WiFi can be added to a Raspberry Pi 2 by using one a WiFI adapter (also called dongle). The WiFi adapter can be configured to connect to an access point or act as an access point itself.

There is the good instruction on the Raspberry Pi website[1] on how to create access point. Just in case it would not work, there is an extended version with troubleshooting.

Before configuring the device, make sure that you have latest software and packages:

$ sudo apt-get update
$ sudo apt-get dist-upgrade

Install required software packages:

  • dnsmasq - package that provides DHCP server and DNS cache
  • hostapd - authenticates wireless clients
  • netfilter-persistent and iptables-persistent - persist firewall rules
$ sudo apt-get install dnsmasq hostapd
$ sudo DEBIAN_FRONTEND=noninteractive apt-get install -y netfilter-persistent iptables-persistent

The wireless interface is need to be configured. By convention, there are a few networks devoted to private use[2], among them 192.168.x.x. In fixed networks, where the assumption can be made about the network structure, the network addresses can be specified statically. For that make sure that corresponding wlan interface settings are configured in the file /etc/network/interfaces.d/wlan1:

allow-hotplug wlan1
iface wlan1 inet static
  metric 100
  address 192.168.5.1
  netmask 255.255.255.0
  network 192.168.5.0

where wlan1 is the wireless interface (second adapter) I would like to connect. In case of only one adapter installed, the interface name is wlan0. 192.168.5.1 is the address and 192.168.5.0/255.255.255.0 defines the address space of the network.

At the end of /etc/dhcpcd.conf add:

interface wlan1
    static ip_address=192.168.5.1/24
    nohook wpa_supplicant

Enable routing and IP masquerading:

$ sudo vi /etc/sysctl.d/routed-ap.conf
# Enable IPv4 routing
net.ipv4.ip_forward=1

I have rather uncommon setup, where I route the packets from wlan0 to wlan1. If you want to route packets from ethernet network, use eth0 instead of wlan0:

$ sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
$ sudo netfilter-persistent save

Now rename the existing dnsmasq configuration:

$ sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig  

and create the new one that specifies the interface and the IP address range:

interface=wlan1
dhcp-range=wlan1,192.168.5.1,192.168.5.100,255.255.255.0,24h
domain=home
address=/gw.home/192.168.5.1

Preparation is done so now the access point itself can be configured. For this create the file /etc/hostapd/hostapd.conf with the following configuration settings:

interface=wlan1
ssid=VISIBLE_ACCESS_POINT_NAME_CHANGE_PLS
hw_mode=g
channel=7
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wpa=2
wpa_passphrase=SECTRET_PASSWORD_CHANGE_PLS
wpa_key_mgmt=WPA-PSK
wpa_pairwise=TKIP
rsn_pairwise=CCMP

Now umask the hostpad service:

$ sudo systemctl unmask hostapd
$ sudo systemctl enable hostapd

and either start the services and restart the raspberry pi:

$ sudo systemctl start hostapd
$ sudo systemctl start dnsmasq

$ sudo systemctl reboot

The access point should appear in the list of available WiFi networks and connecting to it with the specified password should be successful.


  1. Setting up a Raspberry Pi as a routed wireless access point, https://www.raspberrypi.org/documentation/configuration/wireless/access-point-routed.md ↩︎

  2. IPV4 PRIVATE ADDRESS SPACE AND FILTERING, https://www.arin.net/knowledge/address_filters.html ↩︎