Your resume SUCKS!! (get a website instead): ntck.co/3nUNDGp In this video, I built something I actually used on my family road trip….a Raspberry Pi ROUTER!!!! It is the perfect VPN travel router and it kept me and my family secure while we were on the road. In this video, I walk you through every step to build your very own Raspberry Pi Travel VPN router using NordVPN. ✔✔Links and Guide: ntck.co/3bIdITF 🔥🔥Join the NetworkChuck membership: ntck.co/Premium **Sponsored by Hostinger 0:00 ⏩ Intro 1:07 ⏩ what do you need? 2:25 ⏩ the BIG picture 3:28 ⏩ STEP 1 - Bake the Pi (Install OpenWRT) 4:54 ⏩ STEP 2 - Login to your Pi 4:43 ⏩ STEP 3 - OpenWRT Basic Setup 9:29 ⏩ STEP 4 - Configure OpenWRT Network 14:48 ⏩ STEP 5 - Connect OpenWRT to WiFi 20:02 ⏩ STEP 6 - Setup the USB Wireless Adapter 21:59 ⏩ STEP 7 - Wireless network setup 24:16 ⏩ STEP 8 - VPN Setup (with NordVPN)
hii man thank for giving great content after your video i have created my own website .havent finished building it yet . thanks for giving a boost to me . in india i dont know i cant use your code but you told to do . i created my website
Great video, super useful. I would like to know what happen if the hotel network is blocking VPNs traffic through Deep Package Inspection or something more sophisticated
just repeating what sven klomp said but you leaked your ip on 24:50 i think you should take down the video and edit out with the ip blurred. just letting you know edit: its the black bar on the top saying your vpn is ____
The long command to install all the drivers is: opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openvpn-openssl luci-app-openvpn nano For those who want to copy and paste...
Was just looking for this as I wasn't finding it anywhere else. Thanks! I was able to type most of it but the kmod-usb-core was being blocked by his head bubble, and I had to wait for the command to go further up the screen
There is a major mystery and secret to IT. Coffee. Slapped this puppy together in no time at all. Ran into some trouble with the VPN, turned out to be a combination of insufficient coffee and needing to put my fingers on a diet, as I fat fingered my username, which my VPN provider hashes first.
16:00 "hwmode '11a'" is for 5GHz (802.11a and ac) and '11g' is for 2.4 "htmode 'VHT80'" is for 802.11ac and 'HT20' is for 802.11n. Also, 'NOHT' would be for 802.11g. "channel '...'" is the channel in the selected network range "short_gi_40" is for Guard Interval... No idea what that means.
@@alejandrojimenez1436 this comment is 2 years after my comment. I've already forgotten the info I posted 🤣 🤣 Thank you for that info though. Makes a lot of sense!
network config options complete at 12:41 firewall config options complete at 13:00 wireless config options complete at 17:21 (followed by "uci commit wireless" (without the quotes)) followed by the command "wifi" (also without the quotes)
I use open WiFi for my dad's house but only because he lives on 20 acres in the mountains, far away from the road and other people, and because he's old an sucks at connecting to WiFi. Love the episode! From one networker to another, I truly enjoy the content you are creating and I love that you are teaching people the most awesome part of IT, networking!
Other than completed courses, this is the sort of content I'd love to see more of. Pi projects are easy to do , great skill builders and it's surprising how much you can do with them. I'd love to see more, especially more out of the box stuff. Building our own pocket wifi-router is absolutely perfect and a great skill to have once traveling becomes more viable.
Indeed! My recent Pi projects include using a Pi 4 that's mounted in a box on the wall of my laundry room and has a vibration sensor connected to my dryer. It sends a Telegram group message to the family to alert them that the dryer's ready to be unloaded. Another I just did this week used a Pi 4 as a networked console server for a switch that's on a different floor of my house (ie not connected to my existing AirConsole device). So many fun projects to be done with a Pi, especially now that the Pi 4 is such a capable little thing (8G RAM, 64-bit CPU, etc.).
I actually switched around the use of each wireless device. Since the internal wireless of the Raspberry PI is weaker than the external wireless device, I used that for the connecting devices and the external wireless to connect to whatever public wifi is available since it has a wider range.
Hey Chuck! Great video tutorial, maybe im blind but that long opkg install command is missing from your video description, anyway, here you go folks: opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openvpn-openssl luci-app-openvpn nano
I slapped one of these together around six months back, works like a charm. I did run into some trouble with configuring my VPN provider in, but that was due to two major technical issues. Coffee and needing to put my fingers on a diet, as I fat fingered my hashed username, running me in circles for 20 minutes before the coffee opened my eyes. ;)
Nice tutorial! 2 things that would have been nice to show. 1- Swapping wi-fi to another config to simulate going to another hotel/place 2 - Handling a captive wi-fi setup requiring some form of authentication to get started. A lot of places require this before you get any traffic to flow and it would definitely require temporarily disabling the VPN and perhaps even taking the wi-fi provided DNS offered by the guest DHCP. 3 - A bonus would have been using wireguard as the VPN protocol. Maybe a follow up?
My connection has a portal every 24 hours. I am currently using a laptop running Kubuntu that shares Ethernet connection to ASUS router. I can use any device on network to get page and accept TOS.
Dude I am going for my cisco CCNA soon and bunch of another courses, but it all starded with your videos and I am so glad that you are creating this kind of content, it really helped me to kick start my path. Keep going man and don't you dare to stop EVER :D
Nice everyone seems to be getting pushed this way. hoping it doesn't get over floodeed like web development where employers can just throw you away because they have a stack of applicants on their desk that can repalce you.. I started off with the CCNA and 1/4 way through everyone was like you don't need that you should already know that stuff if you messed with any router since just about everyone copies cisco.. So I started studying for thew Security+ and Linux+.. Still on the linux+ part but linux will never run out of jobs as linux is everywhere. Even microsoft is abandoning Windows for linux. The cloud that everyone keeps raving about is Linux. Gas pumps and Sattlites are linux... I think I should probaly learn linux.
Excellent tutorial Chuck. I configured my "vacation router" a little differently. Rather than use a commercial VPN service, my Dual Wifi enabled Raspberry Pi connects back to an L2TP VPN server running on my home router (Mikrotik). This not only tunnels my families devices safely, it also allows me to access all of my devices at home as if I was still sitting at home. It makes me look like I am still sitting at home accessing the internet as usual. This helps when your online services get a "upset" when you try to log in from a different IP address.
Yeah, I do that. I love Mikrotik, have been using them for a long time. I am also going to do it for my Dad as I share netflix with him and now Netflix wants and additional charge to add someone who is not at your house, so I am using using a pi as an ap connected to the router via Ethernet for a roku to connect to which makes netflix think its at my house.
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
Oh, those pitiful creatures who recoil at the very thought of coffee! It's like they're allergic to joy itself, doomed to wander through life in a haze of tastelessness. Perhaps they were cursed with taste buds made of cardboard, unable to appreciate the divine essence of a well-brewed cup. While we, the enlightened ones, revel in the decadence of each sip, they languish in their barren wasteland of flavorless existence. It's almost tragic, really, but hey, their loss is our gain. Let them wallow
I was looking into buying a vpn router and wasn't quite satisfied with my search results and I thought I could set it up my self on my raspberry pi. Thanks to this guide of course that got me excited and motivated enough to actually do it. I use Proton VPN and the latest install of OpenWrt which is 21.01 at the time of this writing. I ran into some issues and followed docs directly on the OpenWrt support site and ProtonVPN + some googling of course. There are slightly different turns you need to take when setting up Proton VPN's openvpn configs so I pointed that below as well. Summary of changes: 1. Wireless Config Deprecated Options: - hwmode is now called 'band'. - "option disabled" doesn't get added by default when you plug in the wireless adapter. Although leaving out will actually enable it per OpenWrt doc, but that caused issues of it constantly going down so I just added. It worked like a charm - "option channel" seems to work better when you change it from what it's orginally defaulting to. Did it for both radio0 and radio1 2. Openvpn settings (Proton VPN): - vpn config file and ikev2 username & password are different than your login creds. You can retrieve that from your account settings - You will upload that directly into to OpenWrt and most config will be in place. The only thing I needed to do is add the ikev2 username and password in the GUI box specified in the "edit" section of the openvpn config aread (GUI). Use the first line for the username and second line for the password. ProtonVPN has a guide on how to set it up with OpenWrt (Google How to set up ProtonVPN on OpenWRT routers) Nevertheless, this guide's workflow is sound and it got me in the right direction. My coworker were quite mesmerized when I pulled out my raspberry pi and said " and without a further ado, meet my vpn router" LOL! Hey Check, Can you top this video with how to set up aTor client on Linux OpenWrt?
