# Setting up a PC as an access point



## balanga (Jul 29, 2019)

I'm trying to set up a PC as an Access Point following the instructions here:- 

https://docs.netgate.com/pfsense/en/latest/book/wireless/pfsense-as-an-access-point.html

I realise this is for pfSense, but I was hoping to follow this guide which would enable me to setup such an operation under FreeBSD. The instructions show what to do via the GUI. If/when I have it working should I expect to be able to adapt it to vanilla FreeBSD?


----------



## balanga (Jul 30, 2019)

Tried following instructions but got:-


> iwn0:  HOSTAP mode not supported



Is this due to  a configuration problem or just a feature not supported by the NIC?

This is on a ThinkPad X220 which use a Centrino Advanced-N 6205.


----------



## ralphbsz (Jul 30, 2019)

I did this for quite a few years, first with OpenBSD, then with FreeBSD. It can be made to work directly from the command line, and is not particularly difficult. I think it is one  more line in the config file, compared to using FreeBSD as a router for wired Ethernet. As long as you don't want to do authentication (no passwords or security), you don't actually need HostAP, which is not supported on all hardware.

In my experience, it also doesn't work reliably in the long run. The 802.11 drivers are not fully debugged for used as APs, and you find all manner of limitations. I ended up dumping this and switching to a commercial AP after having to reboot daily for many months, and bandwidth to Apple devices being too slow (some bizarre limitation in the FreeBSD 802.11 stack).


----------



## Phishfry (Jul 30, 2019)

balanga said:


> just a feature not supported by the NIC?


That is the case.

The manual also mentions 'station mode'. No HostAP.





						iwm(4)
					






					www.freebsd.org
				






ralphbsz said:


> As long as you don't want to do authentication (no passwords or security), you don't actually need HostAP, which is not supported on all hardware.


I think you got that backwards. You can connect With hostap alone. no wpa_supplicant required. Right from the ifcong line.


----------



## Phishfry (Jul 30, 2019)

There are some ad-hoc modes and WDS but I think they are beyond the scope here.
I am running my APU2 FreeBSD WAP and still loving it.


```
root@APU2:~ # uptime
12:16AM  up 39 days,  7:30, 1 user, load averages: 0.00, 0.00, 0.00
```


```
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
    ether 4c:5e:0c:11:65:38
    hwaddr 4c:5e:0c:11:65:38
    inet 192.168.100.1 netmask 0xffffff00 broadcast 192.168.100.255
    nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
    media: IEEE 802.11 Wireless Ethernet autoselect mode 11na <hostap>
    status: running
    ssid APU channel 157 (5785 MHz 11a ht/40+) bssid 4c:5e:0c:11:65:38
    regdomain FCC country US ecm authmode WPA2/802.11i privacy MIXED
    deftxkey 2 TKIP 2:128-bit TKIP 3:128-bit txpower 23 mcastrate 6
    mgmtrate 6 scanvalid 60 ampdulimit 64k ampdudensity 8 shortgi wme
    burst dtimperiod 1 -dfs
    groups: wlan
```


----------



## ralphbsz (Jul 30, 2019)

I think you're right: AP or HostAP mode on the card alone = connect without any authentication. No need to run hostapd, which is an authentication daemon.  I think HostAP != hostapd. Sorry for creating confusion.


----------



## Phishfry (Jul 30, 2019)

@ChrisH asked the same question on the forum as I was getting my APU setup for WAP.








						Solved - Help plumbing a wireless AP
					

Greetings, I have 8 static (internet) IP's for my home network. The topology is thus: cable-modem




					forums.freebsd.org
				



Sometimes its good to have someone asking questions.
It makes you learn and understand the answer that you may have cut/n/pasted or borrowed from a How-To.


----------



## SirDice (Jul 30, 2019)

balanga : Handbook: 31.3.6. FreeBSD Host Access Points


----------



## T-Daemon (Jul 30, 2019)

There is also a article on calomel.org "How to setup a wireless access point (WAP) on FreeBSD 10".

They have usefull pointers for the hardware and they are describing a step by step setup including a sample /etc/hostapd.conf, PF packet forwarding  and wireless client ip adressing.


----------



## balanga (Jul 30, 2019)

T-Daemon said:


> There is also a article on calomel.org "How to setup a wireless access point (WAP) on FreeBSD 10".



A Google search came up with this link, but I've been unable to connect whenever I try.


----------



## Phishfry (Jul 31, 2019)

I think the choice of hardware is important. Using Atheros is your best bet. Use only full length MiniPCIe modules, not the half-mini's modules. Why not use one of your IBM MiniPC and stick a decent ath0 radio inside.
What part is giving you troubles?
Have you chosen a dhcp server?


----------



## balanga (Jul 31, 2019)

At the moment I'm thinking of setting up my ThinkPad X41 as a test rig. Getting it working in principle is more important than performance at this stage. I'll be using my pfSense box as the DHCP server. Having two DHCP servers on the same LAN is asking for trouble since I don't know how to make that work.


----------



## balanga (Jul 31, 2019)

balanga said:


> At the moment I'm thinking of setting up my ThinkPad X41 as a test rig.



Oops....

root@X41:~ # `ifconfig wlan0 list caps`


> drivercaps=5818301<STA,IBSS,PMGT,SHPREAMBLE,MONITOR,WPA1,WPA2,WME>



From The Handbook:-


> Once wireless networking support is loaded, check if the wireless device supports the host-based access point mode, also known as hostap mode:
> ....
> 
> The HOSTAP word confirms that this wireless card can act as an AP



So clearly this particular test rig is a non-starter.


----------



## Phishfry (Jul 31, 2019)

When I looked at the specs on your IBM X220 it uses a 'half-mini' form factor card for Wifi.
These are less than optimal for a Access Point.


----------



## Phishfry (Jul 31, 2019)

balanga said:


> I'll be using my pfSense box as the DHCP server. Having two DHCP servers on the same LAN is asking for trouble since I don't know how to make that work.


It is real simple. You use a separate subnet  IP range behind pfSense.
For example 192.168.1.0/24 for pfSense and set your wireless network's dhcp range to 192.168.100.0
You can filter it from pfSense if you make rules or from the WAP itself using a firewall which I already use for NAT.
So in essence you have a firewall behind a firewall with a completely different IP range assigned.
That is how I run my WAP.


----------



## balanga (Jul 31, 2019)

Phishfry said:


> When I looked at the specs on your IBM X220 it uses a 'half-mini' form factor card for Wifi.
> These are less than optimal for a Access Point.



I just ran `ifconfig wlan0 list caps` like it says in the guide and *HOSTAP * was not listed so I'm assuming I can't run hostapd() on the X220 using the builtin wifi NIC...


----------

