Difference between revisions of "ACKsesspoint"

From Hackerspace ACKspace
Jump to: navigation, search
m (added Science_Hack_Day_2013 link)
m (project stalled)
 
(11 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 
{{Project
 
{{Project
|State=Planned
+
|Featured=No
|Members=xopr
+
|State=Stalled
 +
|Members=Da Syntax, xopr, Stuiterveer
 
|Description=Create an all-in-one accesspoint/router
 
|Description=Create an all-in-one accesspoint/router
 +
|Picture=IMG 1283.JPG
 
}}
 
}}
 +
=== Problem  ===
  
=== Problem ===
+
On [[Science Hack Day 2013|hackday]] 1, we came across the problem that our internet connection was limited; one could only do http (80) and https (443).  
On [[Science Hack Day 2013|hackday]] 1, we came across the problem that our internet connection was limited; one could only do http (80) and https (443).
 
  
The rest (ssh, rdp, vnc, pptp, etc.) was blocked.
+
The rest (ssh, rdp, vnc, pptp, etc.) was blocked.  
  
=== Hack ===
+
=== Hack ===
  
[[user:PsychiC|PsychiC]] and [[user:Da Syntax|Da Syntax]] bridged a laptop's wifi with a wired connection to an accesspoint.
+
[[User:PsychiC|PsychiC]] and [[User:Da Syntax|Da Syntax]] bridged a laptop's wifi with a wired connection to an accesspoint.  
  
created a public accessible accesspoint which tunneled traffic over a VPN to end up in the network of ACKspace.
+
created a public accessible accesspoint which tunneled traffic over a VPN to end up in the network of ACKspace.  
 +
 
 +
=== update 2014/03/08  ===
 +
 
 +
[[User:Xopr|Xopr]] bought a TP-Link TL703n, and 16MB flash + 64MB RAM. [[User:Da Syntax|Da_syntax]] soldered the flash: now we can install OpenVPN!
 +
 
 +
=== update 2015/04/23  ===
 +
When working on [[spacenet]] used this router and threw the latest [[http://see.sl088.com/wiki/WR703_%E7%BC%96%E7%A8%8B%E5%99%A8%E5%9B%BA%E4%BB%B6#.E5.BD.93.E5.89.8D:SLboat_Mod_Build_20141024 firmware]] on the TL703n, which fixed WPA2-AES (enterprise, using RADIUS). It now runs OpenWrt Barrier Breaker 14.07
 +
 
 +
=== update 2015/05/26 ===
 +
* Played some with OpenVPN (after having set-up [[spacenet]]), and came to the conclusion that RADIUS login is not going to work (certificate-ception problem). LDAP is not setup correctly yet, so I might do some manual administration there.
 +
* Have a [[GL-Inet]] now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
 +
* Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for [[hackers on a bike]].
 +
 
 +
=== update 2016/01/30 ===
 +
* Stuiterveer, Xopr and Da_Syntax did a test run in the hostel during Fosdem.
 +
* Used open hotspot had a strict firewall. Only browsing was allowed, it injected ssl certs to be able to sniff the trafic. Almost all ports blocked, so no SSH.
 +
* Trying to run openVPN on tcp 443 failed. Session got killed after a minute.
 +
* In the end we got it running stable at UDP 53 (DNS).
 +
 
 +
Image of the test setup. Wifi stick which connects the eeePC to the hotspot on the table, eeePC which runs openVPN on the floor, router which runs our WiFI ip also on the floor connected to eeePC.
 +
[[Image:Inet_setup.png|400px]]
 +
 
 +
Early setup before cable management:
 +
[[Image:IMG_1283.JPG|400px]]
 +
 
 +
=== (long term) solution  ===
  
=== (long term) solution ===
 
 
The idea is: use a semi-fancy router to create a fully fledged mobile spacenet accesspoint.
 
The idea is: use a semi-fancy router to create a fully fledged mobile spacenet accesspoint.
  
The router has to have:
+
The router has to have:  
* dual radio, dual frequency (2.4GHz and 5GHz, WAN client, and LAN infrastructure)
+
 
* vlan tagging (for routing multiple wired wan, might be optional)
+
*dual radio, dual frequency (2.4GHz and 5GHz, WAN client, and LAN infrastructure)  
* nice bandwidth/throughput
+
*vlan tagging (for routing multiple wired wan, might be optional)  
 +
*nice bandwidth/throughput
 +
 
 +
The functionality:
 +
 
 +
*VPN tunnel to ACKspace
 +
*SpaceNet
 +
*Battery operated or battery backup, like in the [[Guerilla VoIP]] box.
  
The functionality:
+
[[Category:Network]]
* VPN tunnel to ACKspace
 
* SpaceNet
 
* Battery operated or battery backup, like in the [[Guerilla VoIP]] box.
 

Latest revision as of 11:07, 24 May 2017

Project: ACKsesspoint
Featured: No
State Stalled
Members Da Syntax, xopr, Stuiterveer
GitHub No GitHub project defined. Add your project here.
Description Create an all-in-one accesspoint/router
Picture
IMG 1283.JPG

Problem

On hackday 1, we came across the problem that our internet connection was limited; one could only do http (80) and https (443).

The rest (ssh, rdp, vnc, pptp, etc.) was blocked.

Hack

PsychiC and Da Syntax bridged a laptop's wifi with a wired connection to an accesspoint.

created a public accessible accesspoint which tunneled traffic over a VPN to end up in the network of ACKspace.

update 2014/03/08

Xopr bought a TP-Link TL703n, and 16MB flash + 64MB RAM. Da_syntax soldered the flash: now we can install OpenVPN!

update 2015/04/23

When working on spacenet used this router and threw the latest [firmware] on the TL703n, which fixed WPA2-AES (enterprise, using RADIUS). It now runs OpenWrt Barrier Breaker 14.07

update 2015/05/26

  • Played some with OpenVPN (after having set-up spacenet), and came to the conclusion that RADIUS login is not going to work (certificate-ception problem). LDAP is not setup correctly yet, so I might do some manual administration there.
  • Have a GL-Inet now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
  • Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for hackers on a bike.

update 2016/01/30

  • Stuiterveer, Xopr and Da_Syntax did a test run in the hostel during Fosdem.
  • Used open hotspot had a strict firewall. Only browsing was allowed, it injected ssl certs to be able to sniff the trafic. Almost all ports blocked, so no SSH.
  • Trying to run openVPN on tcp 443 failed. Session got killed after a minute.
  • In the end we got it running stable at UDP 53 (DNS).

Image of the test setup. Wifi stick which connects the eeePC to the hotspot on the table, eeePC which runs openVPN on the floor, router which runs our WiFI ip also on the floor connected to eeePC.

Inet setup.png

Early setup before cable management:

IMG 1283.JPG

(long term) solution

The idea is: use a semi-fancy router to create a fully fledged mobile spacenet accesspoint.

The router has to have:

  • dual radio, dual frequency (2.4GHz and 5GHz, WAN client, and LAN infrastructure)
  • vlan tagging (for routing multiple wired wan, might be optional)
  • nice bandwidth/throughput

The functionality:

  • VPN tunnel to ACKspace
  • SpaceNet
  • Battery operated or battery backup, like in the Guerilla VoIP box.