I have been using the Beryl 1300 for a few years now. So far, it is good but at times, it keeps dropping connections when downloading large files at a hotel. I assume it maybe the hotel limiting the download because it is only happens at certain hotels.
Anyway, if I am using the ethernet WAN to connect the router, are there any advantages of a travel router over a regular router?
Also, when not using the ethernet WAN, is it safer to setup a bridge or a repeater in terms of security at the hotel?
Nah, no differences. Travel routers are just smaller (normally) so easier to take with you.
Both is pretty terrible spoken of security.
Best would be using routing mode.
Thanks for verifying this. It is the piece that I cannot find a straight answer on the internet. OK, I will stick with Router mode and Ethernet WAN since I assume I can’t do Router mode over WIFI.
You totally can.
But I am not sure if the GL GUI can. Maybe you have to go using
luci then - which might need more tweaks indeed.
BTW… Does the above also include to the Repeater mode of the Beryl 1300 in terms of security? So, I should just keep it on ethernet cable WAN and router mode right? Thank You again for helping me secure my connections.
Well, the problem is that both modes are somehow just part of the upper network.
Repeater mode can be more save since you can enable VPN as well; never tried it, tbh. When I remember right, repeater mode was a weird mixture between routing and repeating on the GL device.
Guess @bring.fringe18 can tell more about it, maybe?
I haven’t finished my coffee so be aware some of this may be disjoined.
- Repeater Mode is just as arguably “secure” as hardwire to the WAN interface. The firewall & routing still applies. You’re just using the WWAN if (Wireless Wide Area Network interface instead). See the GL Docs. All interfaces can be seen in the
/etc/config/network conf file… if you don’t want to go digging around in LuCI (GL GUI → System → Advanced Settings; same pwd as GL GUI, username root ).
- I say ‘arguably’; even WPA3, the latest version for Wi-Fi pwds/encryption, has a known security vulnerability that theoretically (as far as I know there’s been no confirm attacks using it ‘in the wild’) could be used to breach the Wi-Fi network.
- It’s known as Dragonblood. I’ll not bother posting sources as I just don’t care to ATM. You can find references easily enough.
- That doesn’t mean it’s more performant. If you have the option to hardwire WAN or LAN; do it. Wi-Fi takes longer to prep, ship packets… & you don’t have to worry about nonsense such as Dragonblood.
- Use a WireGuard-based VPN once you’ve authenticated to the Hotel/Cafe/whatever hotspot.
- All current GL router devices should support WG; it’s just a question of their max. speed.
- If you know you’re using Wi-Fi, always be sure you can ‘see’ what’s going on for radio channel congestion in the area. Get a Wi-Fi scanner app for one of your mobile devices. See below for an example.
- Always keep at least one ethernet cable with you. GL includes one for most models, IIRC. You can get other 1.5, 3.0+ ft cables on, oh, say, Amazon. I prefer the ones that have a nylon shroud. They ‘wear’ better when on the road. Being rounded doesn’t hurt. See attached for an example. Test well beforehand; there’s some dodgy ones out there.
- Travel w/ a storage case even if it’s just the box the router came in.
Re: Hardware, Travel or Home models
The Slate AX is nearly a 1:1 travel version of the Flint v1. I have both. Get a Slate AX for travel if you can. Hell, get a Slate AX for home if you can; then you can travel w/ it.
- An old 5V/3A mobile phone charger (eg: Samsung) & a short nylon shrouded USB-C cable is easier to pack than the GL power brick.
That is fantastic information that you have provided. Thank You
In regards to your first bullet, does this applies specifically to GL routers ONLY or are all routers Repeater mode as secure?
I usually use ethernet cable (WAN or LAN) over WIFI for the same reason that you have shared. In addition, it is just faster in performance as well.
If I don’t use WireGuard or VPN, just the router ONLY, is it still good? Otherwise, I will look into NORD WireGuard. Not sure how to set that up in the router but will research into it. One of my laptops is a company laptop and if I connect into VPN there, I think that computer is safe with data going in and out.
If I get NORD WireGuard, can it be just for my personal laptop or how should I do it? If I do it at the router level, I would imagine it would cover my phones too. Also, will it impact speed?
I will look into a WIFI Scanner app that you have suggested.
Thank You Again
Firewall & Routing applies to all routers regardless of the manufacturer. They wouldn’t work without them. If they didn’t have the ability you’d looking a hardware that’s merely a Wi-Fi access point (AP) or extender.
I can’t answer that for you. I run 6 WG VPN connections at all times, routing traffic automatically according to what I’m doing online. I dot not connect to the Public Internet without a kill switch active should I lose connection to the VPN server.
Don’t use Nord; they have a terrible reputation for not telling subscribers when they have server-side problems & they were ‘breached’ some years ago but no one found out until it was leaked to the public… I want to say months, if not almost a year later.
If cost is a factor Surfshark is significantly cheaper then all others if you inquire about a long term subscription… ask their sales support reps. A 5 yr plan works out to about under 2.50 USD/mo if not less. Mullvad, IVPN, Proton VPN are the way to go if cost isn’t a factor. In any case you want to ensure the provider has a no-logs policy.
Check the specs of the whatever router you’re using; that should give you a good idea about WG/VPN speed impact.
Open up a new thread when you get a VPN provider subscription. Discussing the best way to configure your router, the devices that connect to it, the potential impact on the work laptop, etc., is best left as a new topic.