Raspberry PI as WiFi to Ethernet Bridge

Recently my cable modem refused to connect to my provider, stating “Connection Refused”. The provider (UPC Austria) stated, that they have to come to my place and make some measurements. But this will be in one week…. WTF?? One week without internet? No way!

Fortunately, my provider offers a service, that every router provides two networks, a private one for the single customer, and a free network for all customers of UPC. This “UPC Wi-Free” was also available from some neighbours of mine.

It would be easy to connect all of my PCs to the network, but this is not enough for me. I needed a better solution. Also the PC of my girlfriend refused to connect to this network, my big PC has no WiFi and the server for sure not. Also the chromecast and the firestick…. no I will not configure all devices to configure them later again!

My previous setup included the router from my provider connected to my own router, a Fritz Box. All my devices are then behind the Fritz Box. So the only thing I had to change was to replace the UPC router with my Raspberry PI.

My starting point was the following:

  • Raspberry PI 2B
  • Alfa AWUS036H Wifi Adapter
  • a network cable 🙂

First I powered up the Raspberry and was curious what I had done with this firmware before. Apparently, I used it before for some photographing stuff… 🙂 Anyway, first the Debian needed to be updated from 7 (wheezy) to 8 (jessie).

First we make sure the current system is up to date:

sudo apt-get update
sudo apt-get upgrade

Then we edit /etc/apt/sources.list and replace wheezy with jessie

deb http://mirrordirector.raspbian.org/raspbian/ jessie main contrib non-free rpi

Then the upgrade:

sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade

This took a while, the raspi is not a fast gaming machine… After the upgrade, I configured the WiFi adapter to work with the UPC Wi-Free. For this the wpa_supplicant and the the network interfaces have to be configured:

The following content belongs to /etc/wpa_supplicant/wpa_supplicant.conf:

network={
   ssid="UPC Wi-Free"
   scan_ssid=1
   key_mgmt=WPA-EAP
   eap=PEAP
   identity="your@e.mail"
   password="password"
   phase1="peaplabel=0"
   phase2="auth=MSCHAPV2"
}

And this belongs to /etc/network/interfaces:

auto lo
iface lo inet loopback

# give the ethernet a static ip for acting as DHCP Server
auto eth0
allow-hotplug eth0
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
dns-nameservers 8.8.8.8

# configure the WiFi interface and enable auto start
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

iface default inet dhcp

You can use different IPs for sure and also you can specify any other DNS than Googles 8.8.8.8. Now we restart the network service and test the connection:

sudo service networking restart

ping google.de
PING google.de (173.194.116.111) 56(84) bytes of data.
64 bytes from fra02s27-in-f15.1e100.net (173.194.116.111): icmp_seq=1 ttl=55 time=23.2 ms
64 bytes from fra02s27-in-f15.1e100.net (173.194.116.111): icmp_seq=2 ttl=55 time=35.2 ms
64 bytes from fra02s27-in-f15.1e100.net (173.194.116.111): icmp_seq=3 ttl=55 time=30.6 ms

The Ethernet interface need a static IP in order to serve DHCP. For this we need also a DHCP server installed on the raspi. We achieve this with the ISC DHCP Server.

sudo apt-get install isc-dhcp-server

We need then to configure the server with a really basic configuration. The configuration is done by editing the file /etc/dhcp/dhcpd.conf.

default-lease-time 600;
max-lease-time 7200;
authoritative;
log-facility local7;
subnet 192.168.1.0 netmask 255.255.255.0 {
  range 192.168.1.201 192.168.1.250;
  option routers 192.168.1.1;
}

Basically the set here some lease times for the server, with authoritative we tell the server that he will server this range alone. Later we define a small subnet. The “option routers” is important, because here the DHCP server will tell clients that he will also serve requests later as the gateway.

Now we can start the server:

sudo service isc-dhcp-server restart

Now we can connect the router and we will see that the raspi serves with an IP address. Now we have to connect both interfaces. In my case the interfaces have the names eth0 and wlan0. We use iptables for this:

/sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
/sbin/iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o wlan0 -j ACCEPT

This is only temporary so we have to make the rules persist. The easy way here is with the package iptables-persistent:

sudo apt-get install iptables-persistent

During the installation you will be asked to save the current rules, answer with yes and the installer will save the rules to /etc/iptables/rules.v4:

# Generated by iptables-save v1.4.21 on Tue Jan  5 19:22:29 2016
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -o wlan0 -j MASQUERADE
COMMIT
# Completed on Tue Jan  5 19:22:29 2016
# Generated by iptables-save v1.4.21 on Tue Jan  5 19:22:29 2016
*filter
:INPUT ACCEPT [1:52]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:152]
-A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth0 -o wlan0 -j ACCEPT
COMMIT
# Completed on Tue Jan  5 19:22:29 2016

Now you have to activate also the ipv4 forwarding by executing the following line:

sudo bash -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'

And you are done!

