1

I am trying to setup a captive portal on my raspbian stretch access point connecting to my node server.

Currently using systemd to set up my network so I can ssh into my pi and use it as a access point. I am using this tutorial Raspberry Pi Zero W as a WiFi repeater . This is necessary for me to have wifi client and AP on my pi.

I have tried a number of methods setting iptables and dnsmasq with no luck

my iptables I was trying are : iptables -t nat -A PREROUTING -d 0/0 -p tcp --dport 8001 -j DNAT --to-destination 192.168.1.96:8001 One thing I am uncertain of is the --dport. Do I need to set any destonation ports or source ports? If I dont know the client's port then can DHCP just handle this? It makes sense to me that any web traffic once connected to my AP would just be sent to my --to-destination 192.168.1.96.8001

The other method I have tried is to set the address with DNSMasq using sudo nano /etc/dnsmasq.conf

interface=wlan0      
dhcp-range=192.168.1.2,192.168.1.30,255.255.255.0,24h

address=/192.168.1.96:8001

I am uncertain if the systemd does any network configuration or iptables at a different time so the AP captive portal is lost.

Let me know if anyone has tried this or had any successes with captive portals using systemd networking on Stretch.

Colin Rosati
  • 209
  • 1
  • 9
  • I haven't yet used a captive portal but just to narrow down your problem: there is a (small?) web server running on the access point that delivers the greeting web page, isn't it? For testing you can request this page with a browser from a remote site? Do you use complete routing for your access point or do you have to fake your internet router with NAT? Where is the client located that shall get the greeting page? Only on the subnet from the access point, or outside through the wlan0 client interface? – Ingo Oct 04 '18 at 21:51
  • Hi colin, are you still interested in support? If so, please address me with @Ingo. I have left focus on your question. – Ingo Oct 08 '18 at 21:59
  • @Ingo thanks for the response. My intention is for the web server to deliver the main index page once the client is on the access point. – Colin Rosati Oct 11 '18 at 19:43
  • @Ingo For Testing I can access this static page using the ipaddress and port of the server on a browser connect to the same WLAN router. I only use the NAT routing that I have mentioned above. I am not sure what a complete routing looks like. I am only using the RPI wlan0 interface so I can develop over SSH on the Pi. I am uncertain, so in that case the client is located on the subnet then? – Colin Rosati Oct 11 '18 at 19:51
  • As far as I understand is the web server running on the RasPi that also works as Access Point. Stations connect to the AP and can also connect to the web server. The RasPi has also a NATed wifi client connection to an internet router. All devices that want to connect to the web server are on the subnet from the AP. The iptables rule you try is for port forwarding but that isn't necessary for stations on the AP subnet. They all can direct connect to the web server. So, for what do you need port forwarding? – Ingo Oct 16 '18 at 21:42

0 Answers0