd in "-d" and "--dd" mode flies past too quickly to follow and then infinitely prints blank lines.
    Up until a few weeks ago this worked without a hitch. Given that this interrupts user input I wonder if it might be a hardware problem (dying card?)  but I don't know how to check that. Again, connecting to wifi networks works without any issue (that I have noticed). Could this be related to a recent kernel upgrade?
    I'm going to try redirecting the output of hostapd to a file and then using the "magic" sysrq key to sync it before killing the system. If that works I'll post it. Until then, any suggestions of how to debug this would be appreciated.

  • Can't HP Officejet pro 8100 do wifi access point?

    Yesterday my HP Officejet pro 8100 arrived and I try to connect via wifi. I thinked that It need a infrastructure access point to print via wifi.
    When I powered on the printer I osserved that It create an access point autonomously with SSID: HP-Setup-7A-Officejet Pro, with IPv4 address server, etc...
    I was very happy and I printed a page with my smartphone samsung s4 connected directly with printer access point (not wifi direct but standard wifi).
    Today no changed occurred but I can't use printer with its own access point, but only with an external wifi access point.
    Someone can help me, please? It could be an hardware problem?
    Thanks,
    Luca
    P.S. in web server I checked that "access point connectivity" (Punto di accesso wireless connettività in Italian) is checked.
    This question was solved.
    View Solution.

    Hello lucait
    To print via WiFi you need to have a wireless router setup. Once you have the wireless router setup correctly you will have a SSID and Wepkey that will enable you to add devices to your network. The network will allow all your devices to communicate not just with each other but with the internet. At the moment your printer was not put in a network so instead of broadcasting on a network it is broadcasting on it's own network called HP-Setup-7A-Officejet Pro which is only good for a short period of time to allow you to setup your wireless. I am going to assume you have a wireless network and you are just needing assistance getting the printer setup on that network.
    To set your printer up on a network you will need to reset your network defaults so your printer begins to broadcast that HP-Setup-7A-Officejet Pro network again. You can do this buy following the steps on the HP Support document Resetting the Network Settings. Once you have done this you can begin to install the software that came with your printer on your computer. You want to set the printer up wirelessly when the option arrives. The software should configure your printers wireless for you and put it on the network. Once completed you should be able to access your printer from all your devices as long as they are on the network. 
    I hope this helps resolve your wireless issue. Thank you for posting on the HP Forums. Have a great day! 
    Please click the "Thumbs Up" on the bottom right of this post to say thank you if you appreciate the support I provide!
    Also be sure to mark my post as “Accept as Solution" if you feel my post solved your issue, it will help others who face the same challenge find the same solution.
    Dunidar
    I work on behalf of HP
    Find out a bit more about me by checking out my profile!
    "Customers don’t expect you to be perfect. They do expect you to fix things when they go wrong." ~ Donald Porter

  • A tech company just set up a wifi network in my house and does not use my existing TC; how do I get it in the network to serve as backup for my iMac? (I don't need it as a wifi access point anymore)

    a tech company just set up a wifi network in my house and does not use my existing TC; how do I get it in the network to serve as backup for my iMac? (I don't need it as a wifi access point anymore) thanks

    Just bridge the TC and plug it by ethernet into the main router.
    Bridge in v5 airport utility.
    In v6 it is under network.. change it from DHCP and NAT to Off bridge mode.
    Turn off the wireless.

  • How to delete wifi access point on E7 - mails won'...

    I have E7 with symbian anna. A while ago I had to restart my home wifi (due to storm) and during that process a new wifi access point (wlan(01) was created on my phone. After that - as far as I have now understood - my phone stopped syncronising gmails altogether. Also in my provider's network (outside wifi, elisa). In order for my phone to sync emails, i need to reboot it (or just turn it off and on, no need to get the three vibrations when turning off).
    Question 1) How do I delete this unncecssary wifi access point on E7? I was able to do it easily on my N900 but not on this E7.
    Question 2) Is it likely that the reason my phone stopped syncin gmails is related to this wifi issue? Pressing send & receive won't help, either, nothing happens. I have had this E7 for 1.5 months now, Symbian Anna I've had for 10 days and this problem started 5 days ago. Before that the mails flew in very nicely.

