For people who would like to share the wireless connection from someone e.g. neighbour (of course by their consent) with multiple devices might face the issue of having to connect a device, such as the Fritz Box for making VoIP calls, via ethernet and connect it by some mean to the internet.
The simple setup is like this:
From what I saw and tried for hours is that the AVM FRITZ!Box 7270 Wlan V1 is not capable of accessing the internet via an existing wireless connection. The newer models are capable of doing so such as the FRITZ!Box 7390, but yeah they also cost more 🙂
The setup deals with the following issues in a quick and dirty way:
- setup raspi wifi
- setup raspi as a gateway which performs NAT, works as a DHCP and DNS server
- establish a mechanism to ssh to the raspi remotely behind the wifi from the neighbour (includes dealing with IPv6 issues from Unitymedia)
setup raspi wifi
I essentially rely on ssh and command line for the raspi, using https://www.howtogeek.com/167425/how-to-setup-wi-fi-on-your-raspberry-pi-via-the-command-line/ since I have no screen or keyboard/mouse connected. I setup wlan0 as my wireless interface.
setting up raspi for NAT, DHCP and DNS
Based on https://raspberrypi.stackexchange.com/questions/48307/sharing-the-pis-wifi-connection-through-the-ethernet-port I used for NAT iptables for DHCP isc-dhcp-server and for DNS dnsmasq. At this point I could already connect my Fritz Box successfully and have VoIP functionality.
establish a mechanism to ssh on raspi remotely
Of course from time to time I need / would like to be able to access the raspi for maintenance and by remotely I really mean via internet, so I’m not closely located. The raspi is behind another NAT and I am not able to change the routers configuration, no port-forwarding and alike. After reading some time I found autossh as a handy tool to establish and maintain a ssh connection. Well, that does not really seem to help but the actual workhorse here is ssh and constructing a reverse tunnel.
For this purpose I used https://raymii.org/s/tutorials/Autossh_persistent_tunnels.html to create a reverse tunnel to connect to my computer at home.
Hmm, yeah in principle but since I’m a customer of Unitymedia, which provides good internet speed but unfortunately I wasn’t so lucky to get a IPv4 address, only IPv6.
Is that a problem? Not really, but one just has to move some services to others which do support IPv6.
In terms of ssh and autossh I do not always want an active ssh portforwarding so that I can login but rather want something on demand. But one thing after the other:
- I adapted the router settings on my side (Unitymedia connect box) to allow ssh on my local computer, I really like http://www.ipv6scanner.com/ now so it helps to check your router configuration
- I setup a hostname using https://dynv6.com which provides IPv4 and IPv6 dynamic DNS services for free
- to deal with the issue of requesting a ssh connection on demand I wrote a small script which fetches a small textfile from my webspace and checks it; depending on the content it starts autossh or not; the scripts is run hourly by crontab
My rasbora_start_autossh.sh script:
#!/bin/bash
scp username@webhostname:rasbora_start_autossh.txt .
if [ "FALSE" == "`cat rasbora_start_autossh.txt`" ]
then
echo "Not starting autossh"
else
echo "Starting autossh"
# try to get out!
# for ssh
autossh -N -f -M 45678 -o "PubkeyAuthentication=yes" -o "PasswordAuthentication=no" -i /home/username/.ssh/id_rsa -R 6666:localhost:22 username@hostname.dynv6.net
fi
By changing the content of rasbora_start_autossh.txt on the webspace the raspi connects to my machine on demand.