Update:

THX to the users u/ZoLustIkErNogWelEen and u/Q3_benji who pointed out I forgot to write down the steps with the sources.list and the activation of the ipV4 forwarding!

Update2:

THX to Rob who showed me a mistake in the post!

Bookmark the permalink.

17 Comments

  1. Pingback: Raspberry Pi ‘wifi to ethernet’ bridge | 0ddn1x: tricks with *nix

  2. Hi,

    thanks for your tutorial – i followed it but i cant get a ping back. when restarting the networking i always get this:

    ioctl[SIOCSIWAP]: Operation not permitted
    ioctl[SIOCSIWENCODEEXT]: Invalid argument
    ioctl[SIOCSIWENCODEEXT]: Invalid argument

    any thoughts (also upc austria)
    best

    • Hi Daniel,

      im getting the same some times, but its still working. I could not figure out why, and actually was too lazy since it worked… 🙂

      what exactly do you mean with no ping back? Do you try to ping from the outside? what does a traceroute to google gets you?

      Best,
      Thomas

  3. Hi Thomas,
    Firstly thank you so much for taking the time to provide this. Been trying to do this for a while but many other listing on the net are not as clear (for a noob) and fail for me.
    All the instructions work as describe except the last command to activate ipv4 forwarding
    “sudo echo 1 > /proc/sys/net/ipv4/ip_forward”
    i get the following response fro the system
    “bash: /proc/sys/net/ipv4/ip_forward: Permission denied”
    using Pi3 with latest Jessie and updates and internal WiFi.
    Many thanks
    Rob

    • Hi Rob,

      thanks for your comment!
      I have to say that I did this commands all with root account and thought that putting ‘sudo’ in front of every command will do the trick for everybody.
      But I was playing a bit around and this command is indeed wrong.
      When you enter “sudo echo 1 > /proc/sys/net/ipv4/ip_forward”, only the part “echo 1” will be executed as sudo. In order to the thing run, change to root with issuing “sudo su” or “sudo bash -c ‘echo 1 > /proc/sys/net/ipv4/ip_forward'”. The last command will execute a new temporary bash with root rights and pass the command “echo 1 > /proc/sys/net/ipv4/ip_forward” to it. So all gets executed as root.

      I hope this helps and i will update the page accordingly.

      Best,
      Thomas

  4. Hello Thomas, Thank you for posting this great how-to for raspberry. I need exactly the same with UPC provider 🙂 It works but my speed is around 300kbps. I use raspberry zero with USB to etherned module, which gives me around 1,5mbps (thats ok for me). My raspberry downloads also 1,5mbps so I should get around 1,5mbps.
    My zero connects with wifi to UPC and my router connects by wire to raspi zero usb ethernet. Devices connected to wifi to my router are getting slow speed. What should be the problem? Thank you

    • Hey Michael,

      The problem is that the internal bus connection and the raspberry speed is not enough. The raspberry makes a horrible router :). Problem actually is that USB and Ethernet is brought out with the same chip.

  5. This is just to hard for me, i have a router, i have a pi3 and i have a pc which i need to get Internet over ethernet, so i get internet from pi3’s wlan and share it over the ethernet port to my pc, how do i do that? and i don’t think i need a dhcp server for that just share the connection that is it. Hope someone can help me
    Thank you

    • Hi Jakob,

      Actually in your case, wouldn’t it be the best just to buy a inexpensive USB WiFi adapter? You can get them on Amazon for less than 20€ nowadays. If you really need the pi and you have a desktop manager installed, then you can simply bridge the connection via GUI.

      Best,
      Thomas

  6. Thomas,
    Thanks for the excellent write up, works great!
    Just a couple of thing that might help.
    Instead of the echo 1>/proc/sys/net/ipv4/ip_forward it was easier for me to just edit the sysctl.conf file and uncomment the net.ipv4.ip_forward=1 line
    Secondly, to get everything working right, I needed to add in the option domain-name-servers line to the dhcpd.conf entry.

    Thanks again!!

  7. GEOFFREY ALARCO

    Thanks !!!

  8. Hi Thomas,

    thanx man! This works great.
    I use this to connect to the Ziggo wifi hotspots in the Netherlands.
    Great backup at this moment (I am between providers).

  9. I seem to have hit a snag. After following all of the instructions numerous times I can’t seem to get my computers to grab the DNS server of 8.8.8.8 from my RPI’s config file.

    Upon setting my computers DNS servers to 8.8.8.8 I still can’t connect to the internet but at least my ethernet connection goes from unable to connect to connected to the internet.

    Any Ideas?

    • If it helps. I am using xfinitywifi hotspots as my wifi connection point. They use 172.20.20.1 as the gateway with an IP address for my Pi’s wifi of 172.20.20.20

      Thanks!

    • Hi Jared,

      what does the tracert command show to you? does you PC use the route to the raspi?
      Also check the rules of iptables, it may still block some of your requests.

      Best,
      Thomas

  10. Great, thanks from Pi4 & TP-Link Archer T3U Plus 1300

Leave a Reply

Your email address will not be published. Required fields are marked *