I did find many tutorials, but it either used something similar to openwrt and had to piece it together. The other option was to use openwrt but piece together how to do it and I was having issues connecting to a wireless connection.
Chuck, thanks to your channel, I've been inspired to setup my own small business network, with pfsense+, vpn and NAS. My next project is to build this travel router. Not bad for a 50-som'n year old guy. :) Thanks for all your work!
One major problem I foresee is -- what happens if the public wifi has a login/registration/payment page? I suppose you could temporarily set your computer's wireless MAC to the same MAC as the Raspberry Pi, login to the public wifi through your computer, change the MAC back to the original, and then boot the Raspberry Pi router and use it.
This is pretty slick! Guess the only downside is you would have to manually connect the Pi to the public WiFi you plan on using each/every time you travel...?
You should go over if you have a guest login page. Where you have to pop in an email or something to join. Similar to what you can do with unifi. Great tutorial.
Note: You probably want to assign the External wifi adapter as the client and internal WIfi as the AP ass it does not have an antenna. You will get better throughput this way as your client devices will probably be closer to the pi.
Here's a video idea for you: "You need to learn VIM RIGHT NOW" Most linux admins / engineers use vim. The first thing I was taught as a linux admin was how to use vim. And once I switched over to vim from nano, I can't imagine using nano anymore.
I recently made this after watching this and absolutely love it. All the projects you've done on this channel has inspired me to give them a shot myself. 2 questions: 1. Have you had issues with it randomly dropping the network you're connected to? It's been happening to me and i have to keep rebooting, though I've also accepted its due to the wifi im on (currently out of the us). 2. Have you attempted to use openwrt as your NAS at the same time? I tried following some stuff i found online and it works for local use, but i can't get it to go over the internet.
A little bit random, but if you happen to have an Atheros ar9271 (Alfa networks), you need the "kmod-ath9k-htc" package. This is the driver for that wifi dongle.
To add to this comment (mine was deleted for trying to help others who might not find this comment, maybe because of links) there is a GitHub with information about the different USB-wifi adapters that can work for Linux, along with the packages needed. morrownr/USB-WIFI
I love your enthusiasm, your sense of humor, your laid back style of teaching, and how thorough and detailed your lessons are. Plus your incredibly knowledgeable and stay current with all the latest tech. Very impressed with your content
72 usd for a raspberry pi 4 1gb here minus everything else, over kill for building a router tbh, can get any supported router by openwrt, ddwrt, fresh tomato etc and do all that but i gotta admit the experience was pleasing to watch and the fact that one can do so much with a raspberry pi is amazing add the knowledge of networking and skills, i enjoyed watching this video… good stuff.
As someone getting into Linux stuff and was ready to throw my computer out a window when I started learning vim... your disdain for vim gives me a lot of happiness.
"the cool thing about nano is that you don't have to do any keystrokes, just start typing..." pffft the *cool* thing about vim is that you *have to* do lots of extra commands and keystrokes, and you get such mega vibes from figuring out how to actually just type something you feel awesome!
Amazing video! It would be really fun to see a follow up video from your trip where you actually use the router in a public place. It would be cool to have a visual example of how to connect to a hotel or Starbucks wifi.
Chuck, I 'liked' the video, but for me there is something missing. Most hotels/coffee shops/trains now have a banner login page where they expect you to enter an eMail address to get connected. This won't help in that situation... will it? Or when you connect a WiFi client does that get paased through?
Thank you for the content Chuck 😀😀😀 you're my favorite creator and I'm always excited to watch your videos! You inspire me and your energy is awesome, keep up the great work man!
@@NikCasto If you have multiple devices, especially with multiple people (like chuck's kids) having each of them connect to VPN on their phone/tablet/computer is a lot of extra steps. Once you have something like this set up, all your devices/users get VPN from simply connecting to it's wifi. WAY easier, and less chance of mistakes. If you only have 1 phone/laptop and are by yourself, yeah, probably easier to just use a VPN client... but that's not as fun as a project like this ;)
Dude! I went into this project super doubtful that it would work. I've never had a project like this with IT stuff that's really worked out for me, so I wasn't really hopeful in myself that it would work, especially given that halfway through the project I came upon changes in the code due to the updated version of openwrt. However, I persisted through, and followed your tutorial to a T, and I am now writing this comment on the wifi setup through my rasppi router! I am super excited to try more stuff like this, so thank you for making such great content ❤️
Thanks Chuck Finally got my travel router working on RPi 3B+ all seems to be working and it also connects to my RPi 4B 2G vpnserver so effectively where ever I am I am surfing from home. Planning a trip to the Local Star Trek convention in late July 2024 here in the UK (Blackpool Lancashire)
Great video! I did a similar build a few months ago but with a Pi Zero W and its brilliant for travel, takes no space and can be powered off the laptop worst case.
Agreed!!! I bought a Pi4 8GB and am using it as a pihole with unbound doing DNS lookups so my DNS is totally private. I wonder if he could do this too with what he did in this video, so no reliance on cloudflare or google dns. Let the pi become a router, dns resolver and even pihole. You could sell them by the millions.
How much knowledge this guy have is smashing me. I can't imagine how much time he spends. I've gone through so many videos and Chuck making me thinking I will never catch up to half of his level 😮😮
to be honest, for the tasks mentioned (road trip) i use the mikrotik hap ac2 (RBD52G-5HacD2HnD-TC) since it has an IPsec hardware support onboard, the USB port suppoting LTE sticks and it is an accomplished product within appropriate housing and with power supply range 12-30V and regular updates. Anyway, the RPI is also might be useful in many ways, so thanks!
I've configured a Raspberry Pi to do what you're doing before just for fun (and if I actually could make it function) but I didn't use it for traveling I used it to have at home. It's a fun little project! And thanks for the content! You're the man for doing these step by step tutorials.
Tell me could you get any of the 4G wireless hats to work. I've been trying for some time. Always run into a snag wether it be the wireless carrier not wanting to allow non-android devices to use there service of drivers njust not being available. Don't even get me started on AT commands while using outdated screen like the manufacture "recommends".
I use a $15- Orange Pi Zero because none of my bought routers would talk to my 4G LTE mobile broadband and I got tired of using an old Windows laptop with ICS to get my Internet. These little SBCs are great. I also loaded HomeAssistant on it and it controls all my home automation. (I live in a caravan) Simply magic. (edit) PS. Thanks for the VPN walk through. Very helpful. Cheers.
@@cplcabs Not using OpenWRT. Just bridging the 4G LTE USB dongle to Ethernet using the standard networking (Armbian). Leaving enough for the HA. Just using standard firewall rules seems to be sufficient for security and it means that I don't have to have Internet connected to use/control my RGBW downlights, etc. I have a normal router downstream that feeds the rest of my LAN.
