Raspberry Pi as 4G LTE Router

Created2020-04-10Updated2020-08-23

Previous

We have established connection to 4G LTE network

Goal

We are going to turn the Raspberry Pi into a Router for our devices, pick your need:

Wireless Router

Instead of reinventing the wheel, we follow the guide Sixfab tutorial

If you are using Raspberry Pi 2 or earlier, you will need a USB WiFi adaptor.

Backup wireless configurations

Not a must but you may want to do this, in case later you changed your mind.

1
$ sudo cp /etc/wpa_supplicant/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant.backup.conf

Configure wireless device

Clear the configuration file

1
$ sudo cp /dev/null /etc/wpa_supplicant/wpa_supplicant.conf

Add configurations into /etc/wpa_supplicant/wpa_supplicant.conf:

1
2
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

Install RaspAP

Use a quick installer of RaspAP and follow the questions to setup the wireless network

1
$ wget -q https://git.io/voEUQ -O /tmp/raspap && bash /tmp/raspap -y

I did not tested this, so any problem or question (default password etc.), please refer to the Sixfab tutorial and the toubleshooting in the original tutorial

Wired Router

We are going to use network address translation (NAT) to bridge ppp0 with eth0

This tutorial was adopting sharing wifi through the ethernet and change it to share PPP connection to ethernet

DHCP and DNS server

I used dnsmasq for DHCP + DNS.

1
$ sudo apt-get install dnsmasq

Configurate interfaces

Edit the eth0 section in file /etc/network/interfaces:

1
2
3
4
5
6
allow-hotplug eth0  
iface eth0 inet static  
    address 192.168.2.1
    netmask 255.255.255.0
    network 192.168.2.0
    broadcast 192.168.2.255

Configure forwarding

Edit /etc/sysctl.conf to enable packet forwarding.

1
$ sudo nano /etc/sysctl.conf

Find the line #net.ipv4.ip_forwarding=1 and remove the # at the beginning to make it net.ipv4.ip_forwarding=1. This will enable packet forwarding once the system reboot.

Configure dnsmasq

Backup dnsmasq configuration

1
$ sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig

Edit /etc/dnsmasq.conf

1
2
3
4
5
6
7
8
9
10
11
interface=eth0      # Use interface eth0  
listen-address=192.168.2.1 # listen on  
# Bind to the interface to make sure we aren't sending things elsewhere  
#### bind-interfaces #### BUT don't enable this.
server=8.8.8.8       # Forward DNS requests to Google DNS  
domain-needed        # Don't forward short names  
# Never forward addresses in the non-routed address spaces.
bogus-priv
# Assign IP addresses between 192.168.2.2 and 192.168.2.100 with a
# 12 hour lease time
dhcp-range=192.168.2.2,192.168.2.100,12h

Enable bind-interfaces cause me unable to share the internet. You may need to test it.

NAT configuration

1
2
3
$ sudo iptables -t nat -A POSTROUTING -o wwan0 -j MASQUERADE  
$ sudo iptables -A FORWARD -i wwan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT  
$ sudo iptables -A FORWARD -i eth0 -o wwan0 -j ACCEPT

Make the rules persistent.

1
$ sudo sh -c "iptables-save > /etc/iptables.ipv4.nat"

Edit /etc/rc.local

1
2
# Add this line above exit 0
iptables-restore < /etc/iptables.ipv4.nat

DONE

Connect my laptop to Raspberry Pi 

1
2
3
4
5
$ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=2 ttl=51 time=99.2 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=51 time=22.9 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=51 time=69.7 ms