Help with Raspberry Pi LAN Router

I am attempting to use a raspberry pi 3B as a LAN only router between my laptop and desktop. The desktop is connected to the pi with an ethernet cable. The laptop is connected to the pi over wifi. The pi is using hostapd to create the wifi network and dnsmasq to handle dns. I have a ftp server running on the desktop that I want to connect to with the laptop through the pi. There is also an ssh server running on the pi. I’m having two issues. First, only either the laptop or desktop can actually access the ssh server, but not both. When I reboot the pi, I can ssh into it from the desktop, but not the laptop. If I disconnect the ethernet cable, then reboot, I can ssh from the laptop. After googling, I found someone saying that you can’t have 2 network interfaces on the same device in this sort of configuration. However, commercial routers accomplish what I’m trying to do without an issue. I tried separating the wifi and ethernet in 2 different subdomains, but all that did was break ip address assignment to the desktop. The second issue, which I believe is related, I can’t access the ftp server running on the desktop. I’ve tested it before on a “traditional” network setup, so I know it’s configured correctly. I may have to configure iptables, but I believe until I resolve the ssh issue, the laptop and desktop won’t be able to talk to each other. The configuration on the pi must be the issue. Unless dnsmasq can’t support what I’m trying to accomplish.

Multiple subdomain configuration:

/etc/network/interfaces (space formatting isn’t shown)

auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0

auto wlan0
iface wlan0 inet static
address 10.0.0.1
netmask 255.255.255.0
broadcast 10.0.0.255

auto eth0
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255

/etc/dnsmasq.conf

interface=wlan0
interface=eth0

dhcp-range=wlan0,10.0.0.2,10.0.0.255,255.255.255.0

dhcp-host=eth0,mac address,192.168.1.5

Single subdomain configuration:

/etc/network/interfaces (space formatting isn’t shown)

auto lo
iface lo inet loopback
address 127.0.0.1
netmask 255.0.0.0

auto wlan0
iface wlan0 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255

auto eth0
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
broadcast 192.168.1.255

/etc/dnsmasq.conf

interface=wlan0
interface=eth0

dhcp-range=wlan0,192.168.1.2,192.168.1.255,255.255.255.0

dhcp-host=eth0,mac address,192.168.1.5

For the ssh connectivity issue, sshd needs to listen on 0.0.0.0.

Can you access it from the pi?

If so, you likely need to enable ip_forward.

https://linuxconfig.org/how-to-turn-on-off-ip-forwarding-in-linux

That got it all working. I set ListenAddress to 0.0.0.0 in sshd_config. That fixed ssh. Then in dnsmasq.conf I added

dhcp-range=eth0,192.168.1.2,192.168.1.255,255.255.255.0,12h

That gave the static ip to my desktop. Finally I added a few iptables rules to allow for passive ftp.

iptables -t nat -A PREROUTING -p tcp --dport 20:21 -j DNAT --to-destination 192.168.1.5:20-21
iptables -t nat -A PREROUTING -p tcp --dport 1024:65535 -j DNAT --to-destination 192.168.1.5:1024-65535

Ah, yep. That’d do it!