Some time ago there were some troubles with my wifi connection, since the workplace is located in the most remote part of my home. I managed to get a powerline adapter, after which my main workstation became exposed to the full ISP provided bandwidth. Then an idea came up to also connect the Xbox (in the same room), but it appeared inconvenient to do it with cables. So I decided to make a wireless access point on my Fedora 25, which would be bridged to the wired interface and share it’s traffic with the Xbox.
Little did I know, but here is where the problems popped out. When trying to do it through the NetworkManager GUI (
NetworkManager -V shows 1.4.4-3.fc25) by clicking the “Use a hotspot”, a strange error pops up in the system log (
Jan 22 15:32:23 cactus.local gnome-control-c: Failed to add new connection: (2) A 'wireless' setting with a valid SSID is required if no AP path was given. Jan 22 15:32:23 cactus.local NetworkManager: <info> [1485088343.4560] audit: op="connection-add-activate" pid=3936 uid=1000 result="fail" reason="A 'wireless' setting with a valid SSID is required if no AP path was given Jan 22 15:32:23 cactus.local gnome-control-c: Failed to add new connection: (2) A 'wireless' setting with a valid SSID is required if no AP path was given.
And nothing really happens after that. I’ve searched the internet and there were a couple of ways to proceed, including the use of “hotspotd”. I didn’t like to approach of using 3-d party software, knowing that it has a history of failures when used with a running NetworkManager. So I found a semi-automatic setup, using
nmcli that worked for me. But before I go forward, the curious reader would have to know that:
- I didn’t have to mess with dnsmasq manually on Fedora 25 to get it working, a plugin for NetworkManager does it for you.
- I didn’t have to do manual firewall setup, to SRCNAT the connections, it’s also managed by NetworkManager.
To the point now. The high level plan is:
- Find the device, create the connection using nmcli;
- Configure the created connection manually;
- Fire up the connection, in case of issues, troubleshoot.
First, check for wireless devices: nmcli d
…and check for AP mode compatibility - look for “AP” among supported interface modes:
iw list | less
Set up the connection using nmcli. Substitute your own values for net name/password, etc:
nmcli c add type wifi ifname wlp3s0 con-name XBOX autoconnect no ssid XBOX_WIRELESS nmcli connection modify XBOX 802-11-wireless.mode ap 802-11-wireless.band bg ipv4.method shared nmcli connection modify XBOX wifi-sec.key-mgmt wpa-psk nmcli connection modify XBOX wifi-sec.psk "thegreatpassword" nmcli connection up XBOX
Then edit the file manually and add the IPADDR and PREFIX:
sudo vi /etc/sysconfig/network-scripts/ifcfg-XBOX
ESSID="XBOX_WIRELESS" MODE=Ap TYPE=Wireless BOOTPROTO=shared DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=no IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no IPV6_ADDR_GEN_MODE=stable-privacy NAME=XBOX UUID=4171ba1f-ae4c-46b5-9062-0ea02fe386b3 DEVICE=wlp3s0 IPADDR=10.5.2.1 PREFIX=24 ONBOOT=no KEY_MGMT=WPA-PSK BAND=bg MAC_ADDRESS_RANDOMIZATION=default IPV6_PEERDNS=yes IPV6_PEERROUTES=yes
Last step can also be done using the NetworkManager applet.
Check the NetworkManager applet after that. It should become orange near the “Wifi Hotspot”. Check your
journalctl output, it should not contain errors.
Troubleshooting. In case of issues, look into:
- NAT rules in the firewall;
- DNSMasq configuration
Check that your MASQUERADE rule is in place:
sudo iptables -t nat -L
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 10.5.2.0/24 !10.5.2.0/24
When starting the connection, you journal log can print something similar to:
Jan 22 18:10:35 cactus.local NetworkManager: <info> [1485097835.2370] dnsmasq-manager: starting dnsmasq... Jan 22 18:10:35 cactus.local NetworkManager: <debug> [1485097835.2371] dnsmasq-manager: command line: /usr/sbin/dnsmasq --conf-file --no-hosts --keep-in-foreground --bind-interfaces --except-interface=lo --clear-on-reload --strict-order --listen-address=10.5.2.1 --dhcp-range=10.5.2.10,10.5.2.254,60m --dhcp-option=option:router,10.5.2.1 --dhcp-lease-max=50 --pid-file=/var/run/nm-dnsmasq-wlp3s0.pid --conf-dir=/etc/NetworkManager/dnsmasq-shared.d Jan 22 18:10:35 cactus.local NetworkManager: <debug> [1485097835.2385] dnsmasq-manager: dnsmasq started with pid 18872 Jan 22 18:10:35 cactus.local NetworkManager: <debug> [1485097835.2388] arping[0x55d8b346b660,3]: run /usr/sbin/arping -A -q -I wlp3s0 -c 1 10.5.2.1 Jan 22 18:10:35 cactus.local NetworkManager: dnsmasq: failed to bind DHCP server socket: Address already in use Jan 22 18:10:35 cactus.local NetworkManager: <debug> [1485097835.2419] device[0x55d8b324bc00] (wlp3s0): remove_pending_action (1): 'dhcp4' not pending (expected)
This means, that your dnsmasq listener is already bound to the interface (most probably all interfaces if never tampered with). The output should look like:
[tim@cactus ~]$ sudo netstat -anlp | grep -w LISTEN | grep dnsmasq tcp 0 0 10.5.2.1:53 0.0.0.0:* LISTEN 20390/dnsmasq
If you have 0.0.0.0 in the third column, kill the process with “kill -9” or restart the machine.
Other issues with NetworkManager
Enable verbose logging for the NetworkManager, make sure this section is there in /etc/NetworkManager/NetworkManager.conf:
[logging] # When debugging NetworkManager, enabling debug logging is of great help. level=TRACE domains=ALL
systemctl restart NetworkManager after that to see changes in
Here are some references to
hotspotd articles that helped me troubleshoot the problem.