Hak5
Save 10% at GoDaddy.com with coupon code HAK

Internet Connection Sharing mit Der Jasager

From Hak5

Jump to: navigation, search

Preface: The purpose of this guide is to extend the method created by Robert Fuller, Robin Wood and Darren Kitchen so that you can use Der Jasager connected wirelessly to an Internet Connection Shared laptop to allow clients to access the Internet without their knowledge of what’s happening.

Once you have installed Der Jasager on a La Fonera and installed ICS on your laptop and finished setting everything up, users will be connecting through Der Jasager, connected to one Network Interface Card in your laptop (acting as a gateway), which in turn is connected to a second NIC in your laptop (which is the ICS enabled NIC), and then through a wireless Access Point, to the Internet.

What I used:

- Compaq Presario V5000 (“notebook_j”), running Windows XP Home SP3 - Broadcom 802.11 b/g (“Mark”)

- La Fonera (“OpenWrt” a.k.a. Der Jasager)

- Dell XPS M1330 (“eniac”), running Windows XP Professional SP3 with two NICs: - Gigabyte GN-WS50G (“Atheros”) & Alfa AWUS036H (“Alfa”)

- Linksys WRT54Gv8 (“WRT54G”) - Westell Model 2200

Internet Connection Sharing Installation:

The thing to remember here is that the NIC that you install ICS on is going to be pointing out, so to speak, toward the Internet. This will be the NIC that you would associate to a public AP, for instance, if you were doing this in the field.

The second NIC will have its IP configuration changed during the ICS installation process. It will then be acting as a gateway for Der Jasager to connect through. I have found that after you set up ICS, it’s always best to go back into the non-Internet Connection Shared NIC’s IP properties, leave it set to its assigned, static IP, but add some DNS servers. More on that in a bit. Let’s get to it.

Here is what my network configurations look like before I install ICS –

01alfa_ip_before.png

02atheros_ip_before.png

Actually installing ICS is very simple.

- Open “Network Connections” in your Windows laptop’s Control Panel - Right click on the NIC you want to install ICS on and select “Properties” - Click the “Advanced” tab - Check the box next to “Allow other network users to connect through this computer’s Internet connection” - Click the “Settings” button and check All boxes - Click “OK” twice

03ics_install1.png

04alfa_ics_services.png

Now in your Network Connections window, your ICS enabled NIC will have an icon that looks similar to this,

05ics_enabled.png

Or this.

06ics_enabled_alt.png

Once you have enabled ICS on the NIC that is phsically connected to the Internet, the IP configuration will look something like this

07alfa_after_ics.png

and the IP configuration on the other NIC will look something like this.

08atheros_after_ics.png

It is important to note that at this point it’s a good idea to plug in some DNS information into the second NIC’s IP configuration. You could use DNS server IPs from OpenDNS.com or you can get the DNS server IPs of the AP that is physically connected to the Internet. Just open a command prompt and type:

ipconfig /all

Use the DNS server IPs from the results. In my case these were the DNS servers that “Alfa” is using. Disregard the results for the other NIC (for me that’s Atheros) at this point.

09ipconfig1.png

The point is, you want to plug in those DNS server settings from the ICS enabeld NIC into the IP properties of the other NIC, and save the configuration.

You are now done setting up Internet Connection Sharing on your laptop. The second non-Internet Connection Shared NIC is now serving as a gateway. Let’s connect to Der Jasager. Power on Der Jasager. You want to associate your ICS’ed NIC to “OpenWrt” at this point. We’ll change this back later.

Let’s assume that you have successfully installed Der Jasager as per this tutorial. Once you’ve done this go ahead and log in to Der Jasager’s webif interface using a web browser. In my case it was http://192.168.1.1/webif.html. Click the “Network” tab.

10webif_change_dhcp.png

Change the drop down box next to “Connection Type” from whatever it is set to, to something like Static IP and then back to DHCP. Do this a couple of times. For some reason, in my webif interface, when I change to DHCP, not all settings are available until I do this. In any case, you’ll want to see these options:

11webif_dhcp.png

Change the IP address to something on the same subnet as your non-Internet Connection Shared NIC (that’s “Atheros”on eniac). I changed the IP in the webif interface to 192.168.0.250.

Set the Netmask to the default class C address (255.255.255.0).

Save your configuration twice. Once using the “Save Changes” button and then again using the “Apply Changes” button.

12webif_dhcp_save.png

I saved the changes this way, just to be safe. Now, remove power from the Fonera that’s running Der Jasager. Re-associate the ICS’ed NIC to its original access point. In my case, I re-associated “Alfa” to “WRT54G”. Wait a minute, and reapply power to the La Fonera. Then wait a while for the Fonera to boot and the non-ICS’ed NIC (“Atheros” in my case) to associate to “OpenWrt”.

You can now open Der Jasager’s web interface in a browser, by connecting and authenticating to the new IP address you just set up. In my case that would be http://192.168.0.250. Here’s how mine looks.

13jasager_wo_clients.png

From this interface, ensure that you are in “Blacklist” mode. Add Der Jasager’s SSID (that will be “OpenWrt” (unless you’ve changed it) to the “Add SSID to list:” field and click the “Add SSID to list” button.

14jasager_openwrt_ssid.png

Now, enable Karma.

15jasager_enable_karma.png

At this point, the setup phase is done. If you power off Der Jasager, you should repeat these steps to add “OpenWrt” to the SSID list and enable Karma, the next time you power it on. Then just sit back and wait for folks to connect to Der Jasager.

Once they’re connected, you’ll be able to see them inside Der Jasager’s web interface. Let’s first take a look at what the “Mark” sees.

Here’s the “Mark”’s list of Available Wireless Networks

16mark_available_aps.png

Here’s the result of an ipconfig /all on the “Mark

17mark_ipconfig.png

Here’s the “Mark”’s IP properties.

18mark_props.png

And here’s the “Mark” connected in to “OpenWrt” (a.k.a. Der Jasager) in a PuttyPortable session

19mark_putty.png

Here’s the “Mark” browsing.

20mark_browsing.png

As a bonus, here’s what the “Mark” sees when it connects and authenticates to a little web page I threw up on Der Jasager.

21mark_pineapples.png

Lastly, let’s look at what Der Jasager sees. The second MAC address under “Connected Clients” belongs to the “Mark”.

22jasager_w_mark_mac.png

Sites referenced:

How to configure Internet Connection Sharing in Windows XP Fon Jasager Install – Hak5 wiki Jasager – Hak5 Forums OpenWrt Community wiki

Thanks: digininja, Mubix, Hak5Darren, Iyeman, Hak5Community… Trust your Technolust!

Wallpaper of my lab

Retrieved from "http://wiki.hak5.org/wiki/Internet_Connection_Sharing_mit_Der_Jasager"