Host Access Point

In this guide, we configure our system to act as a Host Access Point (also known as a WiFi hotspot) for other devices to connect to.

First, check to ensure that the device driver for your wireless card can support Host AP mode. For example, the athn(4) driver's man page indicates it supports Host AP mode.

# cat /etc/hostname.if0
mediaopt hostap
nwid mynwid wpakey mywpapasswd

Replace if0 with your actual device. For media option, we pass in hostap. Replace mynwid with your desired network ID, and mywpapasswd with your desired password. We are going to assign all clients reserved IPs from the subnet

Make sure to restart networking for that device:

# sh /etc/netstart if0

Next, we enable routing:

# sysctl net.inet.ip.forwarding=1
# echo "net.inet.ip.forwarding=1" >> /etc/sysctl.conf
# sysctl net.inet6.ip6.forwarding=1
# echo "net.inet6.ip6.forwarding=1" >> /etc/sysctl.conf

Next, we configure dhcpd:

# cat /etc/dhcpd.conf                                             
option domain-name "";

subnet netmask {
        option routers;
        option domain-name-servers;
# rcctl enable dhcpd
# rcctl set dhcpd flags if0
# rcctl start dhcpd

You will need to either configure a caching nameserver on the host that listens to address, or choose a free public DNS service.

Finally, because we are using network address translation, we need to add a rule to packet filter:

match out on egress from !(egress:network) to any nat-to (egress:0)

Then reload the ruleset:

# pfctl -f /etc/pf.conf


If networking does not work immediately, try a reboot to ensure that all networking changes were properly applied.