About to go on vacation in 4 day’s working full time & working on this & a nas after work. I’m soo close to having everything done before my vacation. As a 40 year old welder who has been messing around with Linux for the first time building a router & a nas. Now I’m ready to trade in my windows laptop for a Linux one. Having fun & learning so much. I just found out what a IDE was I need a good not over complicated one. Also GitHub is awesome. Whole other world out there.
Update: I just finished my router. 🎉 although it turned into adventure because I waited till the next day to finish it. Bad idea. Either way started from scratch. Yahtzee! Let’s gooo this was a fun project for sure.
I tried this on my RaspberryPi CM4 (compute module), with two USB dongle. I had some issues. I first had to install an additional package: opkg install kmod-usb-dwc2 Then for lsusb to work, I had to insert the following line inside /boot/config.txt : dtoverlay=dwc2,dr_mode=host. Finally, I don't know if it's because I had two adapter, a newer version of openwrt or because the driver ignition is too slow, but I had to add to /etc/rc.local the following lines before the exit 0 sleep 10 /sbin/wifi up After this, everything worked as expected. Great guide thank you!
Hi Network Chuck, wow two years ago, but still relevant. I've started traveling again and get frustrated by the devices available out there as well as suppliers' WiFi access, so need a good solution. The VPN tunneling will help with my regional streaming services, fantastic! One of the biggest issues I've found is the use of captive portals at hotels etc, they can be a pain, constantly being timed out and re-registering to some, I think a regular scheduled ping can resolve this. But it's logging in with the router, there is no login page on the router itself, so I'm wondering if I should log in using my phone or laptop and then clone my MAC address on the router? What do you think?
I’ve watched this like 8 times since it got posted with all of the hardware sitting around. Finally just set it all up for a company trip with the team. Ready to flex 🤓 thanks man SUPER cool project
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
I believe at step 5 when you are making changes to radio0 you are changing the hwmode from AC wifi to b/g/n wifi, hence why there is a need to change the channel to 7 as well as changing the htmode (VHT80 = 80MHz - usually for 5GHz wifi). From my own experiences openWRT doesn't like radio0 using 5GHz 80MHz on a PI 3B+/4B (might be fixed on the 4B at this time of writing though). You may also find that the Internet speeds when connected to the wifi network (that is also connected to NordVPN via OpenVPN) aren't the best. I believe you can make these changes by the GUI to radio0 directly as even one typo when doing config by CLI can cause your Pi to become inaccessible in some cases. I've actually figured out how to do this on Pi OS 64-bit since I wanted to be able to use AC wifi on both network interfaces (access point and wifi client), non kernel supported USB wifi adapters, Wireguard connection to PIA VPN and a python app using flask to host a web page that can be used to connect to other wireless networks using a browser. It sounds like a lot but honestly it's quite easy to set up and can be configured in different ways.
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
@@DanishNaseer1 absolutely, the reason for this is because the RPi is automatically connected with VPN, hence all traffic that goes over a network (which is also shared with complete strangers) is encrypted and much more secure. You do need a VPN to connect to, of course. Before I had this, I too was directly connected to a hotel wifi. What happened was that someone in the hotel sniffed my Netflix credentials, so I received multiple login notifications, that I didn't know of. By using the encrypted connection of the RPi between my devices and the open wifi, all connected devices are automatically using encrypted traffic, making it much safer.
What a channel! You're great to watch even for a 64-year-old retired ex-network manager (that's 20 years ago now 😁) - don't you love SNMP??? We live in Germany and have just got ourselves an RV to go exploring. Your Pi+NAS video was just what the doctor ordered and this router video is the icing on the cake. Only... I've been wondering, it would make sense to combine both functions in one box. And I'm thinking of Docker. I'd like to know your opinion, and do you think it would better to install Raspbian, then Docker and run OpenWRT on that? Or to install OpenWRT as the base layer, then Docker and run OpenMediaVault on that? A video combining both these thing would make my Christmas (and give me something to do!) Keep drinkin' that coffee, Chuck!
For anyone having this issue: Router can connect to internet, you can connect to router, but VPN does not launch: check the logs. For me, it was missing paths in the vpn config file. I had to put the full paths for the CA file, the auth-pass file, etc. Any file reference in that file should have the full path, relative paths won't work. Otherwise the tutorial was flawless
I'd think it would be better to do the wifi interfaces opposite.... USB wifi with the antenna connect to public wifi .. because you will be more distant from the public wifi access point, so the external antenna will ensure a better more reliable connection. Since you're going to be very close to your pi, use it's internal wifi to provide wifi to all your nearby devices... Being in close proximity, they will do just fine off the built in pcb based antenna.
This is cool. Thanks for making these. I am learning a lot about network security and the capabilities of Raspberry Pi through your channel. Network configuration feels like such a complicated beast to tackle, and if you do something wrong, it could lead to some pretty serious problems, so thank you for this.
Hey NetworkChuck, curious about a detail - how much storage on a diy router is sufficient to have? In your video this was done with a 32gig sd card. I’m curious what I could factor for the size I give it. Also the enthusiasm I pick up from these videos reminds of a history teacher who was awesome. It’s the way to go because it sure helps when you are challenged by the path. Love this
The raspberry pi imager wouldnt let me install on anything larger than a 4gb. says something about the size being divisible by.... yada yada yada.. so Im stuck on a 4gb.
@@billc4303 Check if your card reader supports SDHC (> 4GB) and otherwise you can write the image to a 4 gig card and then copy that card to a bigger one before you first boot. You can also use an imager like Balena Etcher which supports more than the Rpi imager. OpenWRT dopesn't need much though. Default is a 100 MB partition size. You need to resize the partition with a partition manager to make it bigger, which is recommended. But 1 Gig really is enough for a lot of things. Also, 1 GB of memory is more than enough for OWRT. But you can't get a Pi with less than 2 GB now.
This is a great video. Even though doing everything via terminal is terrifying to most people like me, but this is a very clear tutorial and walk me through every step I need.
Working through an ssh session to a BASH account is so liberating. You will really have fun. I connect often using an ssh client from my phone to the host.
Using a gui is way easier for beginners, the only reason not to use the web gui on openwrt is for really old devices with less than 64mb of ram or 4mb of flash.
People in RVs are paying big bucks for a box to do this same thing! Add a USB extension cable to the USB Wifi dongle and put it outside on a mast and you have the same thing. Maybe upgrade to a directional antenna.
This was THE MOST informative and interesting Raspberry Pi use I have seen to date. It was amazing to watch, and I WILL be purchasing a "Pi" very soon to duplicate this technique for my use. I do a lot of field service traveling and in hotels all the time. This is exactly what I need, both in those places, as well as in my home. Thank You for your dedication to education for all of us!!
in your Openwrt config you forced 802.11g as the default connection and HT20 means you're forcing a 20mhz spectrum, using channel 7, while disabling shortguard for 40mhz spectrum. After the setup is done, I'd try and use 802.11n on there instead by switching the 11g to 11n. HT20 will work but it won't be as fast as it can go but it won't run into as many issues since it narrows the band to 20mhz. Short_gi 40 0 means you're disabling the short guard for 40mhz but it might be better to change that to short_gi 20 1 to improve throughtput speeds. If you're in an area with little to no wifi networks, then ht40 should work fine with short_gi 40 1.
Very great video. Quick question... Would this setup also contain a "kill switch" for your wlan0 (public internet) connection if the tunnel connection to nordVPN drops? This way we prevent the RaspberryPi from silently failing over to non-secure public internet without checking it constantly?
Doesn't Nord uses firewall, which kills all traffic if VPN terminal drops? In theory it should. I only use free limited random VPN's, haven't had my IP directly exposed yet, apparently.
Nerds beware!! I attempted this project this week because it looks awesome, but with a different adapter because I had it. Do not try to use anything with a RealTek chips. Getting them to work is way more work than it’s worth. Otherwise, great video Chuck! I found your channel recently and I love what you do!
