hello to everyone!
I’m not very expert about connections, so please help me and sorry for my sufficient english
I explain my situation : I work sharing an office, where is available a simple commercial router to sharing internet .
To use internet I can connect to router by lan or by wifi
wifi signal is for users (like me), but also for external customers. It is without protection (there is no way to add a password) and always available (also when office is closed to the pubblic) . signal is strong enough to be use from street and by neighbours. The owner doesn’t care about it.
Inside router, it is setted with “AP Isolation” (so theoretically no one can see who is connected) .
the question is :
I will use continuously and intensively internet with many devices, so I need to create my own separated and safe wireless net inside the main net. I bought AR300M (with external antennas).
How avoid (if is possible) that someone (users like me or external customers) sniffing my traffic or snooping in my own devices?
how connect ar300M to the main router? lan or unprotected wifi ?
what are the best settings for ar300M?
There are probably a number of answers to this, but with the given information you probably should consider connecting the WAN port to the LAN port of the office, treating the connection as a Router (WAN Settings=> Cable=>DHCP) and use a VPN service to connect to the outside world.
When possible use the LAN connection, but you will also have the option to have your own (WLAN) AP. If you want to tighten restrictions on your WLAN you can use the OpenWrt LUCI tools to set up the MAC filter to only allow your devices on your WLAN.
The GL.inet firmware should do this pretty much out of the box.
thanks you for your answer
you help me so much
just a clarification about use a vpn service: which advantages I will take? which service you advise to me? free or paid?
VPN > free is a waste of time. You need to read up about what advantages you get (mainly that your ISP can’t see what you are doing on-line).
Regarding which service, these have been tested by forum users/GL (although I would AVOID hidemyass - a Google search will tell you why).
- TorGuard, https://torguard.net/
- Astrill, https://www.astrill.com
- FinchVPN, https://www.finchvpn.com/
- Free Vpn Software, http://freevpnsoftware.net/
- VPNBook, http://www.vpnbook.com/
- VPNGate, http://www.vpngate.net/
- VPN Area, https://vpnarea.com
- NordVPN, https://nordvpn.com/
- PIA, https://www.privateinternetaccess.com/
- PureVPN, https://www.purevpn.com/
- TotalVPN, https://www.totalvpn.com
- Strong VPN, http://strongvpn.com/
- HideMyAss, https://www.hidemyass.com
- Proxy.sh, https://proxy.sh/
- TCPVPN.com, https://www.tcpvpn.com
- Vpn.AC, https://www.vpn.ac/
- Proxpn, https://www.proxpn.com
- ExpressVPN, https://www.expressvpn.com/
- Airvpn, https://airvpn.org/
- CactusVpn, https://www.cactusvpn.com/
using a VPN will improve the security of my own net?
Excluding general advantages of using a VPN,
is it sufficient for my security to create a separated (wired and wireless) net inside free and unsafe main net, using WAN port of AR300M as a Router
or is essential to filter traffic through a VPN?
As the main router can be hacked by anyone, you have to use vpn.
Check this one https://store.gl-inet.com/collections/travel-routers/products/gl-usb150-microuter
This is for such purpose. But you have to enable vpn.