|Members||Da Syntax, xopr, Stuiterveer|
|GitHub||No GitHub project defined. Add your project here.|
|Description||Create an all-in-one accesspoint/router|
On hackday 1, we came across the problem that our internet connection was limited; one could only do http (80) and https (443).
The rest (ssh, rdp, vnc, pptp, etc.) was blocked.
created a public accessible accesspoint which tunneled traffic over a VPN to end up in the network of ACKspace.
- Played some with OpenVPN (after having set-up spacenet), and came to the conclusion that RADIUS login is not going to work (certificate-ception problem). LDAP is not setup correctly yet, so I might do some manual administration there.
- Have a GL-Inet now as well (had some trouble accessing it, but was able to flash OpenWrt on it. Makes a perfect candidate, since it has a LAN and WAN ethernet port.
- Tested the TL703n on a 10400mAh powerbank (more or less forgot to unplug it), and it ran 36 hours (with approximately 25% capacity left) Makes a good set-up for hackers on a bike.
- Stuiterveer, Xopr and Da_Syntax did a test run in the hostel during Fosdem.
- Used open hotspot had a strict firewall. Only browsing was allowed, it injected ssl certs to be able to sniff the trafic. Almost all ports blocked, so no SSH.
- Trying to run openVPN on tcp 443 failed. Session got killed after a minute.
- In the end we got it running stable at UDP 53 (DNS).
Image of the test setup. Wifi stick which connects the eeePC to the hotspot on the table, eeePC which runs openVPN on the floor, router which runs our WiFI ip also on the floor connected to eeePC.
Early setup before cable management:
(long term) solution
The idea is: use a semi-fancy router to create a fully fledged mobile spacenet accesspoint.
The router has to have:
- dual radio, dual frequency (2.4GHz and 5GHz, WAN client, and LAN infrastructure)
- vlan tagging (for routing multiple wired wan, might be optional)
- nice bandwidth/throughput
- VPN tunnel to ACKspace
- Battery operated or battery backup, like in the Guerilla VoIP box.