On the one hand, not bad, on the other hand, routers r sold separately, not because it is a rudiment. The structure of the raspberry pi has not been specially optimized for handling internet traffic, it would be good to compare performance between it and router with similar hardware. And u can't connect more than one device over a wire without a switch or another network card P.S. Sorry 4 my english
Looks cool but hotel wifi as well as most public wifi at Starbucks usually requires me to navigate through a captive portal on the client in order to get connected. How do you do that on OpenWRT?
Let me start saying this projects are amazing. I don't know to congratulate you enough. You have charisma and knowledge enough to pass it in a way that is interesting. Another quick thing, from the content generation stand point it's endless topics for everybody. Please keep doing this great videos. Thank you!
You could also take it to the next step, set up a VLAN in your home that only has access to the internet and not to your local network (securing your home network away from VPN just in case of a breach), and configure a VPN host on that network that you can connect to using this OpenVPN client. Then you don't need to have any VPN subscription if you already trust your home ISP and are just trying to get out of being monitored on public networks. Would recommend using a spare PC (can get from an electronics recycling depot, or use a second Pi) with pfSense installed and two network interfaces to be able to facilitate this on the cheap without needing fancy routing equipment at home. You may need to get a Dynamic DNS registration though.
Thank you Chuck! Following along… I’m trying to get the link and guilds to work… I am unable to view it. I clicked it. Brought me to your Academy… I signed up. Up yet I still cannot find it. If someone can point me in the right direction that would be great.
I've been seeing relatively high latency on the built-in pi wifi. It doesn't matter if it's OpenWrt or Raspberry Pi OS. ICMP ping shows roughly 0.6-0.7 ms if checking ethernet, but wifi ranges from 3-4ms. If I replace my OpenWRT pi with an OLD OpenWRT router, wifi there becomes 1ms. The pi's high latency ends up reducing my usable bandwidth over TCP due to window sizing/acknowledgements on appliances where I can't tune window sizes. Are you seeing similar latencies with the onboard wifi vs USB, or what else should I look at to debug my local latencies?
Nice feedback - I wonder also, - what is the value in this at all? - is this just to offload the encryption onto the Pi instead of doing it on each connected device? - I just bought a 4G Archer MR400 Dual-band 4G LTE router, - and its pretty awesome for traveling, - avoiding crappy hotel wifi. - I guess I could plug a Pi in via ethernet, - but I am pretty impressed with the Archer - its initial connection speed when opening my laptop is instant and there are no drop-outs. - it was built to order.
@@brentgreeff1115 Dude, the value is you can use this as your home internet router. Plus, it will reliably get 900+Mb throughput. Adding VPN is nice, however for $50 you will get a more powerful router than most have at triple the price, and you can throw several cheap Avaya Instant AP's which will manage themselves on it for cheap off of eBay for $25 each IIRC 3x3 MIMO too.
Hey Chuck, David from Arlington here! Is it possible to swap the antennas? In other words, use the usb dongle as the receiver and the internal pi antenna as the broadcast antenna? The reason I ask is because I need to use an external Yagi directional antenna when camping. Thank you, David
@@bober1019 idk That’s kind of my question. I’m not a Linux programmer or Rpi expert. Is the Rpi interface capable of mimo with multiple devices using it as a router? Or is it specifically designed for a single channel access at a time?
@@MooreWoodWorks in my experience the integrated wifi/blutooth often drop and i think the same chip provides both services and is just trash if you look at a rapbery pi 4, bt and wifi are both under the same sheild plus the range is pure crap. i have 2 pi 4's and dont use the on-board BT or wifi and use usb dongles instead. anyways during the video(witch i dint watch fully) there should be a part where the "wan wifi" is being configured on the internal pi wifi. that interface has a name, just like the usb wifi dongle interface has a name. simply use the usb interface as the wan wifi you will be extending. i belive with a proper mu mimo usb dongle you might be able to run both wan(shared/extended free wifi signal) and lan off of it.
Great video! Can someone explain to me why you would try this instead of using a VPN to your home network? Or just using nordvpn on your laptop in a coffee shop?
Think of security as layers of an onion. This Pi setup is essentially a firewall for your devices, which tend to be quite expensive &/or not so portable.
@@biologicfarm8555 That first part makes more sense but I’m still a bit confused how it’s any different from a vpn on your laptop? From what I understood from the video(which means I’m probably missing something), the pi router was still insecure until he enabled the vpn feature/add on
@@diegoz9896 He is using the PI for vacation for his family. So if he is in a camper, the LAN would connect to a mini NAS for movies, so his kids can watch movies on their phones, ipads, etc. Also the PI connects to the campsite WiFi and then connects to NordVPN to secue traffice if he and his family wants to surf the web.
Chuck, I can't keep up anymore :) Please can you do a raspberry pi book with all your favourite projects and links to the videos, you're one of my favourite sources for cisco tutorials and now you've engaged with the pi it's amazing. The enthusiasm and readability of the steps make your tutorials so engaging and easy to watch and follow.
Hi Chuck, I also did this project following your instructions with an RPi3, I only had one problem with the usb dongle I bought on Amazon and found that it didn't work as an AP, but in the configuration I reversed the two antennas (RPi3's built-in antenna as 'ap' and USB dongle as 'sta') and it works fine! This may help other people who have the same problem as me. Please bring other content and projects using the Raspberry. Thank you
hey would you be able to explain where the file is to change those settings? I'm trying to get this to work and would rather not need to track down the specific adapter at a local store lol
Love your videos Chuck! Been watching you since I was first getting my CCENT back in 2018. You've kept me inspired on my networking journey. Thanks and keep it up!
Hi Chuck. It would be great if the travel router would also have 4G or 5G so that you could use that to connect to the internet if no WiFi is available. Making it truly the ultimate travel router ;)
Great video! I did this with a Pi 4 but when I connected the wifi dongle I noticed my speeds were really slow. So, I connected this to a wifi extender configured to be an access point and was seeing comparable speeds to my home router even from behind the VPN.
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
@@DanishNaseer1 Two things: 1) added security layer. Most people use the default settings on their home router to include the default password. 2) if your devices are set to automatically connect to your Pi router then it's just plug and play.
I am curious how the speeds compare to your main network? I was interested in doing something like this as my room has almost no wifi connections so I was going to use a router to connect via WDS allowing me to get wifi in my room and use the ethernet ports. Are the speeds similar to the normal router or are they drastically lower?
That depends on so many things, from used wifi-standards (like B, G, N, AC or AX) to quality of the device to distance to other factors that decide it. Wifi is often slower than cable but it doesn't have to be. I have a 200Mbps-subscription and I can get those speeds everywhere in my house due to proper access-point placement.
So I can only report my case, I have a raspberry PI 4 as a ap and I'm running pihole (so that my phone has adblock) and unbound (dns server) and in my case it's running faster than when I use my normal wifi because our floors and walls are really thicc, when you combine a VPN with your ap you should get a speedslowdown that is measurable but not that you can feel it, as long as your not gaming over it. But you will need to test it yourself, when you use it alone just place it a room next to, or in your room that you most commonly use :)
This project/device doesn't really solve any issues in a elegant way. It's more of a learning lab.. your better off just connecting your computer directly to the wifi.
@@FilnetMgnigon you need to learn networking. Without this, or a travel router of some sorts you are unable to bring things like your Chromecast for example as most hotel wifi networks have device isolation and a portal to log in with a maxjmum number of devices per login code.
