I’ve found myself with a lot of nerve-wracking thumb-twiddling time in the hospital over the past few weeks. So, needing to secure my internet access across an open public WiFi and needing a project to distract myself a bit, I decided I wanted a device or collection of devices that perform the following roles:
– a WAP that I can use to connect my laptop, my tablet, my family’s Android tablets, my phone and my ChromeCast or Roku.
– selectable uplink via a WiFi repeater to an existing WiFi network, 3G/4G, or Ethernet
– a firewall between my devices and the uplink
– a NAS/DLNA server with enough storage to hold several full-length movies, streamable to the family’s Android tablets
– site-to-site VPN to my home network
And, I want this all to be portable, and ideally have some battery capability for travel.
This isn’t too much to ask, is it? Incredibly enough, I’ve got this working, quite well.
I found the GL-MiFi from GL.iNet, with the AT&T 4G module (Amazon). This device runs OpenWRT (a small Linux distro optimized for embedded devices, especially good for small personal/home routers). This provides a great WAP, with a solid firewall (iptables), all manageable from the rather nice OpenWRT Luci GUI, or from the simplified GL.iNet web UI, or via SSH (yes, I’ll figure out some nifty Ansible sometime in the future). And, this device packs a 5000mAH battery for several hours of disconnected use.
I added a data-only SIM from Google’s Project Fi. I have already moved my cell service to Fi, so this additional data-only SIM cost nothing, and just consumes from my existing data package. Since the MiFi takes micro SIM, and Project Fi ships a nano SIM, I also needed to throw in a SIM card adapter (Amazon). So now I have uplink via Ethernet (the MiFi has both a WAN and LAN port), WiFi (the MiFi can act as a wireless repeater), or via 3G/4G.
I’ve also added two storage devices – a 128GB SanDisk Micro SD Card Amazon) and a 128GB SanDisk USB 3.0 drive (Amazon). Why two? Well, I happened to have both already on hand, and the MiFi provides both a Micro SD slot and a USB 2.0 port, so why not try both? Once formatted ext4, they immediately show up in the web UI, and can be accessed via SMB/CIFS. And, by adding the minidlna package in the OpenWRT software management interface, VLC on the Android tablets immediately discovers and can stream any video or audio content on the storage!!
The only remaining requirement is the site-to-site VPN. I haven’t actually figured this out yet, but – given that I’m running a Ubiquiti USG in front of my home network, it looks like I’ll be able to accomplish this either via L2TP/IPSec or via OpenVPN. I’ll make sure to write that up once I figure it out.