Hotel blocking personal router

I am not a very advanced user but have been using various GL.iNet products on my travels and have just encountered this issue for the first time ever today. The hotel I am staying in appears to be able to recognise that a personal router is attempting to connect to its WiFi and kicks it out immediately even before the router has obtained an IP address. Nothing like resets, disabling DNS bind or cloning my phone’s MAC would circumvent this. I have read on Reddit of similar reports of newer hotel systems rejection connection to personal or travel routers and suggested that there are so far no solutions to this issue:

This is worrying if this becomes more prevalent and I would be grateful for any suggestions from the people in the know for any possible solution. Thank you in advance for your recommendations.

They must recognise the router in some way (I would assume mac address would be an obvious one), also maybe deleting the ntp (time server) settings in luci as that would be easily identifiable as a router when it looks up openwrt servers.

Unless there is some unchangeable variable that identifies the product as a router as opposed to a regular client (apart from the mac address) - maybe some other users would have more knowledge on this than I do…

1 Like

One other quick one, have you turned off rebind protection is that what is meant by disabling DNS bind?

1 Like

Thanks zimo. I have indeed turned off rebind protection and will certainly try your suggestion about deleting the ntp (if this is not too technical) and will report back although I feel that they use much more sophisticated methods as outlined by Chanjav in the Reddit thread I referenced above.

Unfortunately, stopping the system\startup\sysntpd (if this is the right way to doing it) has not made any difference.

There’s a way called Mac Clone you can also try.
You use your phone or laptop to connect to the network, and then copy the mac address of your device to the router. It should be similar to connecting to Xfinity wifi, you can learn more here: Setting Up Xfinity Wi-Fi Connection with GL.iNet Slate (GL-AR750S-Ext) Travel Router | by GL.iNet | GL.iNet: Wi-Fi for Things | Medium

2 Likes

Thanks panpan. Already done all of that and followed it to the letter but no joy I am afraid as mentioned in my original post.

so lets think of some ideas of what may be happening here…

after a wifi repeater connection is made:
1.hilton is scanning known ports of the wireless interface and getting some OS dection or getting a resoponse from a known port associated with ddwrt/openwrt/gli-net/etc and not routing or dropping connection?

  1. the gli wifi mac address is a spin off first hex group(-2 or +2 ) characters of the lan or wan mac and they have figured this out and autodisconnect/non-route it.

  2. Is there a router that is working that they have not figured this out to gather some data on it to reimplipment with gli

  3. are they detecting traffic to outside address like www.glddns.com.

5 combnation 2 or more of the above.

stupid Ideas I have :
use a client to go to www.glddns.com to see if it’ blocked or such or if site to site works.
run nmap on the wan connection to see what ports are open for script detection.

override macaddress for the wan and lan and wifi adapters to something non router like.

1 Like

Thanks rp for your thoughts. I can confirm that www.glddns.com is accessible from my phone directly connected to the hotel WiFi. Overriding the router’s MAC address by cloning my phone’s one to it instead has not helped although when the phone itself is connected to the hotel’s WiFi, it works no problems at all. As for your comments on script detection and changing MAC for WiFi adapters, then I am afraid this is beyond my knowledge although I would welcome any clear instructions in things to try. Thanks again.

Maybe use a spare phone and do usb tethering or Hilton just don’t want you creating hotspot

1 Like

Thanks sammo. The place I am staying in just now offers free wi-fi to its customers and although they appear to use something similar to Hilton in blocking personal routers, I can’t see that this is purely due to financial reasons but may be to try and fully control internet traffic through their systems which I see as a security risk for us as customers that cannot secure this traffic in whichever way we see fit. Also devices like chromecast become completely and utterly useless.

Then try to use a spare phone and usb tethering to router

1 Like

Thanks again sammo. That’s actually a very good suggestion but as my phone is my main work device when I am away, I would really rather not have it tethered to the router all the time. Also smart phone and router and all other devices connected to the router will be on different networks and will be unable to talk to each other which will cause its own issues. I see your point about carrying a spare phone but I always try and carry the least amount of gadgets with me that have the biggest impact and can achieve the best job like these fantastic gl.inet routers.

It might be a TTL issue? It’s possible that the upstream ap is detecting the extra router between the devices. This has been an issue with tethered devices where the network is detecting the different packet ttl.

Change the TTL like so:

echo 65 > /proc/sys/net/ipv4/ip_default_ttl
1 Like

if you cloned the correct phone address, you got to turn of the phone wifi before letting the gl router connect as 2 device of same mac address would be fighting for the same ip

2 Likes

Thanks Johnex and apologies for sounding thick but l have no experience with advanced settings. How do I change the TTL and where do I enter the command you have suggested?

Thanks b0cy for pointing out the need to disconnect the phone’s WiFi after cloning the MAC address but I have done that already.

I’ve seen this before - it’s Meraki Air Marshal

Key difference between an AP and a client STA, is that an AP broadcasts beacons and management frames, and that’s how they detect a travel router that is attached to their WiFi network.

2 Likes

Thanks sfx2000. You could very well be correct as trying to change the TTL like Johnex has suggested has unfortunately also not worked. Is there anyway to circumvent this Meraki Air thingy?

Probably not for now…

I use a USB150 on the road, so putting it into client mode does work, but that’s not really solving the issue.

1 Like