ACKsesspoint
Project: ACKsesspoint | |
---|---|
Featured: | No |
State | Stalled |
Members | Da Syntax, xopr, Stuiterveer |
GitHub | No GitHub project defined. Add your project here. |
Description | Create an all-in-one accesspoint/router |
Picture | |
Contents
Problem
On hackday 1, we came across the problem that our internet connection was limited; one could only do http (80) and https (443).
The rest (ssh, rdp, vnc, pptp, etc.) was blocked.
Hack
PsychiC and Da Syntax bridged a laptop's wifi with a wired connection to an accesspoint.
created a public accessible accesspoint which tunneled traffic over a VPN to end up in the network of ACKspace.
update 2014/03/08
Xopr bought a TP-Link TL703n, and 16MB flash + 64MB RAM. Da_syntax soldered the flash: now we can install OpenVPN!
update 2015/04/23
When working on spacenet used this router and threw the latest [firmware] on the TL703n, which fixed WPA2-AES (enterprise, using RADIUS). It now runs OpenWrt Barrier Breaker 14.07
update 2015/05/26
- Played some with OpenVPN (after having set-up spacenet), and came to the conclusion that RADIUS login is not going to work (certificate-ception problem). LDAP is not setup correctly yet, so I might do some manual administration there.
- Have a GL-Inet now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
- Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for hackers on a bike.
update 2016/01/30
- Stuiterveer, Xopr and Da_Syntax did a test run in the hostel during Fosdem.
- Used open hotspot had a strict firewall. Only browsing was allowed, it injected ssl certs to be able to sniff the trafic. Almost all ports blocked, so no SSH.
- Trying to run openVPN on tcp 443 failed. Session got killed after a minute.
- In the end we got it running stable at UDP 53 (DNS).
Image of the test setup. Wifi stick which connects the eeePC to the hotspot on the table, eeePC which runs openVPN on the floor, router which runs our WiFI ip also on the floor connected to eeePC.
Early setup before cable management:
(long term) solution
The idea is: use a semi-fancy router to create a fully fledged mobile spacenet accesspoint.
The router has to have:
- dual radio, dual frequency (2.4GHz and 5GHz, WAN client, and LAN infrastructure)
- vlan tagging (for routing multiple wired wan, might be optional)
- nice bandwidth/throughput
The functionality:
- VPN tunnel to ACKspace
- SpaceNet
- Battery operated or battery backup, like in the Guerilla VoIP box.