@@NickyHendriks those are trash reasons that have little to do with networking and everything to do with the hotel. Where in RFC does it state that hotels require a max number of logins per room code? The only real benefit is that if you have a million devices for whatever reason and want to only setup 1 VPN, then you can do that with this. All your reasons are just guess work
Found a limitation with Raspberry Pi devices. If you use a really early device (in my case a B+) without in-built wireless then you get in sticky spot. You can't install a USB Wifi device to give the OpenWRT internet access unless you're connected to the internet, and if you can't use the Ethernet because that's how you're accessing the terminal (or GUI). I can think the only way out is to 1) bridge internet via the computer you're using to programme the Pi, or 2) connect the Pi to a monitor/KB/Mouse to free up the Ethernet port, or 3) remove the SD card and load the driver packages on through copying from your computer. Or - just thought of it - 4) edit the Pi ethernet static address so it's on your home network, and so it can see the internet through your home network, and you can connect to it from your computer.
This was my first thought as well. Most hotels I've stayed at recently all have a captive portal which would make solving that problem a must if this is going to be useful. After doing some quick poking it doesn't seem like you can do that directly with this. You would need to connect to the network and get past the captive portal on your phone/laptop/whatever first and then close the mac address of that device onto the Raspberry Pi to trick the network into thinking the Raspberry Pi was the one that connected 😕
Hmm a remote Chrome session might be a good solution. The main problem I could see with using Lynx would be those annoying portals that require you to watch a video or have some other ad experience. They probably wouldn't work well in Lynx.
That's a fair point, I'm not sure. My suspicion is it is needed though given that there are many similar guides to this one that do talk about the captive portal being an issue.
Thank you very much for your videos!!! I love them and inspire me to do IT stuff. But what happens with the public WIFI networks that use a captive portal? Can you still use the raspberry pi?
Question for Chuck and friends: I have my first Pi - very exciting. Do you all normally re-flash the SD every time you want to try something different? Or do you buy a handful of SD cards to swap out? Also, can you partition a larger card into different Pi flavors and multi-boot? One final question -- for now: What about getting a larger card and using Docker for the various Pi flavors? Just typing that and I thought of many more questions but I will spare you for now. Thanks!
I'm no expert, but: Considering it's easy to reflash opensource projects, id assume that's the way to go unless you have the money for buying many cards. If you want to do multiple projects on the pi at the same time, then docker would be a great way to go I believe
Multiboot isnt very common with the pi. It is not a workstation and usually serves one particular purpose. Docker (for the most part) containerizes applications, not OSes.
It depends. If you are new and want to play around with different OS, having one SD card is fine. You will have to wipe the SD card each time. (Warning, just know that sometimes partitions are created by an OS to make multiple drives, that can give headache when reformatting). Berryboot is an option for one SD with a select number of multiple OS it supports. After experimenting, buying multiple SD for OS's you like, or boot from an SSD.
A bit delayed here but since you're just starting out and are likely going to be switching os's fairly often I'd suggest booting from USB as flashing and reflashing will damage the SD card faster than it would a USB drive.
the sdcard/ usb ssd( for rpi3b+ and rpi4b) is the storage so ergo yes you need to flush it everytime( I recomand getting an ssd they last longer). Also as others pointed out Docker only containerizes applications and small dev environments. As for multiboot.. depends on what rpi you got. If its the Rpi3 then yea it wont work. If your advanced and know WHAT YOUR DOING then you could build a bios for the rpi4( has onboard cmos mmc) and no I wont teach you how to do that cause this is a very advsnced topic.
Might consider doing an approach like this as no travel router I can find mentions capabilities of connecting to public wifi rather than being bound to an Ethernet connection
Not at first glance, you need to click in links and guides which will brung you to his website, from there navigate your way to this video and theres a step by step with links and commands
Chuck, you're amazing, and I go to Disney all the time and WISH I had this setup - for me, the holy grail would be to have a PI set up like this as a remote router, running OpenWrt and Pi-hole (with unbound - as an all-around DNS Solution) on the same device... I'm looking for documentation about how to do this... but YOU certainly do have the flair and competency to make an amazing video on how to make this happen. I hope you trip rocks!!!
Isn't better solution to setup VPN at home as well as ON on all you mobile devices, so when you connect to internet anyhow (GPRS, LTE, WiFi) all the traffic goes encrypted over your VPN?
@@ewoks42 I’m certainly down with that. Some places seem to have VPN access blocked, so I can’t get to my home UniFi VPN network to connect remotely. There’s definitely a lot of online blogs on connecting OpenWrt with Pi-hole, but not in a single solution like this… ideally, I’d want my kids to connect to the wifi (conveniently name/password as the same as my home network) for school and work and Oculus connections without having dealing with hitting every device and get them connected to a new network. I suppose this would also get past the number of devices one can have on a particular guest network like you’d get at a hotel like Universal Studios. Disney doesn’t have any restrictions on number of devices.
@@oxoSeanoxo I'm relatively new to all of this, but couldn't you use this setup and VPN to a raspberry pi you have at your home network that is running pivpn and pihole and achieve all of this without combining it on one pi?
Does this cover connecting to open networks, which need yout to accept the network rules and / or login before being able to use the network? Since the DNS is changed to cloudflare / google, neither the WRT router or the clients get the authorizeation site displayed ... if not this is only usable for classical WiFis without additional authorization.
A really useful and well presented video. Thank you. I've been looking for something like this. I have a Pi 3b that I want to use it in exactly the same way as you have with the same configuration but without the vpn. What I want to do is restrict certain devices that connect to the wifi hotspot at certain times - the kids phones. Coming from a pfsense background I know how to do it via the firewall rules. Can the same be done with openwrt on the Pi?
I was curious about this as well as I wouldn't mind setting up a router in a similar configuration in my household. I don't know anything about the capabilities you get with pfsense, but based on what I just read in the OpenWrt documentation, it looks like you can restrict access for MAC addresses by time of day. If you don't want to completely block internet access by time of day, but instead want to block access to specific domains by time of day (*cough* social media *cough*), it looks like you can do that as well through a squid proxy. Check out the Parental Controls section of the documentation for more info on how to setup a router with these configurations. After thinking about how I want to setup my router, perhaps I'll redirect all social media traffic during "off hours" to NetworkChuck and John Hammond videos. This would allow them the ability to break out of the box I'm restricting them to, but only after significant research and a thirst for knowledge. =P
@@JustinWebPro This sounds promising. At the moment I have everything I need except the usb wifi dongle which I ordered last night. Installation and configuration wise I'm as far as plugging in the dongle but can't go any further. Just hoping it's possible to do what you are suggesting and I think also can be done on the firewall side of things. Pfsense rules are very easy to set up and are also very powerful. I have this in place for all other network devices in the house. I also don't have the the pfsense server powered on during the night to save on power and noise. The silent Pi solution for those certain devices is the last step in completing my network setup. Thank you for taking time to respond to my question. Much appreciated.
@@JustinWebPro I can now confirm it does work. A simple reject traffic rule for an IP or MAC address from the LAN to WAN does exactly what I want. There is the added feature of enabling the rule for certain times of day. Perfect for blocking the kids phones at bedtime and the set top TV box for streaming during no tech time. It might not be as powerful as pfsense, but for what I need it for its perfect.
Your resume SUCKS!! (get a website instead): ntck.co/3nUNDGp
In this video, I built something I actually used on my family road trip….a Raspberry Pi ROUTER!!!! It is the perfect VPN travel router and it kept me and my family secure while we were on the road. In this video, I walk you through every step to build your very own Raspberry Pi Travel VPN router using NordVPN.
✔✔Links and Guide: ntck.co/3bIdITF
🔥🔥Join the NetworkChuck membership: ntck.co/Premium
**Sponsored by Hostinger
0:00 ⏩ Intro
1:07 ⏩ what do you need?
