How to: Create an Access Point on Linux


You might want to create a simple and cheap access point as a personal or business solution. There is a simple way for doing so when using Linux. In this guide we will use Raspbian (same commands will work for Ubuntu and Debian!) to get a simple access point. You can use this in combination with freeRADIUS and Coova Chilli to have an Access Point with a landing page and paid features.


To start this project we first need to make sure we have the following:

  • A Linux operating system. I will use Raspbian for my Raspberry PI Generation 3. Ubuntu and Debian use the same commands. Which means this guide will also work. If you use another Linux OS keep in mind to change to commands to your respective distribution!
  • Make sure you have access to the internet to install the software, dependencies and possible updates.
  • Installed ‘git’ and ‘nano’ on your system and knowledge how to use this.
  • A Wi-Fi module on your device as it needs to broadcast its network to the world.
  • Your operating system should be up-to-date!
  • Time: 15 – 30 minutes will suffice!

Installing & configuring hostapd as Access Point

To get everything working we need to install hostapd. You can do this by running:

installing hostapd

Let hostapd know where its configuration file is by using nano:

Once open, change:


Please remember removing the ‘#’ in front of the line as it will not read this line if you forget to remove this.

Daemon Configuration hostapd

Now we told hostapd where its configuration file is we need to make sure there is an configuration file, as it does not exist yet!

Once opened, paste the following contents in the fresh configuration file:

Now change the settings above. You probably want to edit the ‘country_code’, ‘ssid’ and ‘wpa_passphrase’. You should confirm if the ‘channel’ and ‘driver’ is correct!

DHCP Server & DNS Relay

When a client connects we need to supply them an IP address. Also converting domain names to IP addresses is also required. To get the DHCP and DNS relay server, run:

Once installed, we should change the configuration file:

Change the following lines:


Remove the ‘#’ from ‘no-dhcp-interface’ and change the line from:


Last but not least, we should also change the DHCP range when giving out IP addresses. You probably want to change this line! Uncomment the line by removing ‘#’ and change to your hearts desire:

For our network, we used:

Forwarding network traffic to other destinations

To make the Access Point work, we need the kernel to allow it’s traffic to send to other (network)destinations. For this we need to enable one single setting. To do so, run:

Once opened, change and uncomment:


Firewall & Security

To get everything working we need to activate Network Address Translation (NAT) in the firewall. Ubuntu, Debian and Raspbian use ‘iptables’ as the firewall. The following line will probably not work for your configuration. Change the line below to your own IP settings:

The IP address should be your subnet including your subnet mask. In this case /24 just means! This line basically says route everything from source to everything BUT (notice the ‘!’)

Reboot your device and see if your new network is broadcasting!

As mentioned at the start of this guide you can also transfer your new Access Point into a new (Paid) Captive Portal! You can do this by using freeRADIUS and Coova Chilli!