I am looking to do this on a Raspberry Pi, but I don't mind which operating system I have to install, so the easiest most out-of-the-box solution for Pidora (Fedora 20 Remix), Raspbian (Debian) or Arch is the one I'd like.
I am living in a university building where internet access is supplied via a protected wireless network. This wireless network is authorised using WPA2-Enterprise PEAP and requires me to supply a username, password, and authentication certificate. The university provides a script to automatically configure a Linux machine for this network, and the script is happy working with either wpa_supplicant or network-manager – I've tried both.
I have a lot of machines (a mixture of Linux and Windows) which all talk to one another via my own private wireless router. This router has a WAN port meant to face an internet connection, so as to share that connection with all machines on its wireless network.
My aim is to have my Raspberry Pi connect to the university's protected wireless network and then provide an internet connection to the WAN port on my private wireless router. I've decided to use a Raspberry Pi because it's the lowest overhead device I have access to that is able to connect to my university's protected wireless network.
I do not need to be able to see my Raspberry Pi on my private wireless network (if I could that would be fine, but I'm really after the simplest configuration possible). All I need is for my Raspberry Pi to handle authentication to the university wireless network, and then transparently pass data between eth0 and wlan0. To any device plugged into my Raspberry Pi using an ethernet cable, the Raspberry Pi should just look like straight-forward internet gateway.
To summarise, I'm looking for,
(University Wi-Fi with WPA2 PEAP) -> (RPi wlan0)—(RPi eth0) -> (WAN on Private Router)
I've tried using bridge-utils on Debian, but this always seems to knock out my Raspberry Pi's wireless connection.
I've also read about using iptables and ebtables but, as yet, I don't really understand what I'm meant to be doing there, and some of the configurations I've found on the internet seem to conflict with one another.
I should add that the university wireless network dynamically assigns my Raspberry Pi an IP address on wlan0 each time it connects. My private router handles dynamic IP address assignment for all of my machines.
I would be so grateful if anyone could outline some simple clear instructions for achieving the setup I'm after. I am of course willing to read up on and learn anything I need to get this running, but I am interested in keeping the solution as simple and easy to reproduce as possible. The only device I want to configure is the Raspberry Pi.
I note that what I'm trying to do should be possible, because it's perfectly simple to share my university wireless network via my ethernet port on my Windows laptop!
Many thanks in advance!
Best Answer
This is as simple as it could be. You do not need any bridging. Just MASQUERADE your local network on RPi:
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADEEnable forwarding of traffic:
echo 1 > /proc/sys/net/ipv4/ip_forwardRPi will not work as invisible bump-on-the-wire but will need a network setup between it and your private router – which will use ip address of RPi's eth0 as gateway.
So it will look like this:
(RPi wlan0) -- MASQUERADE -- (RPi eth0;192.168.99.254/24) → (WAN on Private Router,192.168.99.1/24)Cheers,