    To remove access poit, go to settings>connectivity>settings>Destination>Internet>long hold access point and select delete.
    For Gmail, don't use it, but if you remove/delete mailbox and then set it up again it should work fine, also heard that during set up if you reject terms and conditions and set up manually it works better ?
    http://asimag.wordpress.com/2007/06/22/how-to-configure-gmail-account-on-your-n95n73/
    If I have helped at all, a click on the White Star is always appreciated :
    you can also help others by marking 'accept as solution' 

  • Roaming between two WiFi access points fails

    Hi...
    I just bought a Hawking WiFi range extender...a device that acts like a second wireless access point for rooms that are far from your wireless router. It's also known as a repeater. It has the same SSID (network name) as the one set up by the router.
    You are supposed to be able to move about the house and you will connect to whichever device has the higher signal strength, transparently, with no hiccups, like moving your cell phone from one cell antenna to another.
    The setup works fine with my Dell laptop, but not with my MacBook Pro or my iPad. When I change "zones", the Network locks up. This is repeatable and consistent.
    I've heard rumors about Apple product difficulties with this "WiFi roaming."
    Can anyone help?
    Thx
    Steve

    I've been using a roaming setup in my home for years.  The company I work for has building wide WiFi roaming setup with multiple WiFi access points on each floor.  At home and at work, I frequently move my MacBook between access points without loosing things like my VPN, Screen Sharing, File Sharing, ssh terminal sessions, etc....
    But 3rd party networking hardware has not always been well tested against Apple products.  Many times 3rd party networking vendors test against some version of Windows and then ship it.  Sometimes the 3rd party vendor offers a firmware update that corrects issues with Apple products.
    At home I have Apple Airport Extreme base stations for my roaming setup.  At work, the company is using Cisco commercial WiFi access points.
    A roaming setup needs to have all WiFi devices on the same network "Subnet".  That means a 2nd WiFi base station cannot act as a router, but must be just a bridge on the existing router's subnet (generally that means it cannot be offering DHCP services nor NAT services).
    The 2nd WiFi base station must have the same SSID (as you said you setup).
    And it must have the same security password using the same encryption algorithm (WPA2 preferred from a security stand point).  You did not mention this, but I'll assume you did this as well.

  • Showing duplicate wifi access point in N82

    Hi,
    i have a weird issue with my N82 wifi, hopefully i can explain it correctly..
    my problem is when i connect to a new wifi, it will always shown 2 access point in the wifi list.. what's weird is that the duplicate wifi access point name is the last wifi point i connected... and if i remove one of the access point from the list, both will be gone..
    so for example in steps:
    1) i first connect to 'ABC'
    2) i remove 'ABC'
    3) i connect to 'CDE'
    result is in access point list, it will show
    'ABC'
    'CDE'
    if i selecet 'ABC', it's actually connects to 'CDE'.. and if i delete either one of them, both will be gone.
    4) i delete 'CDE' (both are now gone)
    5) i connect to 'CDE' again
    the result is it will shown:
    'CDE'
    'CDE (1)'
    again, if i delete either one of them, both will be gone.
    so any idea? WIFI still works, but a bit agnoring..
    thanks in advance

    If I understand the situation, with an Ethernet connection for the Airport the wifi component is free to act as an access point.  But one Airport device cannot act as a wifi receiver and as an an access point.
    That is correct. A single Express in this situation would act as a Wi-Fi "receiver," but will only provide an active Ethernet connection for wired clients. You will need a second one to create the wireless network.
    Again, this is because you typically won't have administrator access to the RV park's wireless router AND, most likely if you did, it wouldn't be another Apple router. The option I provided should get you around both of those facts ... and should work at other locations with the same wireless setup.

  • How can I turn mac mini into wifi access point for iPhone?

    Hi,
    I do not have a wifi router.
    I want my iPhone to be able to use my broadband internet instead of the slow EDGE internet.
    The simple solution would be to buy a wifi router whih would enable my iPhone to access the wifi home network.
    *What if I could turn the mac mini into a wifi access point?* That would save me from the hassle of buying a wifi router.
    Any idea how to do this??
    Message was edited by: d00by666

    I did this.
    I think I am doing something wrong. I am doing something wrong in this setting *from ethernet to airport*.
    see attached screenshot.
    To start Internet sharing on a computer using Mac OS X:
    1. Open System Preferences, click Sharing, and then click Internet.
    2. Select how you would like to share your Internet connection, and then click Start. You
    can choose to share your Internet connection with AirPort-enabled computers,
    computers with built-in Ethernet, or both.
    Note:
    If your Internet connection and your local network use the same port (built-in
    Ethernet, for example), contact your ISP before you turn on Internet sharing. In some
    cases (if you use a cable modem, for example) you might unintentionally affect the
    network settings of other ISP customers, and your ISP might terminate your service to
    prevent you from disrupting its network.
    3. If you want to share your Internet connection with computers using AirPort, click
    AirPort Options to give your network a name and password.
    ----------------------------------------------------

  • I already have a WiFi access point. Can I still use a time capsule?

    I already have a WiFi access point.  Reading about the Time Capsule, it appears that it is also an access point.  If so, ca I still use it in conjuction with my existing WiFi?

