How To: Make your Untangle Server a Wireless Access Point

**geniehost** · 06-26-2008, 02:18 PM

Thanks Silver Bullet,

It's working now, but DHCP was not working and I do as the following and now it's working - thanks guys!

Originally Posted by impmonkey

Got it. Maybe this is only because I did this in 5.2 but I had to make some changes in the packet filter options.
Uncheck:
Block all DHCP Requests to the local DHCP Server.
Check:
Accept DNS traffic to the local DNS Server from all interfaces.

**Silver Bullet** · 06-26-2008, 02:28 PM

Glad you got it going and thanks for reminding to add that info to the instructions.

I noticed that you Checked Accept DNS traffic to the local DNS Server from all interfaces.. I'm not sure I would do that. That opens port 53 (DNS) on the external interface. Instead, try enabling Accept DNS traffic from the Internal and VPN interfaces to the local DNS Server. and see if that meets your needs of DNS.

**geniehost** · 06-26-2008, 11:44 PM

Hello again,

I unchecked Accept DNS traffic to the local DNS Server from all interfaces.
and clients can go to internet no problem!; Accept DNS traffic from the Internal and VPN interfaces to the local DNS Server already checked by default in 5.2.1

-- More update
When client restart/reboot they will not be able to go to internet!
so I have to check Accept DNS traffic to the local DNS Server from all interfaces to fix this problem!.

**Bipolar Bear** · 07-12-2008, 12:14 PM

Hi all. though i am an untangle noob i followed the instructions and got it working so i will share my experiences. i first tried it with a realtek card but it wouldnt work, so i picked up an atheros card off ebay for a fiver - this one as a matter of fact: 108Mbps-Atheros-Super-G-Wireless-PCI-card-WLAN-XR-RANGE

atheros cards seem to be hard to find these days. anyway once i had the atheros card in i could get hostapd to start and clients could authenticate to my ap using wpa2 (cut down version of hostapd.conf using only the entries from the original post). problem then became that client could not get dhcp address. I had to replace this:

auto eth1
iface eth1 inet static
address 192.168.2.1
netmask 255.255.255.0
mtu 1500

with this:

auto br.eth1
iface br.eth1 inet manual
alpaca_bridge_ports ath0 eth1
bridge_ageing 900
alpaca_bridge_mtu 1500
address 192.168.2.1
netmask 255.255.255.0

as per silver bullets post from the bottom of page 5. At this point I also changed the bridge line in /etc/hostapd/hostapd.conf to read:

bridge=br.eth1

then rebooted, dhcp for wireless clients then worked ok - wireless clients could ping untangles internal interface, but still couldnt access the internet. at this point i should add that wired clients could connect fine and get to the internet. all entries for port forwards, packet filter rules, bypass entries etc were correct as per original post. what i had to do was as per geniehost above, and enable Accept DNS traffic to the local DNS Server from all interfaces. then wireless clients could access the internet ok. this was the only way i could get it to work.

there does seem to be a problem with alpaca not updating the interfaces file, or if it does its doing it wrong. Am I supposed to have 2 bridge interface entries (br.eth0 and br.eth1, for internal and external). What do these interfaces actually do? sorry im a linux noob.

I will now post my entire interfaces file, i would appreciate it if someone could look over it and tell me if anything looks wrong or if t here are any security concerns. as my untangle box is still proof-of-concept it is not on the edge of my network, its just another device on the lan. so the external address is 192.168.1.85, and the internal address is 192.168.2.1. i've then got another switch connected to the internal interface that clients can connect in behind it.

/etc/network/interfaces:

## Fri Jul 11 15:00:16 -0700 2008
## Auto Generated by the Untangle Net Alpaca
## If you modify this file manually, your changes
## may be overriden

auto cleanup
iface cleanup inet manual

## Configuration for the loopback interface
auto lo
iface lo inet loopback

auto br.eth0
iface br.eth0 inet manual
alpaca_bridge_ports eth2 eth0
bridge_ageing 900
alpaca_bridge_mtu 1500
address 192.168.1.85
netmask 255.255.255.0
gateway 192.168.1.254

auto ath0
iface ath0 inet manual
pre-up wlanconfig ath0 destroy
pre-up wlanconfig ath0 create wlandev wifi0 wlanmode ap
post-down wlanconfig ath0 destroy
pre-up iwconfig ath0 channel 11
wireless-mode master

auto br.eth1
iface br.eth1 inet manual
alpaca_bridge_ports ath0 eth1
bridge_ageing 900
alpaca_bridge_mtu 1500
address 192.168.2.1
netmask 255.255.255.0

## This will run any scripts that need to execute when the address changes.
auto update
iface update inet manual

output of ifconfig:

/etc/network # ifconfig -a
ath0 Link encap:Ethernet HWaddr 00:0F:20:95:9B:E0
UP BROADCAST RUNNING MULTICAST MTU:2290 Metric:1
RX packets:7156 errors:0 dropped:0 overruns:0 frame:0
TX packets:1357 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:465827 (454.9 KiB) TX bytes:631307 (616.5 KiB)

br.eth0 Link encap:Ethernet HWaddr 00:0C:6E

6:7D:77
inet addr:192.168.1.85 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8021 errors:0 dropped:0 overruns:0 frame:0
TX packets:8353 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:3347553 (3.1 MiB) TX bytes:3441347 (3.2 MiB)

br.eth1 Link encap:Ethernet HWaddr 00:0F:20:95:9B:E0
inet addr:192.168.2.1 Bcast:192.168.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7147 errors:0 dropped:0 overruns:0 frame:0
TX packets:1272 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:365283 (356.7 KiB) TX bytes:618093 (603.6 KiB)

dummy0 Link encap:Ethernet HWaddr 9E:86:F3:22:AD:2F
inet addr:192.0.2.42 Bcast:192.0.2.255 Mask:255.255.255.0
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

eth0 Link encap:Ethernet HWaddr 00:0C:6E

6:7D:77
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9068 errors:0 dropped:0 overruns:0 frame:0
TX packets:8371 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4116360 (3.9 MiB) TX bytes:3490674 (3.3 MiB)
Interrupt:22

eth1 Link encap:Ethernet HWaddr 00:1A:EE:01:00:91
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:69 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:9813 (9.5 KiB)
Interrupt:19 Base address:0x6400

eth2 Link encap:Ethernet HWaddr 00:1A:EE:01:00:6F
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:21 Base address:0x8000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:4953 errors:0 dropped:0 overruns:0 frame:0
TX packets:4953 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1646593 (1.5 MiB) TX bytes:1646593 (1.5 MiB)

utun Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:192.0.2.43 P-t-P:192.0.2.43 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:98 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:5096 (4.9 KiB) TX bytes:0 (0.0 b)

wifi0 Link encap:UNSPEC HWaddr 00-0F-20-95-9B-E0-00-00-00-00-00-00-00-00-00-00
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9150 errors:0 dropped:0 overruns:0 frame:1489
TX packets:2321 errors:210 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:199
RX bytes:755896 (738.1 KiB) TX bytes:853004 (833.0 KiB)
Interrupt:20

ok thats it guys, sorry long post. hopefully it will be useful to someone.

**geniehost** · 07-17-2008, 11:00 PM

My UT upgrade it self to 5.3, and wireless stop working!
When I checked /etc/network/interfaces I notice it's get updated too.

I re-install the driver for the wireless card, and I did the other requirement and restore the /etc/network/interfaces file from backup - this action make my UT hidden in my network, I cannot ping it, but client getting an IP from the UT!

here is the /etc/network/interfaces from backup file:

Code:

## Fri Jun 13 18:14:11 +0300 2008
## Auto Generated by the Untangle Net Alpaca
## If you modify this file manually, your changes
## may be overriden

auto cleanup
iface cleanup inet manual

## Configuration for the loopback interface
auto lo
iface lo inet loopback


auto br.eth0
iface br.eth0 inet dhcp
	alpaca_bridge_ports eth2 eth0
	bridge_ageing 900
	alpaca_bridge_mtu 1500

auto ath0
iface ath0 inet manual
        pre-up wlanconfig ath0 destroy
        pre-up wlanconfig ath0 create wlandev wifi0 wlanmode ap
        post-down wlanconfig ath0 destroy
	pre-up iwconfig ath0 channel 11
	wireless-mode master

auto br.eth1
iface br.eth1 inet manual
        alpaca_bridge_ports ath0 eth1
        bridge_ageing 900
        alpaca_bridge_mtu 1500
	address 10.196.192.200
	netmask 255.255.255.0

## This will run any scripts that need to execute when the address changes.
auto update
iface update inet manual

and here is the /etc/network/interfaces after 5.3 upgrade

Code:

## Mon Jul 14 19:31:17 +0300 2008
## Auto Generated by the Untangle Net Alpaca
## If you modify this file manually, your changes
## may be overriden

auto cleanup
iface cleanup inet manual

## Configuration for the loopback interface
auto lo
iface lo inet loopback


auto br.eth0
iface br.eth0 inet dhcp
	alpaca_bridge_ports eth2 ath0 wifi0 eth0
	bridge_ageing 900
	alpaca_bridge_mtu 1500



auto eth1
iface eth1 inet static
	address 10.196.192.200
	netmask 255.255.255.0
	mtu 1500

## This will run any scripts that need to execute when the address changes.
auto update
iface update inet manual

so what changes I need to make in the interfaces file to make wireless working!

all the other setting I already make it, only /etc/network/interfaces left!

**Silver Bullet** · 07-18-2008, 06:05 AM

Make sure that Alpaca is set like this
_______________________________
ath0 needs to be bridged to eth1

wifi0 doesn't need to be configured

eth2 needs to be bridged to eth0
_______________________________

Save your settings from above and then replace your existing /etc/network/interfaces file with the one from your backup and reboot.

**geniehost** · 07-18-2008, 01:00 PM

Thanks Silver Bullet, I appreciate your help

**Sonik** · 07-19-2008, 02:52 AM

nice work silver bullet, ill test this in my lab setup. You dont by chance post on supraforums with that name do you?

**Silver Bullet** · 07-21-2008, 12:56 PM

Originally Posted by Sonik

You dont by chance post on supraforums with that name do you?

I don't.

**totalimpact** · 07-21-2008, 02:07 PM

Any chance dev could integrate this feature into the untangle suite?

Thread: How To: Make your Untangle Server a Wireless Access Point

LinkBack

Thread Tools

Upgrade for 5.3

Tags for this Thread

Posting Permissions