You are here: OpenWrt Wiki » Documentation » Recipes » Dumb AP

Dumb AP

This document describes how to create an Access Point that's really just that, no routing, no DHCP, no nothing. This AP allows users to connect to the AP over wireless or ethernet. I needed this setup because access control is already in place here through 'static DHCP' and I didn't want another access control mechanism.

From a user point of view it works like this:

Connect to the AP (in case of wireless WPA2 encrypted, hence a password is needed)
If the MAC of the users network interface matches a MAC in the list, it gets the appropriate IP and the user has network access (possibly not the best way to control network access…)

'Static DHCP' is not covered here, all we do is creating an AP that provides WPA2 encrypted wireless access and doesn't interfere.

Configuration

The changes below assume an OpenWrt default configuration, the relevant files are:

Step 1: Modify the Network

Edit /etc/config/network and change the interface section:

For switch-less devices, e.g. Alix Board

On switchless devices, simply bridge all ethernet interfaces together, remove the existing WAN interface - if any.

config interface lan
        option type     'bridge'
        option ifname   'eth0 eth1'   # Bridges lan and wan
        option proto    'dhcp'        # Change as appropriate

For devices with switch and dedicated WAN, e.g. WNDR3700

On devices with a separate WAN interface, bridge the LAN VLAN together with the WAN interface, remove the existing WAN interface - if any.

config interface lan
        option type     'bridge'
        option ifname   'eth0.1 eth1'  # Bridges vlan 1 and wan
        option proto    'dhcp'         # Change as appropriate

For devices with switch only, e.g. WRT54GL

On devices where WAN and LAN are separated by switch config, reconfigure the LAN VLAN to cover all ports, remove the existing WAN interface and its related VLAN - if any.

config switch_vlan eth0_0
        option vlan     '0'
        option ports    '0 1 2 3 4 5t' # Might vary depending on the device

config interface lan
        option type     'bridge'
        option ifname   'eth0.0'       # Might vary depending on the device
        option proto    'dhcp'         # Change as appropriate

Step 2: Change the existing wireless network

Edit /etc/config/wireless, and don't worry about most of it, things that might need changes are commented.

config 'wifi-device' 'radio0'
        option type    'mac80211'
        option channel '11'
        option macaddr '12:e4:4a:b3:83:1a'
        option htmode  'HT20'
        list ht_capab  'SHORT-GI-20'
        list ht_capab  'SHORT-GI-40'
        list ht_capab  'TX-STBC'
        list ht_capab  'RX-STBC1'
        list ht_capab  'DSSS_CCK-40'

config 'wifi-iface'
        option device  'radio0'
        option network 'lan'  # Set to the name of the bridged interface
        option mode    'ap'
        option ssid    'ap_myaccesspoint'
        option encryption 'psk2'  # Change as appropriate
        option key     'ap_password'

Step 3: Disable DHCP Server

If you still need dnsmasq running for something else (e.g. TFTP server) you can do:

uci set dhcp.lan.ignore=1
uci commit dhcp
/etc/init.d/dnsmasq restart

Step 4: Disable Firewall

/etc/init.d/firewall disable
/etc/init.d/firewall stop

Apply changes

Reloading the network config should be enough, it should automatically restart if necessary.

/etc/init.d/network reload

doc/recipes/dumbap.txt · Last modified: 2012/03/06 15:55 by lucas.robb

OpenWrt

Wiki Search

Actions

Translations