How to use GL-ARM300M in a hotel as a Repeater


#1

Hello,

I want kindly to ask you if is possible to use GL-AR300M as a wireless repeater in a hotel. To connect to the internet via the hotel wireless network I need to enter the username and the password in a hotel webpage. So to have internet o one of my devices (without using the GL-AR300M router ) I need to connect to the wifi network (without enter any passowrd), open a browser and enter the credential in the hotel webpage.

Until now I configured the mini router as a repeater (in WISP mode) but was not sufficient. Also I tried to clone the MAC address but also didn’t work.

Please let me know if is any possibility to configure this router (to enter the credential) as a repeater by avoiding to enter the credentials each time on each device.

Thank you


#2

So, first you have authorized using one of your devices

Then you connect AR300M as repeater and clone your devices’ mac address

No Internet?

Let the router enter the credential is difficult. Generally the page will pop up in your device after you connect via repeater.


#3

Hi,

I tried all the steps that you mentioned but was not working. I’m disappointed since a bought this router specially for this function…


#4

@mariant,

Very sorry that I cannot help more. It depends on how the captive portal is implemented. I cannot tell the reason.


#5

I will add that this is not specific to GLi devices. It is an OpenWrt, and probably LEDE, issue for which I am not aware of a solution.

You did not comment on the frequent redirect failure to the portal page when opening a browser (I only use Firefox). I bookmark the portal pages for places I frequent. I also notice that in at least my fav hotel I may get a shorter than promised lease time.

I am running a laptop over VPN, so can not comment on what, if anything happens, when additional devices connect to the routers AP. I would hope it’s no issue.


#6

You may need to temporarily allow upstream RFC1918 replies from the hotel’s DNS servers in the DNSMasq config. That usually works for me if I encounter a funky captive portal.


#7

@Hymond

I found the dnsmasq.conf. Can you kindly give a dummies guide on what you actually put in there (and anything else you might have done via the GUI)?

TIA,
Glitch


#8

You can make the change using the advanced configuration (LuCI), under Network > DHCP and DNS, there’s an option for Rebind protection to “Discard upstream RFC1918 responses” that’s enabled. Disable that, Save & Apply and try it out.


#9

Thank you kindly, Sir!


#10

@hymond - I have tried to read up on RFC1918 responses parameter, but this is really above me. Would you mind taking a stab at a dumb down explanation on this parameter from an OpenWrt perspective and it’s practical implications.

Does using something like OpenDNS servers for DNS on the device mitigate some of the issues?

Does one want to toggle the switch as a matter of course or just leave it off?


#11

Basically, DNSmasq (the DNS and DHCP service on OpenWRT) prevents DNS responses from the upstream DNS server (usually provided by DHCP) that fall in any of the common private IP address spaces. Unticking the option allows those responses through. I’d recommend not generally leaving that unchecked since it does provide a measure of protection against possible spoofing vulnerabilities. Setting the DNS servers to something public like OpenDNS doesn’t alleviate the issue since generally the authentication service/site happens within the private address space of wherever the captive portal lives.

What you can do if you happen to know the DNS suffix of whatever the captive portal uses is to configure that domain in the whitelist further down on the page. It’ll allow those private address responses from those domains only, and not globally. Its a good solution if you stick to a particular hotel chain and can’t be bothered to toggle the global setting on and off every time.


#12

I’m in the same situation; can’t get DNS to work on a guest wifi system having a captive portal. This is what I bought the router for in the first place.

I first configured at home to verify that ethernet, wifi, VPN all worked on my home system.

On the public wifi today, I:

-associated with the open guest wifi system on my PC and logged into the authorization page.
-waited for a redirect page in which you agree to terms.
-verify that the Internet works from that point.
-powered up the 300M associated with the guest WiFi in WISP mode.
-cloned the PC MAC address to the router
-checked that the DNS IP’s listed in the router’s status page were correct.
-opened a web browser and tried to load a web site.

At the very first redirect there is a DNS failure and you are then dead in the water.

I tried the disabling the “discard upstream RFC1918 responses” option above - no help, even after reboot.

After reading the above, I tried whitelisting the host DNS in two ways (xxx.com and guest-dmz.xxx.com) with no effect either.


#13

@m_a_schuster it is most likely not possible to use custom dns on a network with a captive portal - “Quite often hotels, and other public internet connections, use a Transparent Proxy, which unfortunately will stop DNS from working”

 


#14

So is there any other workaround?


#15

@m_a_schuster DNS over VPN would potentially be an option, is it something like OpenDNS you are trying to use?


#16

@wifird: Yes the goal is to establish a VPN connection over the unsecured guest WiFi.


#17

I have finally solved this, but it is a true PITA. Omitting ANY step, or changing the order, makes it fail.

I basically am using MAC address cloning, VPN, and VPN server for DNS.

  1. Associate GL-AR300M with guest wifi and save (auto reconnect).
  2. Power OFF GL-AR300M.
  3. Associate laptop wifi with guest wifi, log into captive portal, and verify internet access.
  4. Power up GL-AR300M and wait for red (wifi) LED to start flashing.
  5. Associate laptop wifi with GL-AR300M and log into admin page.
  6. Clone laptop wifi adaptor MAC address to GL-AR300M.
  7. Start VPN (I use PIA) with opvn config file for server-by-IP and TCP port access.
  8. Enter IP addresses for PIA’s DNS servers into GL-AR300M “custom DNS” table.

You now have a working internet connection through the VPN. I am logged into this board using it right now.

whew.

 


#18

Another way to do this is to use a device to find the hotel’s DNS servers.

record those on a paper.

Power up your router, connect laptop to it, and go in and manually specify the DNS servers to use, i think by default on my GL-AR750 they were set to Google DNS.

Once you change the DNS settings to the hotel’s dns servers you can try to hit google or whatever else, and you will be redirected to the hotels splash page where you can authenticate, at that point the hotels DNS will allow you to get to whatever you want (or you can establish your VPN connectivity)