Raspberry Pi 3B+ as a Wired to Wireless Gateway

 A. Setup WiFi

1. Create PASSWORD hash
   

   Use the following command to create password hash for wpa_supplicant.conf 

   read -s -p "Password: " pass && echo -n $pass | iconv -t utf16le | openssl md4 | sed 's/(stdin)= //'
   
   
2. Put the following in /etc/wpa_supplicant/wpa_supplicant.conf
   
   
   ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
   
   update_config=1
   
   country=TW
   
   network={
   
   ssid="eduroam"
   
   scan_ssid=1
   
   key_mgmt=WPA-EAP
   
   eap=PEAP
   
   pairwise=CCMP
   
   group=CCMP
   
   phase1="peaplabel=0"
   
   phase1="auth=MSCHAPV2"
   
   identity="USER"
   password=hash:PASSWORD_HASH
   }
   
   
3. Use iptables to enable SRC-NAT for output interface wla0
   
   sudo iptables -A FORWARD -i wlan0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
   sudo iptables -A FORWARD -i eht0 -o wlan0 -j ACCEPT
   sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE


4. Save iptables rules for rc.local
   
   sudo iptables-save /etc/iptables.ipv4.nat
   
   
5. Put the following in /etc/rc.local
   
   iptables-restore < /etc/iptables.ipv4.nat
   
   
6. Enable ipv4 forwarding by uncomment the following line in /etc/sysctl.conf
   
   sudo vi /etc/sysctl.conf
   
   # Uncomment the next line to enable packet forwarding for IPv4
   net.ipv4.ip_forward=1
   
   
7. You may need to remove the default route for wired interface or increase the metric for wired interface in /etc/dhcpcd.conf
   
   
8. Reboot and try it!