2:25 ⏩ the BIG picture
3:28 ⏩ STEP 1 - Bake the Pi (Install OpenWRT)
4:54 ⏩ STEP 2 - Login to your Pi
4:43 ⏩ STEP 3 - OpenWRT Basic Setup
9:29 ⏩ STEP 4 - Configure OpenWRT Network
14:48 ⏩ STEP 5 - Connect OpenWRT to WiFi
20:02 ⏩ STEP 6 - Setup the USB Wireless Adapter
21:59 ⏩ STEP 7 - Wireless network setup
24:16 ⏩ STEP 8 - VPN Setup (with NordVPN)
That's Crazzy, Keep Going Bhother 🔥🔥🔥
NAS-ty Stuff 💢
hii man thank for giving great content after your video i have created my own website .havent finished building it yet . thanks for giving a boost to me . in india i dont know i cant use your code but you told to do . i created my website
Great video, super useful. I would like to know what happen if the hotel network is blocking VPNs traffic through Deep Package Inspection or something more sophisticated
Can u make a VPN server with the Raspberry Device ?
just repeating what sven klomp said but you leaked your ip on 24:50 i think you should take down the video and edit out with the ip blurred. just letting you know edit: its the black bar on the top saying your vpn is ____
The long command to install all the drivers is:
opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openvpn-openssl luci-app-openvpn nano
For those who want to copy and paste...
Was just looking for this as I wasn't finding it anywhere else. Thanks! I was able to type most of it but the kmod-usb-core was being blocked by his head bubble, and I had to wait for the command to go further up the screen
@@SeanKnighton yeah, it's the second time I watched the video and realised how frustrating it was to type it all out the first time!
@@Alienturnedhuman 1 year later i thank you for this comment.!
LIFE SAVER
Nano is a driver, yep.
I really like how much passion this guy has got for the IT
AND he REALLY knows his stuff!
That's the magic of video editing (IT person here)
There is a major mystery and secret to IT.
Coffee.
Slapped this puppy together in no time at all. Ran into some trouble with the VPN, turned out to be a combination of insufficient coffee and needing to put my fingers on a diet, as I fat fingered my username, which my VPN provider hashes first.
Bot
I don't 😎
16:00
"hwmode '11a'" is for 5GHz (802.11a and ac) and '11g' is for 2.4
"htmode 'VHT80'" is for 802.11ac and 'HT20' is for 802.11n. Also, 'NOHT' would be for 802.11g.
"channel '...'" is the channel in the selected network range
"short_gi_40" is for Guard Interval... No idea what that means.
GI is a margin between each channel of transmission to avoid interfere each other
@@alejandrojimenez1436 this comment is 2 years after my comment. I've already forgotten the info I posted 🤣 🤣
Thank you for that info though. Makes a lot of sense!
network config options complete at 12:41
firewall config options complete at 13:00
wireless config options complete at 17:21 (followed by "uci commit wireless" (without the quotes)) followed by the command "wifi" (also without the quotes)
For those wondering, I believe the wq refers to write and quit. Like save the change you just made and close the file.
Yup. Really olde skoole would have you type twice ( :w then :q).
I still fall back to vi when I can’t reminder the other editors.
I use open WiFi for my dad's house but only because he lives on 20 acres in the mountains, far away from the road and other people, and because he's old an sucks at connecting to WiFi. Love the episode! From one networker to another, I truly enjoy the content you are creating and I love that you are teaching people the most awesome part of IT, networking!
Other than completed courses, this is the sort of content I'd love to see more of. Pi projects are easy to do , great skill builders and it's surprising how much you can do with them. I'd love to see more, especially more out of the box stuff. Building our own pocket wifi-router is absolutely perfect and a great skill to have once traveling becomes more viable.
@@themblue8236 😔😔😔
Viable?
100%
100%
Indeed! My recent Pi projects include using a Pi 4 that's mounted in a box on the wall of my laundry room and has a vibration sensor connected to my dryer. It sends a Telegram group message to the family to alert them that the dryer's ready to be unloaded. Another I just did this week used a Pi 4 as a networked console server for a switch that's on a different floor of my house (ie not connected to my existing AirConsole device). So many fun projects to be done with a Pi, especially now that the Pi 4 is such a capable little thing (8G RAM, 64-bit CPU, etc.).
I actually switched around the use of each wireless device. Since the internal wireless of the Raspberry PI is weaker than the external wireless device, I used that for the connecting devices and the external wireless to connect to whatever public wifi is available since it has a wider range.
Makes a lot more sense like you did it.
Hey Chuck!
Great video tutorial, maybe im blind but that long opkg install command is missing from your video description, anyway, here you go folks:
opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openvpn-openssl luci-app-openvpn nano
you are a blessing
I fucking love you man
I slapped one of these together around six months back, works like a charm. I did run into some trouble with configuring my VPN provider in, but that was due to two major technical issues.
Coffee and needing to put my fingers on a diet, as I fat fingered my hashed username, running me in circles for 20 minutes before the coffee opened my eyes. ;)
Nice tutorial!
2 things that would have been nice to show.
1- Swapping wi-fi to another config to simulate going to another hotel/place
2 - Handling a captive wi-fi setup requiring some form of authentication to get started. A lot of places require this before you get any traffic to flow and it would definitely require temporarily disabling the VPN and perhaps even taking the wi-fi provided DNS offered by the guest DHCP.
3 - A bonus would have been using wireguard as the VPN protocol.
Maybe a follow up?
These are the questions I've yet to see anyone answer.
Yeah how does this handle captive portal
My connection has a portal every 24 hours. I am currently using a laptop running Kubuntu that shares Ethernet connection to ASUS router. I can use any device on network to get page and accept TOS.
@@TheInternalNetBut is it on a per-device basis? Would be nice to have the router authenticate and not have to do it on every device.
Dude I am going for my cisco CCNA soon and bunch of another courses, but it all starded with your videos and I am so glad that you are creating this kind of content, it really helped me to kick start my path. Keep going man and don't you dare to stop EVER :D
Nice everyone seems to be getting pushed this way. hoping it doesn't get over floodeed like web development where employers can just throw you away because they have a stack of applicants on their desk that can repalce you.. I started off with the CCNA and 1/4 way through everyone was like you don't need that you should already know that stuff if you messed with any router since just about everyone copies cisco.. So I started studying for thew Security+ and Linux+.. Still on the linux+ part but linux will never run out of jobs as linux is everywhere. Even microsoft is abandoning Windows for linux. The cloud that everyone keeps raving about is Linux. Gas pumps and Sattlites are linux... I think I should probaly learn linux.
How did your classes go?
@@anythingbutASIC you sound like the biggest noob ever, maybe don't ever brag about taking linux or Sec+ ever again those are babyboy certs lmao
Excellent tutorial Chuck. I configured my "vacation router" a little differently. Rather than use a commercial VPN service, my Dual Wifi enabled Raspberry Pi connects back to an L2TP VPN server running on my home router (Mikrotik). This not only tunnels my families devices safely, it also allows me to access all of my devices at home as if I was still sitting at home. It makes me look like I am still sitting at home accessing the internet as usual. This helps when your online services get a "upset" when you try to log in from a different IP address.
Love it. I need a video on that.
SAME!
yeah make a vid on that.
Yeah, I do that. I love Mikrotik, have been using them for a long time. I am also going to do it for my Dad as I share netflix with him and now Netflix wants and additional charge to add someone who is not at your house, so I am using using a pi as an ap connected to the router via Ethernet for a roku to connect to which makes netflix think its at my house.
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
I’m 9 and don’t like coffee will it still work?
Not yet kid. Start getting use to it.
Oh, those pitiful creatures who recoil at the very thought of coffee! It's like they're allergic to joy itself, doomed to wander through life in a haze of tastelessness. Perhaps they were cursed with taste buds made of cardboard, unable to appreciate the divine essence of a well-brewed cup. While we, the enlightened ones, revel in the decadence of each sip, they languish in their barren wasteland of flavorless existence. It's almost tragic, really, but hey, their loss is our gain. Let them wallow
I’m too 9 😂
Im 13 i love espresso and i love hacking and programming and i love to do random stuff on devices
Wow kid! Ur iq -21...btw it won't, it's needed
I was looking into buying a vpn router and wasn't quite satisfied with my search results and I thought I could set it up my self on my raspberry pi. Thanks to this guide of course that got me excited and motivated enough to actually do it. I use Proton VPN and the latest install of OpenWrt which is 21.01 at the time of this writing. I ran into some issues and followed docs directly on the OpenWrt support site and ProtonVPN + some googling of course. There are slightly different turns you need to take when setting up Proton VPN's openvpn configs so I pointed that below as well.
