Do you allow this site to use Cookies?

There are many guides for creating a Raspberry Pi Access Point but from Raspbian 9 Stretch the network setup has changed, which means a lot of guides are out of date. So this guide is about setting up a Raspberry Pi Hotspot for Raspbian 9 Stretch onwards, it also works for Raspbian 8 Jessie and Raspbian 10 Buster.

I have two other guides on how to set up an automatic Raspberry Pi Access Point, which connects to your home network when you are at home and generates a hotspot when you are out.

For the Autohotspot guide to setup an internet routed hotspot suitable for RPi4, RPi3, RPi2 & Rpi: Click Here
For the Autohotspot guide to setup a non internet routed hotspot suitable for RPi ZeroW and RPi Zero: Click Here


  • This guide will go through how to set up a permanent hotspot for both internet routed, for RPi's with network ports, and non internet routed hotspots for Pi Zero/W 


This has been tested on Raspbian Jessie, Raspbian Stretch and Raspbian Buster. To see which version you have enter the command lsb_release -a

  • Raspberry Pi 4
  • Raspberry Pi 3 or 3 B+
  • Raspberry Pi 1 or 2 with a Wifi Dongle*,
  • Raspberry Pi Zero W and Zero with WiFi Dongle* (internet hotspot not useable as it has no ethernet port.


*some WiFi dongles don't work in adhoc mode or don't work with with the nl80211 driver used in this guide for RPi4, RPi 3, RPi3 B+ & Pi Zero W inbuilt wifi, so you may want to check this first before starting.

To see if your usb WiFi dongle can be used as an access point enter the command; iw dev ,scroll to section "Supported interface modes:" and look for * AP



Dnsmasq bug: in versions below 2.77 on Jessie and Stretch, there is a recent bug that may cause the hotspot not to start for some users. This can be resolved by removing the dns-root-data. It may be benificial to do this before you start the rest of the installation as it has been reported that doing it after installation for effected users does not work but you won't know if it is an issue until after the installation is complete.

check your version with : dpkg -s dnsmasq

versions 2.77 and above are ok. If not then try the command:

sudo apt-get purge dns-root-data

thanks to danny for highlighting this.


Note about Raspbian Buster and Stretch Network Device Names

For Raspbian Stretch and Buster there has been changes to how the network drivers are named, called Predictable Network Interface Names,  and may be different for the usual wlan0 and wlan1 for wifi and eth0 for ethernet connections. Though the official Foundation version of Raspbian seems to be keeping to the old standard names, at least at the time of writing,  this may not always be the case. For this guide I will use wlan0 as the device that is used.  

To check the device name for your setup enter the commmand iw dev and take a note of the "Interface" name. For wifi it should start with wl , replace your device name with any reference to wlan0 in the article, scripts and config files.


Step 1:

To start with hostapd hotspot client and dnsmasq lightweight dns server need to be installed.

Open a Terminal session.

Update Raspbian with the latest updates by entering the commands:

sudo apt-get update
sudo apt-get upgrade

 To install hostapd enter the command:

sudo apt-get install hostapd

enter Y when prompted.

To install dnsmasq enter the command:

sudo apt-get install dnsmasq

enter Y when prompted

The installers will have set up the programme so they run when the pi is started and activated them. While we set the hotspot we should stop them running. This is done with the following commands:

sudo systemctl stop hostapd
sudo systemctl stop dnsmasq

Now the hostspot configuration file can be setup. This contains the name of the WiFi signal you will need to connect to (SSID) and the security password.

To edit the configuration files I will be using the nano text editor but if you prefer an editor with an point and click interface then replace nano with leafpad in the following instructions.

Hostapd Configuration

Using a text editor edit the hostapd configuration file. This file won't exist at this stage so will be blank.

sudo nano /etc/hostapd/hostapd.conf

download file here:


  • The interface will be wlan0
  • The driver nl80211 works with the Raspberry Pi 4, 3, 3 B+  & Pi Zero W onboard WiFi but you will need to check that your wifi dongle is compatable and can use Access Point mode.

For more information on wifi dongles see

  • The SSID is the name of the WiFi signal broadcast from the RPi, which you will connect to with your Tablet or phones WiFi settings.
  • Channel can be set between 1 and 13. If you are having trouble connection because of to many wifi signals in your area are using channel 6 then try another channel.
  • Wpa_passphrase is the password you will need to enter when you first connect a device to your Raspberry Pi's hotspot. This should be at least 8 characters and a bit more difficult to guess than my example.

To save the config file press ctrl & o and to exit nano press Ctrl & x

Now the defaults file needs to be updated to point to where the config file is stored.
In terminal enter the command

sudo nano /etc/default/hostapd


Check the DAEMON_OPTS="" is preceded by a #, so is #DAEMON_OPTS=""

And save.

A recent change in hostapd means the service will be masked, so hostapd won't start when you reboot. To Unmask the hostapd service enter:

  • sudo systemctl unmask hostapd
  • sudo systemctl enable hostapd

Once you have completed the rest of the setup and rebooted Hostapd will start and generate the hotspot settings.

