This can be useful in the case of public Wifi that requires some kind of login or registration. As I run my Pi 'headless', I can't authenticate via the Pi itself, but I can now connect to the Pi's access point and go through the registration process. It also means on networks that block client-to-client communication, a device can still access services hosted on the Pi and still access the internet.
Please find the instructions below.
The following configuration doesn't utilise a firewall. Be careful when access public WiFi networks, as other users may be able to access services running on the Raspberry Pi. It may be possible to create a list of trusted and untrusted networks and use a script to add firewall rules appropriately.
Elevating privilegesFirst of all you will need to login to your Raspberry Pi and elevate your privileges-
Configuring the interfacesIf you haven't already done it, now's a good time to configure your Pi to connect to a Wifi network as a client-
Then add the following, editing the SSID and psk (password) as required for the network you want to connect to-
It's now necessary to configure the interface that will act as the access point-
And add the following at the end of the file-
Now the interfaces have been configured it's time to setup the software that will manage the access point.
First of all we install hostapd to manage the access point
Now it's installed we can tell hostapd where to find it's config file-
And add the following line-
We also need to create a start up script that sets everything up correctly-
Add the following script to start the interface and setup the networking. I found I had to also force it to delete the default route for the access point interface-
Now make the script executable-
We also need to setup the SSID and PSK (Password) for the access point-
Add the following, adjusting the SSID and PSK to suit. Make sure you add the 'driver' line as I found the performance was terrible without it-
To get hostapd on boot its necessary to create a systemd service-
Add the following-
And then enable it-
When a client connects to the access point it's necessary to give them an IP address and tell them which gateway to use. We use dnsmasq to handle this.
Firstly, open the dnsmasq.conf file-
Add the following-
Using the access point
You should now be able to reboot the Raspberry Pi and connect to the access point from your device like you would a standard Wifi access point.