Summary of changes:
1. Wireless Config Deprecated Options:
- hwmode is now called 'band'.
- "option disabled" doesn't get added by default when you plug in the wireless adapter. Although leaving out will actually enable it per OpenWrt doc, but that caused issues of it constantly going down so I just added. It worked like a charm
- "option channel" seems to work better when you change it from what it's orginally defaulting to. Did it for both radio0 and radio1
2. Openvpn settings (Proton VPN):
- vpn config file and ikev2 username & password are different than your login creds. You can retrieve that from your account settings
- You will upload that directly into to OpenWrt and most config will be in place. The only thing I needed to do is add the ikev2 username and password in the GUI box specified in the "edit" section of the openvpn config aread (GUI). Use the first line for the username and second line for the password. ProtonVPN has a guide on how to set it up with OpenWrt (Google How to set up ProtonVPN on OpenWRT routers)
Nevertheless, this guide's workflow is sound and it got me in the right direction. My coworker were quite mesmerized when I pulled out my raspberry pi and said " and without a further ado, meet my vpn router" LOL!
Hey Check,
Can you top this video with how to set up aTor client on Linux OpenWrt?
Thank you! I have spent months figuring out how to do this and gave up. Now it's in one video.
Me too tried and could not find such a get Tutorial.
I did find many tutorials, but it either used something similar to openwrt and had to piece it together. The other option was to use openwrt but piece together how to do it and I was having issues connecting to a wireless connection.
Chuck, thanks to your channel, I've been inspired to setup my own small business network, with pfsense+, vpn and NAS. My next project is to build this travel router. Not bad for a 50-som'n year old guy. :) Thanks for all your work!
One major problem I foresee is -- what happens if the public wifi has a login/registration/payment page? I suppose you could temporarily set your computer's wireless MAC to the same MAC as the Raspberry Pi, login to the public wifi through your computer, change the MAC back to the original, and then boot the Raspberry Pi router and use it.
This is pretty slick! Guess the only downside is you would have to manually connect the Pi to the public WiFi you plan on using each/every time you travel...?
I'm always amaze how much knowledge IT people have. You guys are a human computer. Wish i could do stuff like this. Coding is just freakin awesome
You should go over if you have a guest login page. Where you have to pop in an email or something to join. Similar to what you can do with unifi. Great tutorial.
Did you figure out a solution to this?
I was thinking the same thing, a lot of places require to navigate to a specific web page in order to be able to have your connection activated
Note: You probably want to assign the External wifi adapter as the client and internal WIfi as the AP ass it does not have an antenna. You will get better throughput this way as your client devices will probably be closer to the pi.
It does have an antenna it's on the pcb you can even add an external one if you wish to
Here's a video idea for you: "You need to learn VIM RIGHT NOW"
Most linux admins / engineers use vim. The first thing I was taught as a linux admin was how to use vim. And once I switched over to vim from nano, I can't imagine using nano anymore.
Gentoo Linux defaults to nano, but I install vi(m) and remove nano before I even have a working system.
Thanks to things like vs code remote I do not need vim at all.
@ VS Code thats WAY too microsofty, Sublime Text with a VI plugin...for the win!
Vim does take some getting used too. I remeber writing whole commands only to look up and see that I'm it Command mode not write mode..
I recently made this after watching this and absolutely love it. All the projects you've done on this channel has inspired me to give them a shot myself. 2 questions:
1. Have you had issues with it randomly dropping the network you're connected to? It's been happening to me and i have to keep rebooting, though I've also accepted its due to the wifi im on (currently out of the us).
2. Have you attempted to use openwrt as your NAS at the same time? I tried following some stuff i found online and it works for local use, but i can't get it to go over the internet.
A little bit random, but if you happen to have an Atheros ar9271 (Alfa networks), you need the "kmod-ath9k-htc" package. This is the driver for that wifi dongle.
The command at 20:42 is: opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-core kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openvpn-openssl luci-app-openvpn nano
Thanks. Even after signing up for his site, I could not find the command of packages. I think it's all paywalled now...
To add to this comment (mine was deleted for trying to help others who might not find this comment, maybe because of links) there is a GitHub with information about the different USB-wifi adapters that can work for Linux, along with the packages needed.
morrownr/USB-WIFI
Awesome! Needed this information to continue. Thanks!
I love your enthusiasm, your sense of humor, your laid back style of teaching, and how thorough and detailed your lessons are. Plus your incredibly knowledgeable and stay current with all the latest tech. Very impressed with your content
*any new project starts*
Chuck: "COFFEE!!"
it's a requirement
Coffe -> Work -> Money -> Coffe
I hope you guys got it xD
How much coffie will be needed for a day
I have the feeling the cup is empty (?)
72 usd for a raspberry pi 4 1gb here minus everything else, over kill for building a router tbh, can get any supported router by openwrt, ddwrt, fresh tomato etc and do all that but i gotta admit the experience was pleasing to watch and the fact that one can do so much with a raspberry pi is amazing add the knowledge of networking and skills, i enjoyed watching this video… good stuff.
As someone getting into Linux stuff and was ready to throw my computer out a window when I started learning vim... your disdain for vim gives me a lot of happiness.
"the cool thing about nano is that you don't have to do any keystrokes, just start typing..."
pffft the *cool* thing about vim is that you *have to* do lots of extra commands and keystrokes, and you get such mega vibes from figuring out how to actually just type something you feel awesome!
So, I'd love to see your whole travel setup. This whole router and Plex Media server thing has my brain a spinning.
Amazing video! It would be really fun to see a follow up video from your trip where you actually use the router in a public place. It would be cool to have a visual example of how to connect to a hotel or Starbucks wifi.
Yea we need that
This.
It won't work in most hotels or Starbucks as they use captive portals
@@kebarosUK bummer.
@@OctavianTheGr8 forget what I said, szymeX made a good point on another post
I like the way you speak. A lot of people have a fake voice or tone. You seem genuinely excited when you speak.
Well, I must eat my words. Broke out my Pi 4 B and just start building the router. Looks like it going to be pretty slick. Thank you.
Chuck, I 'liked' the video, but for me there is something missing.
Most hotels/coffee shops/trains now have a banner login page where they expect you to enter an eMail address to get connected. This won't help in that situation... will it? Or when you connect a WiFi client does that get paased through?
Thank you for the content Chuck 😀😀😀 you're my favorite creator and I'm always excited to watch your videos! You inspire me and your energy is awesome, keep up the great work man!
same!
Very dynamic
Chunk: makes a vpn router with 17 layers of encryption and 8 different passwords
Me: *turns on vpn*
I was thinking the same... Isn't this kindof unnecessary now a days?
@@NikCasto If you have multiple devices, especially with multiple people (like chuck's kids) having each of them connect to VPN on their phone/tablet/computer is a lot of extra steps. Once you have something like this set up, all your devices/users get VPN from simply connecting to it's wifi. WAY easier, and less chance of mistakes.
If you only have 1 phone/laptop and are by yourself, yeah, probably easier to just use a VPN client... but that's not as fun as a project like this ;)
@@NikCasto Many VPN services limit how many devices you can use VPN on at once, with this, it'll only register as one device
@@sanjacobs6261 True true.