    Welcome to the Apple Support Communities
    Of course. With the Time Capsule, you can still use the network of your old router or you can use the network of the Time Capsule (I recommend you to use the network of the Time Capsule unless your router is much better). Note that the Time Capsule is a router with a hard drive inside, so it's normal that you can use it as a router

  • IOS 4.2.1 breaks web-based authentication to wifi access points

    Whenever I tried to access the *wifi access points* I use more often *whose authentication is web-based*, like the one at my public library or at my office, although I input my username and password correctly, I am always bounced back to the login form.
    Before iOS 4.2.1 I know that there was a problem of this sort already, related to *some incompatibility between Safari's auto-fill features and the access points*, that could be solved by simply turning off auto-fill, and I did that. But know *it looks like the problem got to a new level of subtlety*.
    Interestingly, *everything worked nicely while I was using the Gold Master version of iOS 4.2.0* that never made it to release, so the solution has to be found among the differences between 4.2.0 and 4.2.1, if you're an Apple engineer reading this.
    Can you help? Any idea or trick to try that I didn't already? Thanks!
    Giacecco

    Hi Richard,
    You mentioned that 'Apple put the AirPrint spec out there for all printer makers'. I've been looking around but I haven't found any spec. Where did you find it?
    Do printer makers have to buy a license in order to be able to advertise that they've implemented the AirPrint protocol? Is there maybe an Apple review process in place?
    TIA
    Geert

  • Specific WiFi access point HTTP proxy always turning off?

    Hello,
    My corporate - issued iPhone 4S which is currently sporting 6.1.1 has a weird issue - the corporate WiFi access point HTTP proxy setting always defaults to Off after trying to set it up with a Auto setting and entering a URL to our company's PAC file. My colleagues do not have the same issue - they are able to setup HTTP Proxy to Auto and enter the URL to the PAC file. I tried this with other access points (non-corporate) and it works fine. Is this something specific to the WiFi profile pushed to my device? I've tried contacting our company's IT personnel in charge and they weren't able to give me an answer. Hoping someone here can. Thanks in advance!
    Cheers

    To remove access poit, go to settings>connectivity>settings>Destination>Internet>long hold access point and select delete.
    For Gmail, don't use it, but if you remove/delete mailbox and then set it up again it should work fine, also heard that during set up if you reject terms and conditions and set up manually it works better ?
    http://asimag.wordpress.com/2007/06/22/how-to-configure-gmail-account-on-your-n95n73/
    If I have helped at all, a click on the White Star is always appreciated :
    you can also help others by marking 'accept as solution' 

  • Canon 70D, Wifi access point with Android

    I bought a Canon 70D this week and I cannot get the Wifi access point option to work with my Nexus 7 2013 or my Samsung Galaxy S3. I was able to connect my 70D to my Wifi network and see the device that way. But when on the road you won't always have access to a local LAN. When I try the access point mode both devices never see the 70D.
    I rebooted both Android devices after installing the EOS app.  I also get the camera in access point mode first and then launch the EOS app.  I let the app sit for several minutes and never finds the 70D. 
    Any tips?

    Hi gquiring!
    Thanks for posting.
    When you go through the setup process on the camera, are you selecting [Easy Connection] ot [Manual Connection]?  If using [Manual Connection], try using the [Easy Connection] instead.
    When prompted by the camera to connect to it with your smartphone, do you see the SSID of the camera show up in the list of networks you can connect to on your smartphone?
    If this is a time sensitive-matter, additional support options are available at Contact Us.
    Did this answer your question? Please click the Accept as Solution button so that others may find the answer as well.

Maybe you are looking for

  • Whats the Advanced Adapter Engine ?

    What is Advanced Adapter Engine and how its different from normal adapter engine

  • GW Messenger v2.1 move/upgrade question

    I am currently running GWM v2.03 on NetWare 6.5 SP7 server and would like to upgrade to GWM v2.1 to a SLES 11 server. The documentation said GWM needs eDirectory. Can I install just eDirectory on SLES 11 server or I need to install GWM to OES2 Linux

  • Strange problem with titles when exporting to Quick Time

    I recently finished a project. It includes some simple titles - mostly lower third consisting of 2 lines, left justified. When I export to QT, the centering on the titles mysteriously changes - flipping from left to right. I keep going back to the ti

  • Unable to download adobe reader in windows vista

    I am unable to download adobe reader in windows vista.... upon going to download help, it just hangs looking for files to fix the issue

  • Org.apache.naming.java.javaURLContextFactory error

    Hi, I have an application which works perfectly fine in TOMCAT 5.0,. But when I deploy this application on JBOSS 4.0.1 and try to run the application, it gives following error,. javax.naming.NoInitialContextException: Cannot insta ntiate class: org.a