Thanks rp for your thoughts. I can confirm that www.glddns.com is accessible from my phone directly connected to the hotel WiFi. Overriding the router’s MAC address by cloning my phone’s one to it instead has not helped although when the phone itself is connected to the hotel’s WiFi, it works no problems at all. As for your comments on script detection and changing MAC for WiFi adapters, then I am afraid this is beyond my knowledge although I would welcome any clear instructions in things to try. Thanks again.
Maybe use a spare phone and do usb tethering or Hilton just don’t want you creating hotspot
1 Like
Thanks sammo. The place I am staying in just now offers free wi-fi to its customers and although they appear to use something similar to Hilton in blocking personal routers, I can’t see that this is purely due to financial reasons but may be to try and fully control internet traffic through their systems which I see as a security risk for us as customers that cannot secure this traffic in whichever way we see fit. Also devices like chromecast become completely and utterly useless.
Then try to use a spare phone and usb tethering to router
1 Like
Thanks again sammo. That’s actually a very good suggestion but as my phone is my main work device when I am away, I would really rather not have it tethered to the router all the time. Also smart phone and router and all other devices connected to the router will be on different networks and will be unable to talk to each other which will cause its own issues. I see your point about carrying a spare phone but I always try and carry the least amount of gadgets with me that have the biggest impact and can achieve the best job like these fantastic gl.inet routers.
It might be a TTL issue? It’s possible that the upstream ap is detecting the extra router between the devices. This has been an issue with tethered devices where the network is detecting the different packet ttl.
Change the TTL like so:
echo 65 > /proc/sys/net/ipv4/ip_default_ttl
1 Like
if you cloned the correct phone address, you got to turn of the phone wifi before letting the gl router connect as 2 device of same mac address would be fighting for the same ip
2 Likes
Thanks Johnex and apologies for sounding thick but l have no experience with advanced settings. How do I change the TTL and where do I enter the command you have suggested?
Thanks b0cy for pointing out the need to disconnect the phone’s WiFi after cloning the MAC address but I have done that already.
I’ve seen this before - it’s Meraki Air Marshal
Key difference between an AP and a client STA, is that an AP broadcasts beacons and management frames, and that’s how they detect a travel router that is attached to their WiFi network.
2 Likes
Thanks sfx2000. You could very well be correct as trying to change the TTL like Johnex has suggested has unfortunately also not worked. Is there anyway to circumvent this Meraki Air thingy?
Probably not for now…
I use a USB150 on the road, so putting it into client mode does work, but that’s not really solving the issue.
1 Like
Info here
1 Like
So either use a burner phone for usb tethering or 750s WiFi 2.4gz client/5gz AP
1 Like
I wasn’t aware of usb150 does client mode. is that with the latest testing version 3.1? thanks in advance.
1 Like
What about Masquerade your AP with the same Mac address and name as hotel AP, the evil twin
1 Like
I wonder how my setup would do in this situation. I’m using a usb-dongle (plugged into the router) for connecting to hotel wifi. So in my case the mac would be different, used wifi-channels will be different.
Getting a USB-dongle which works with OpenWRT requires much research (it needs to contain certain supported chipsets!), but I have that! Normally such a USB-dongle will be plugged in a desktop or laptop, so a simple mac blacklist won’t do in that case.
hilton is scanning known ports of the wireless interface and getting some OS dection or getting a resoponse from a known port associated with ddwrt/openwrt/gli-net/etc
I would find that pretty unlikely. In WISP mode the hotel-wifi is seen as WAN by the firewall. So that basically means block all incoming traffic.
the gli wifi mac address is a spin off first hex group(-2 or +2 ) characters of the lan or wan mac and they have figured this out and autodisconnect/non-route it.
That’s very likely. I haven’t tried this for gli, but that’s pretty common way
are they detecting traffic to outside address like www.glddns.com
They may be doing that, but I doubt that. Plenty of routers do not do that and if glddns would allow customers to also have that for a PCs and have a pc-client for that, this would be blocking those PCs as well.
Another option would be that they check TTL of the packages.
1 Like
Thank you groentjuh for your very informative post. I think a USB-dongle or a Mifi unit would be my next port of call. Out of interest, how can I use gl.inet in client mode without being able to connect to the WiFi network first? I will get a Mifi unit later today and experiment.
Can you connect to the gl router using a lan-cable? If you can, you could see if you can disable the gl-inet AP and still get blocked. Ofcourse change the gl-inet mac as well, just to make sure it also doesn’t use a (temporary) blacklist.
1 Like