DNSmasq configuration

Next we need to update the DNSmasq.conf file. There are two setups depending if you need internet access or not.

DNSmasq Config 1 - No Internet

Open the dnsmasq.conf file with

sudo nano /etc/dnsmasq.conf

Go to the bottom of the file and add the following lines (download here)


#RPiHotspot config - No Intenet

and the save (ctl & o) and exit (ctrl & x)

DNSmasq Config 2 - Internet Routed

Open the dnsmasq.conf file with

sudo nano /etc/dnsmasq.conf

Go to the bottom of the file and add the following lines (download here)

#RPiHotspot config - Internet

and the save (ctl & o) and exit (ctrl & x)


Step 2:

Now that hostapd and dnsmasq are configured we now need to make some changes to the interfaces file, the dhcpcd.conf file, setup ip_forwarding.

Interfaces File

The interfaces file is not required and should be empty of any network config. Depending which version of Raspbian you have this file may still contain network config.


sudo nano /etc/network/interfaces

If your file shows more than the standard top 5 lines like this

# interfaces(5) file used by ifup(8) and ifdown(8)
# Please note that this file is written to be used with dhcpcd
# For static IP, consult /etc/dhcpcd.conf and 'man dhcpcd.conf'
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

then make a copy of your file and then remove any excess lines from the interfaces file.

To make a backup of your interfaces file first, use the command

sudo cp /etc/network/interfaces /etc/network/interfaces-backup


Next we need to update the dhcpcd.conf file. Open the file with

sudo nano /etc/dhcpcd.conf

then scroll to the bottom of the file and add the line (Download here)

nohook wpa_supplicant
interface wlan0
static ip_address=
static routers=

If you are setting up the Internet routed hotspot then also include

static domain_name_servers=

now save (ctrl & o) and exit (ctrl & x)

The line 'nohooks wpa_supplicant' will stop the network wifi from starting if you have an entry in /etc/wpa_supplicant/wpa_supplicant.conf . If this is not done then network wifi will override the hotspot.

This next bit is only if you would like devices to have internet access. If not skip to "Testing the Hotspot".

 ip forwarding

For the internet to be available when an Ethernet cable is attached, IP forwarding needs to be activated. To do this enter

sudo nano /etc/sysctl.conf

look for the line

# Uncomment the next line to enable packet forwarding for IPv4

and remove the # so it is

# Uncomment the next line to enable packet forwarding for IPv4

now save (ctrl & o) and exit (ctrl & x)

Next the rules need to be added that will allow any device connected to the access point to be able to use the internet. This is done with IP Table rules which will need to be loaded every time the Raspberry Pi starts up. So a service file can be setup to do this.

There is a program called netfilter-persistent that can do this but it is simple to setup a custom service instead.

First create the file for the ip table rules.

sudo nano /etc/iptables-hs

add the lines below or download from here

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o wlan0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT

now save (ctrl & o) and exit (ctrl & x)

Update the permissions so it can be run with

sudo chmod +x /etc/iptables-hs

Now the service file can be created which will activate the ip tables each time the Raspberry Pi starts up

Create the following file

sudo nano /etc/systemd/system/hs-iptables.service

Then add the lines below of download from here

Description=Activate IPtables for Hotspot



now save (ctrl & o) and exit (ctrl & x)

To activate the service file, so it starts at every boot up, enter the command

sudo systemctl enable hs-iptables


Testing the Hotspot

The hotspot setup is now complete. To test that the setup is ok reboot the RPi.

 Once the RPi is up and running the wifi icon near the clock should now be two arrows facing opposite directions networkdown This means it is an access point. On a Tablet, phone or Laptop scan for wifi signals. You should see one for RPiHotSpot.

Select this as the wifi signal to connect to. The password is what you setup in the hostapd.conf file. From my example it is 1234567890

rpiHotspot android

Local wifi signals in range on Android. You will see RPiHotSpot and not RPiHotN

For SSH and VNC the connection ip is also if you have setup the RPi as a webserver use the same ip to see the webpage.

For ssh use ssh This email address is being protected from spambots. You need JavaScript enabled to view it.

For vnc use

If you have setup the Internet routed configuration. Connect an ethernet cable to the Raspbery Pi and your router and wait a few seconds. The hotspot will now allow connected wifi devices to use the internet as well as the Raspberry Pi

 Once you are happy the setup is working ok then your done.


Script Removal

If you don't wish to continue using the Hotspot then the Raspberry Pi can be revered back to a standard wifi setup with the following steps.

Stop the Hostapd and dnsmasq services with the commands

sudo systemctl disable dnsmasq

sudo systemctl disable hostapd

In the /etc/dhcpcd.conf file remove the lines added at the bottom of the file.

