Configuring an access point as a router

To configure an access point as a router:

  1. Make sure the outside network interface on your access point is active. That is, make sure your access point is active on the wired network that it's connected to.
  2. Configure the access point interface. The simplest mechanism to use for this is WEP.

    Say we want our wireless network to advertise MY_WIRELESS_NET, and our WEP secret is MYWIRELESSWEP. We have to do the following:

    1. Allow packets coming in from one interface to be forwarded (routed) out another:
      #sysctl -w net.inet.ip.forwarding=1
    2. Place the wireless interface into access point mode:
      #ifconfig in_nic mediaopt hostap
    3. Configure the wireless interface to be a WEP network with an associated key:
      #ifconfig in_nic ssid MY_WIRELESS_NET nwkey MYWIRELESSWEP
    4. Bring up the interface:
      #ifconfig in_nic up
  3. See above for how you set up DHCP to distribute IP addresses to the wireless client. Briefly, you provide a dhcpd.conf with a configuration section as follows, which defines the internal network:
    subnet netmask {

    Then you run dhcpd:

    #dhcpd -cf full_path_to_your_dhcp_config_file -lf \
    full_path_to_your_release_file ni_nic

    You don't need to specify where your dhcpd.conf and release file are if you put them in the default place under /etc. For more information, see the entry for dhcpd in the Utilities Reference.

    To use WPA or WPA2, you need to set up and run hostapd (the server-side application associated with the client's wpa_supplicant) to do the authentication and key exchange for your network.

    You can also configure your access point as a NAT network router as follows:

    #mount -Ttcpip

    so that the PF module is loaded, and then use pfctl to do the configuration.

    For details of how to configure a NAT, visit