Configure as a virtual access point
You can configure an industrial PC under Beckhoff RT Linux® as an access point. This requires the hostapd package. hostapd (Host Access Point Daemon) is a system service that operates a WLAN card in AP mode and acts as an 802.1X/WPA authenticator for client authentication and key management.
Prerequisites:
- Beckhoff WLAN sticks: CU8210-D001-0101 or CU8210-D001-0102
- SSID and password of an existing WLAN
- Installing the iwd service and firmware
- Post-install the Hostapd service
Proceed as follows:
- 1. Install the package
hostapdwith:
sudo apt install hostapd- 2. Open the configuration file hostapd.conf with a text editor.
sudo nano /etc/hostapd/hostapd.conf- 3. Customize the Hostapd configuration file as follows:
interface= wlx34c9f09ab29c
debug=1
ssid=yourSSID
wpa=2
wpa_passphrase=yourPassword
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
channel=7
hw_mode=g
country_code=DE
ieee80211d=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=0- 4. Start
hostapdwith the following command:
sudo systemctl start hostapd- 5. The following error message appears, reporting that the hostapd service is masked. With systemd, masked means that the service is deliberately blocked so that it cannot be started in order to avoid conflicts.
Failed to start hostapd.service: Unit hostapd.service is masked.- 6. Execute the following command to remove the masking.
sudo systemctl unmask hostapd- 7. Then restart the service.
sudo systemctl start hostapdConfigure DHCP and IP address
As soon as the service is running, systemd-networkd must be set up so that the access point assigns IP addresses via DHCP.
- 8. A ready-made example configuration for access points is stored on the system under /usr/lib/systemd/network/80-wifi-ap.network.example, which you can use. Copy the sample configuration from the directory to the appropriate folder.
sudo ln -s /usr/lib/systemd/network/80-wifi-ap.network.example /etc/systemd/network/80-wifi-ap.network- 9. Open the configuration file with a text editor
sudo nano /etc/systemd/network/80-wifi-ap.network- 10. Expand the entries in the configuration file
/80-wifi-ap.networkas follows:
# SPDX-License-Identifier: MIT-0
#
# This example config file is installed as part of systemd.
# It may be freely copied and edited (following the MIT No Attribution license).
#
# To use the file, one of the following methods may be used:
# 1. add a symlink from /etc/systemd/network to the current location of this file,
# 2. copy the file into /etc/systemd/network or one of the other paths checked
# by systemd-networkd and edit it there.
# This file should not be edited in place, because it'll be overwritten on upgrades.
[Match]
WLANInterfaceType=ap
Name= wlx34c9f09ab29c
[Network]
Address=192.168.11.1/24
DHCPServer=yes
IPMasquerade=ipv4
PoolOffset=10
PoolSize=20
EmitDNS=yes
DNS=8.8.8.8Enable ports for DHCP requests
Finally, the ports for the clients' DHCP requests to the server must also be released.
- 11. Open the configuration file with a text editor.
sudo nano /etc/nftables.conf.d/00-basic.conf- 12. Expand the configuration file and enable port 67 and port 68.
table inet filter {
chain input {
type filter hook input priority 0; policy drop;
--snipped
# DHCPv4: Client -> Server
udp dport 67 accept
# DHCPv4: Server -> Client
udp sport 67 udp dport 68 accept
--snipped--- 13. Restart the service
nftableswith the following command.
sudo systemctl restart nftables- 14. Check the open ports with the following command.
sudo nft list rulesetThe access point is now fully configured and can be used by clients to establish a connection. To do this, use the configured SSID name and the WPA2 password defined in the /etc/hostapd/hostapd.conf file.
The connected clients can be displayed with the following command:
sudo hostapd_cli list_staThis command outputs the MAC addresses of all WLAN clients currently connected to the access point.