Difference between revisions of "ACKsesspoint"

From Hackerspace ACKspace
Jump to: navigation, search
(added some latest updates)
Line 27: Line 27:
 
* Have a [[GL-Inet]] now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
 
* Have a [[GL-Inet]] now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
 
* Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for [[hackers on a bike]].
 
* Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for [[hackers on a bike]].
 +
 +
=== update 2016/01/30 ===
 +
* Stuiterveer, Xopr and Da_Syntax did a test run in the hostel during Fosdem.
 +
* Used open hotspot had a strict firewall. Only browsing was allowed, it injected ssl certs to be able to sniff the trafic. Almost all ports blocked, so no SSH.
 +
* Trying to run openVPN on tcp 443 failed. Session got killed after a minute.
 +
* In the end we got it running stable at UDP 53 (DNS).
 +
 +
Image of the test setup. Wifi stick which connects the eeePC to the hotspot on the table, eeePC which runs openVPN on the floor, router which runs our WiFI ip also on the floor connected to eeePC.
 +
[[Image:Inet_setup.png|400px]]
  
 
=== (long term) solution  ===
 
=== (long term) solution  ===

Revision as of 12:08, 31 January 2016

Project: ACKsesspoint
Featured:
State Stalled
Members Da Syntax, xopr
GitHub No GitHub project defined. Add your project here.
Description Create an all-in-one accesspoint/router
Picture
No project picture! Fill in form Picture or Upload a jpeg here

Problem

On hackday 1, we came across the problem that our internet connection was limited; one could only do http (80) and https (443).

The rest (ssh, rdp, vnc, pptp, etc.) was blocked.

Hack

PsychiC and Da Syntax bridged a laptop's wifi with a wired connection to an accesspoint.

created a public accessible accesspoint which tunneled traffic over a VPN to end up in the network of ACKspace.

update 2014/03/08

Xopr bought a TP-Link TL703n, and 16MB flash + 64MB RAM. Da_syntax soldered the flash: now we can install OpenVPN!

update 2015/04/23

When working on spacenet used this router and threw the latest [firmware] on the TL703n, which fixed WPA2-AES (enterprise, using RADIUS). It now runs OpenWrt Barrier Breaker 14.07

update 2015/05/26

  • Played some with OpenVPN (after having set-up spacenet), and came to the conclusion that RADIUS login is not going to work (certificate-ception problem). LDAP is not setup correctly yet, so I might do some manual administration there.
  • Have a GL-Inet now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
  • Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for hackers on a bike.

update 2016/01/30

  • Stuiterveer, Xopr and Da_Syntax did a test run in the hostel during Fosdem.
  • Used open hotspot had a strict firewall. Only browsing was allowed, it injected ssl certs to be able to sniff the trafic. Almost all ports blocked, so no SSH.
  • Trying to run openVPN on tcp 443 failed. Session got killed after a minute.
  • In the end we got it running stable at UDP 53 (DNS).

Image of the test setup. Wifi stick which connects the eeePC to the hotspot on the table, eeePC which runs openVPN on the floor, router which runs our WiFI ip also on the floor connected to eeePC.

Inet setup.png

(long term) solution

The idea is: use a semi-fancy router to create a fully fledged mobile spacenet accesspoint.

The router has to have:

  • dual radio, dual frequency (2.4GHz and 5GHz, WAN client, and LAN infrastructure)
  • vlan tagging (for routing multiple wired wan, might be optional)
  • nice bandwidth/throughput

The functionality:

  • VPN tunnel to ACKspace
  • SpaceNet
  • Battery operated or battery backup, like in the Guerilla VoIP box.