Setting up a Raspberry Pi as a Wireless Access Point


If you would rather just get an SD Card with the Pi-Point image on it then go straight to getting the SD Card.


Please note this HowTo is now updated to relate primarily to using a Raspberry Pi 3. 

You will need:

 First install Raspbian from the Raspberry Pi site - – at the time of writing the current version is 'Wheezy'. 

Install the image to your SD card as explained here -

NB Since November 2016 the default Raspberry Pi configuration no longer has SSH running at start-up. You will need to put a file called 'ssh' (lower case, no extension) into the 'Boot' partition of your SD card after writing the image to it. This will cause SSH to be enabled at boot up.

Log in to your Pi – I did mine via SSH but no reason why you can't do it via a keyboard and screen if you have it connected that way. The default login is username 'pi' and password 'raspberry'. You'll be wanting to change these later for security. If not logging in via SSH make sure you have a network connection with internet access. If you're using SSH then you'll need to locate your Pi's IP address on your LAN using (on Linux systems, at least) sudo nmap -sP you may need to install nmap with sudo apt-get install nmap) which will list all IP's on your network (if your network is 192.168.1.x then change the network range in the command to and so on). You'll get a list along the lines of...

Nmap scan report for UNKNOWN (
Host is up (0.65s latency).
MAC Address: 00:24:2C:12:62:55 (Hon Hai Precision Ind. Co.)
Nmap scan report for UNKNOWN (
Host is up (0.23s latency).
MAC Address: B8:27:EB:9E:CA:4D (Raspberry Pi Foundation)
Nmap scan report for UNKNOWN (
Host is up (0.0036s latency).
MAC Address: 00:A0:DE:86:D3:6B (Yamaha)

 In this case the Pi is at so I'd login with ssh pi@

 Firstly run sudo raspi-config if you haven't yet, to setup your Pi (you'll likely want to at least change your memory split to 16) then reboot and set a root password using sudo passwd (or perhaps sudo -i if you don't want root to have a password) and enter a decent (i.e. not 'password'!) password for the root user. From this point on I'll assume you're logged in as root.

 I prefer using aptitude for package installs and will be using it throughout this HowTo – if you're happier using apt-get then you'll be wanting to alter some of the installation commands to suit. Install aptitude with apt-get install aptitude.

 Bring your Pi up to date using aptitude update; aptitude safe-upgrade – this may take a little while and also depend on your internet connection speed.

 You'll need to install a few packages:

aptitude install rfkill zd1211-firmware hostapd hostap-utils iw dnsmasq

These are:
rfkill – Wireless utility
zd1211-firmware – Software for dealing with zd1211-based Wireless hardware
hostapd – The hostap wireless access point daemon
hostap-utils – Tools that go with hostap
iw – Wireless config utility
dnsmasq – a DHCP and DNS utility

You may also want to add 'vim' to that list which is a nicer console editor than the default 'vi'.

If you're using a dongle then the zd1211-firmware package is hardware-specific but is a very common implementation for wifi dongles. Your dongle will also need to support 'AP' mode which you can verify by typing iw list and under the 'Supported interface modes' you will hopefully see 'AP' listed along with others like 'managed' and 'monitor'. If not you're out of luck with your particular dongle.

Next you must add these lines to the end of your /etc/dhcpcd.conf file:

interface wlan0
static ip_address=
static routers=
static domain_name_servers=

These lines instruct dhcpcd to statically configure the WLAN0 interface with an IP address of (the /24 is important, don't remove it, it's like the netmask entry in old /etc/network/interfaces). Change this IP address to whatever you're intending you use for your wireless network if you want something different. It also sets the gateway to which you should change to be the gateway on your normal LAN which the wired ETH0 interface is connected to. Leave the domain_name_servers as-is, that's the Google DNS farm which should always work.

Now to configure hostap. Edit /etc/hostapd/hostapd.conf (it may not already exist but this will create it, anyway) to look like this:


The settings are pretty obvious, 'driver' being the only exception, just leave it as it is but change the other values as you see fit though these should do for an initial test. One thing to bear in mind is that hostap seems to be very literal about reading its configuration file so make sure you have no trailing spaces on the end of any lines!

Note (thanks to user 'wiak' for this):

Hello Guys, You need
driver=rtl871xdrv in the /etc/hostapd/hostapd.conf file to get realtek cards to work :)
and maybe a updated hostapd from

You might want to add
to hostapd.conf to get 11n 150mbps speed

There is a realtek guide here


The final step is to configure dnsmasq so you can obtain an IP address from your new Pi-Point. Edit your /etc/dnsmasq.conf file to look like this: 

# Never forward plain names (without a dot or domain part)
# Only listen for DHCP on wlan0

# create a domain if you want, comment it out otherwise

# Create a dhcp range on your /24 wlan0 network with 12 hour lease time

# Send an empty WPAD option. This may be REQUIRED to get windows 7 to behave.

Remember to change the dhcp-range option for the network IP range you're using. If you're having problems with Windows7 machines then try uncommenting the last line.

To ensure your Pi-Point works from a reboot you'll need to create a run file to turn on forwarding, nat and run hostap at boot time. Create a file /etc/init.d/pipoint with these contents:

# Configure Wifi Access Point.
# Provides: WifiAP
# Required-Start: $remote_fs $syslog $time
# Required-Stop: $remote_fs $syslog $time
# Should-Start: $network $named slapd autofs ypbind nscd nslcd
# Should-Stop: $network $named slapd autofs ypbind nscd nslcd
# Default-Start: 2
# Default-Stop:
# Short-Description: Wifi Access Point configuration
# Description: Sets forwarding, starts hostap, enables NAT in iptables

# turn on forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward

# enable NAT
iptables -t nat -A POSTROUTING -j MASQUERADE

# start the access point
hostapd -B /etc/hostapd/hostapd.conf

Next make the script executable with chmod +x /etc/init.d/pipoint. Edit your crontab with the command crontab -e and add this line at the end:

@reboot PATH=$PATH:/sbin:/usr/sbin && /etc/init.d/pipoint

This should ensure your Pi-Point will reboot as a functioning wifi access point.

Further things you may wish to try: