martinsauter edited this page Jan 25, 2017 · 8 revisions


This repository contains scripts, code and configuration files to use a Raspberry Pi 1,2 or 3 as a Wi-Fi access point (wlan0) that connects to the Internet via the following interfaces:

  • Ethernet (eth0)
  • An additional WLAN interface (wlan1)

Connection to the Internet is NATed and a VPN client tunnel to a VPN server is used to encrypt ALL traffic to and from ALL devices connected to the access point. Alternatively, direct NATing without a VPN tunnel is also possible.

OpenVPN in client mode is used for creating the tunnel to an OpenVPN server somewhere on the Internet. A great project description of how to set-up a VPN server on the other end at home (on a Raspberry Pi, of course) can be found here. Alternatively it's also possible to use a commercial service that offers OpenVPN server connectivity.

Hardware Requirements: A Raspberry Pi 1/2 with a separate USB Wi-Fi dongle or a Raspberry Pi 3 with built-in Wifi. If Wi-Fi is used as a backhaul, an (additional) Wi-Fi USB dongle is required.

For the Raspberry Pi 3, the hostapd that is shipped in the Raspbian repositories is used.

For the Raspberry Pi 1/2 that requires an external Wi-Fi USB dongle, this project uses a hostapd executable that was compiled for the Realtek RTL8188CUS chipset. The following devices have been checked for compatibility:

  • EDIMAX EW-7811UN

For other chipsets, other hostapd executables might be required. Important: Currently, this project uses a precompiled hostapd binary from Dave Conroy (for the Raspi 1/2 only). For details see here.

Other Requirements: Key and certificate files obtained from a public or private OpenVPN server service.

Next Page: Installation instructions