#Static Hotspot
nohook wpa_supplicant
interface wlan0
static ip_address=
static routers=
static domain_name_servers=

If you had previous config in your interfaces file and made a backup you can restore your original interfaces file with the command

sudo mv /etc/network/interfaces-backup /etc/network/interfaces

If you didn't setup an internet routed hotspot then your done, after a reboot your RPi will not longer be an Access Point. For Internet routed Hotspots you also need to do the following;

Disable the hs-iptables service with the command

sudo systemctl disable hs-iptables

Then disable ip forwarding

sudo nano /etc/sysctl.conf

look for the entry

# Uncomment the next line to enable packet forwarding for IPv4

and add a # as follows

# Uncomment the next line to enable packet forwarding for IPv4
# net.ipv4.ip_forward=1

Then reboot and the Raspberry Pi will be back to the standard wifi setup.


 Trouble Shooting

  • If you get no wifi connection or no hotspot and have this icon networkdownthen it is most likley there is an error in one of the configuration files.
  • If the RpiHotspot signal can't be seen by another device, Use the command sudo systemctl status hostapd to see if there is an error with Hostapd.
  • If Hostapd has an error that it is Masked then try
    • sudo systemctl unmask hostapd
    • sudo systemctl enable hostapd
    • sudo systemctl start hostapd
  • If you don't get an internet connection when an ethernet cable has been attached, with the Internet routed setup, then you can check the ip table rules have been activated with the command sudo iptables -S If you don't see any rules but just get

    then make sure the service was enabled with the command sudo systemctl enable hs-iptables and the iptables file has the correct prmissions with sud chmod +x /etc/iptables-hs
  • You can connect to the hotspot via an Android Phone but you can't get a ssh connection. Some users have found this issue where Android uses their data connection rather than the wifi. Disabeling data has allowed them to use ssh.  

Add comment

# Johnie 2019-11-27 13:24
excellent airdrop cryptocurrency bitcoin profit amancio ortega:
Reply | Reply with quote | Quote | Report to administrator
# Dazz 2019-10-06 09:15
IPtables is also depreciated. NFtables is the new kid in town.
Reply | Reply with quote | Quote | Report to administrator
# Roboberry 2019-10-06 10:04
I wasn't aware of that one. I will check it out. thank you
Reply | Reply with quote | Quote | Report to administrator
# Dazz 2019-10-05 10:27
Hi. Great write up. I found that DAEMON_CONF= is depreciated and support will be removed. Does or should that change your instructions?
Reply | Reply with quote | Quote | Report to administrator
# roboberry 2019-10-05 11:40
Thanks Dazz. I saw that it is going to be depreciated in a future release, so I will look into that when I do some updates to the Autohotspot articles in the near future. I think that is just being dropped and /etc/hostapd/hostapd.conf will be standard. If that's the case that step will be skipped but I will look into in more detail. But thanks for highlighting, easily missed on the install message.

Reply | Reply with quote | Quote | Report to administrator
# Jannes 2019-08-25 09:14
Hello, my hotspot dont work and I think I know why. Because the /etc/dhcpcd.conf file was empty when I opened it. I think I deleted all accidentally, because Im not good at the terminal and I tried it a few times. Can you give me the content of the file, so I can paste it into my file? (My English isnt very good, sorry)
Reply | Reply with quote | Quote | Report to administrator
# Roboberry 2019-08-25 10:03
Hi Jannes, I have sent you the file via email.
Reply | Reply with quote | Quote | Report to administrator
# Roboberry 2019-08-25 10:27
hi Jannes, I keep getting a return on your email. Can you email me direct admin@ this site and I will send it to you.

This is the dhcpcd.conf file with the comments removed:

# A sample configuration for dhcpcd.
# See dhcpcd.conf(5) for details.
option rapid_commit
option interface_mtu
require dhcp_server_identifier
slaac private

#This section for the static hotspot
#Static Hotspot
nohook wpa_supplicant
interface wlan0
static ip_address=
static routers=
Reply | Reply with quote | Quote | Report to administrator
# Martin 2019-08-21 08:49
Hi, thanks for the script. I like the new design of your website, but it's a shame, that all those valuable comments below this article dissapeared.
I have one more suggestion. If you set up wifi in /boot/wpa_supplicant.conf on windows - some text editors put windows line endings to this file and that is the issue for the script. So make sure you use dos2unix on wpa_supplicant.conf file.
Reply | Reply with quote | Quote | Report to administrator
# Roboberry 2019-08-21 09:57
Hi Martin

Thanks, I had to change some of the background software which meant the comments couldn't be extracted. All three hotspot scripts have been out there for a few years, so well tested. Most of the issues where user error or feature request any bugs found have been addressed. I plan on updating the trouble shooting section for a bit more self help.

For the wpa_supplicant file. I have only ever put it in the boot folder from a linux machine. If it's created on windows does the Pi happily use it but the hotspot scripts fail to recognise it? Th PI should fail to use it the top 3 config lines are missing.
This article doesn't use wpa_supplicant so I presume you are referring to the auto scripts?
Reply | Reply with quote | Quote | Report to administrator