@@goldmousegames Ahh thanks for the clarification! 👍
Dude! I went into this project super doubtful that it would work. I've never had a project like this with IT stuff that's really worked out for me, so I wasn't really hopeful in myself that it would work, especially given that halfway through the project I came upon changes in the code due to the updated version of openwrt. However, I persisted through, and followed your tutorial to a T, and I am now writing this comment on the wifi setup through my rasppi router! I am super excited to try more stuff like this, so thank you for making such great content ❤️
Thanks Chuck Finally got my travel router working on RPi 3B+ all seems to be working and it also connects to my RPi 4B 2G vpnserver so effectively where ever I am I am surfing from home.
Planning a trip to the Local Star Trek convention in late July 2024 here in the UK (Blackpool Lancashire)
what dungle did you buy ? link plz
Thanks for the great video. Am I the only one that cannot find the install driver text in step 7 :( (The notepad file used in the video)
Great video! I did a similar build a few months ago but with a Pi Zero W and its brilliant for travel, takes no space and can be powered off the laptop worst case.
I’m assuming you just put a little hub with it for Ethernet and the additional WiFi dongle?
@@chrisrisley1324 No ethernet hub, just a Wifi dongle.
@@szymex8341 I use a converter, its at a 90 degree angle as I was hoping to print a better case for it (but havent gotten around to it yet)
Do more things with the raspberry pi! I love these videos!
Agreed!!! I bought a Pi4 8GB and am using it as a pihole with unbound doing DNS lookups so my DNS is totally private. I wonder if he could do this too with what he did in this video, so no reliance on cloudflare or google dns. Let the pi become a router, dns resolver and even pihole. You could sell them by the millions.
First person to get a 4/5G hat to work other than the manufacture wins everything..
How much knowledge this guy have is smashing me. I can't imagine how much time he spends. I've gone through so many videos and Chuck making me thinking I will never catch up to half of his level 😮😮
I am loving learning from you. You are so passionate and care about your work and not boring what so ever. Thanks heaps
to be honest, for the tasks mentioned (road trip) i use the mikrotik hap ac2 (RBD52G-5HacD2HnD-TC) since it has an IPsec hardware support onboard, the USB port suppoting LTE sticks and it is an accomplished product within appropriate housing and with power supply range 12-30V and regular updates. Anyway, the RPI is also might be useful in many ways, so thanks!
I've configured a Raspberry Pi to do what you're doing before just for fun (and if I actually could make it function) but I didn't use it for traveling I used it to have at home. It's a fun little project!
And thanks for the content! You're the man for doing these step by step tutorials.
Tell me could you get any of the 4G wireless hats to work. I've been trying for some time. Always run into a snag wether it be the wireless carrier not wanting to allow non-android devices to use there service of drivers njust not being available. Don't even get me started on AT commands while using outdated screen like the manufacture "recommends".
I use a $15- Orange Pi Zero because none of my bought routers would talk to my 4G LTE mobile broadband and I got tired of using an old Windows laptop with ICS to get my Internet.
These little SBCs are great.
I also loaded HomeAssistant on it and it controls all my home automation. (I live in a caravan)
Simply magic.
(edit) PS. Thanks for the VPN walk through. Very helpful. Cheers.
you loaded openwrt and homeassistant on the same SBC? Is that with 1GB RAM? How does it run (as in any issues)?
@@cplcabs Not using OpenWRT. Just bridging the 4G LTE USB dongle to Ethernet using the standard networking (Armbian). Leaving enough for the HA. Just using standard firewall rules seems to be sufficient for security and it means that I don't have to have Internet connected to use/control my RGBW downlights, etc. I have a normal router downstream that feeds the rest of my LAN.
@@GarthClarkson ah right, OK. Thanks.
About to go on vacation in 4 day’s working full time & working on this & a nas after work. I’m soo close to having everything done before my vacation. As a 40 year old welder who has been messing around with Linux for the first time building a router & a nas. Now I’m ready to trade in my windows laptop for a Linux one. Having fun & learning so much. I just found out what a IDE was I need a good not over complicated one. Also GitHub is awesome. Whole other world out there.
Update: I just finished my router. 🎉 although it turned into adventure because I waited till the next day to finish it. Bad idea. Either way started from scratch. Yahtzee! Let’s gooo this was a fun project for sure.
I tried this on my RaspberryPi CM4 (compute module), with two USB dongle. I had some issues. I first had to install an additional package: opkg install kmod-usb-dwc2
Then for lsusb to work, I had to insert the following line inside /boot/config.txt : dtoverlay=dwc2,dr_mode=host.
Finally, I don't know if it's because I had two adapter, a newer version of openwrt or because the driver ignition is too slow, but I had to add to /etc/rc.local the following lines before the exit 0 sleep 10
/sbin/wifi up
After this, everything worked as expected. Great guide thank you!
Hi Network Chuck, wow two years ago, but still relevant.
I've started traveling again and get frustrated by the devices available out there as well as suppliers' WiFi access, so need a good solution.
The VPN tunneling will help with my regional streaming services, fantastic!
One of the biggest issues I've found is the use of captive portals at hotels etc, they can be a pain, constantly being timed out and re-registering to some, I think a regular scheduled ping can resolve this. But it's logging in with the router, there is no login page on the router itself, so I'm wondering if I should log in using my phone or laptop and then clone my MAC address on the router?
What do you think?
This was my big question. Have you found a solution?
Hey, really cool I love that!!! Can you make a video on how to create a free VPN to install on the
Raspberry Pi, thanks.
I’ve watched this like 8 times since it got posted with all of the hardware sitting around. Finally just set it all up for a company trip with the team. Ready to flex 🤓 thanks man SUPER cool project
Yeah I'm ordering the requirements next month and get it set up for my home so I can use it on my Xbox and my phone's
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
Just got done completing this. Going to try it on a trip out west next week. Thank You! I'll let you know if it works.
@NetworkChuck I was hoping you could do a redo of this one for a more update version of this? Thanks in advance. :)
I believe at step 5 when you are making changes to radio0 you are changing the hwmode from AC wifi to b/g/n wifi, hence why there is a need to change the channel to 7 as well as changing the htmode (VHT80 = 80MHz - usually for 5GHz wifi). From my own experiences openWRT doesn't like radio0 using 5GHz 80MHz on a PI 3B+/4B (might be fixed on the 4B at this time of writing though).
You may also find that the Internet speeds when connected to the wifi network (that is also connected to NordVPN via OpenVPN) aren't the best. I believe you can make these changes by the GUI to radio0 directly as even one typo when doing config by CLI can cause your Pi to become inaccessible in some cases.
I've actually figured out how to do this on Pi OS 64-bit since I wanted to be able to use AC wifi on both network interfaces (access point and wifi client), non kernel supported USB wifi adapters, Wireguard connection to PIA VPN and a python app using flask to host a web page that can be used to connect to other wireless networks using a browser. It sounds like a lot but honestly it's quite easy to set up and can be configured in different ways.
Hey i am not seeing htmode and only band in my rafio0
Really cool, this OpenWRT. I setup my travel router with your instructions and it works really well! Thanks for the very clear and fun instructions :)
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
@@DanishNaseer1 absolutely, the reason for this is because the RPi is automatically connected with VPN, hence all traffic that goes over a network (which is also shared with complete strangers) is encrypted and much more secure. You do need a VPN to connect to, of course.
Before I had this, I too was directly connected to a hotel wifi. What happened was that someone in the hotel sniffed my Netflix credentials, so I received multiple login notifications, that I didn't know of. By using the encrypted connection of the RPi between my devices and the open wifi, all connected devices are automatically using encrypted traffic, making it much safer.
Thank you for the answer. Appreciate it@@sebassie25
What a channel! You're great to watch even for a 64-year-old retired ex-network manager (that's 20 years ago now 😁) - don't you love SNMP???
We live in Germany and have just got ourselves an RV to go exploring. Your Pi+NAS video was just what the doctor ordered and this router video is the icing on the cake. Only... I've been wondering, it would make sense to combine both functions in one box. And I'm thinking of Docker. I'd like to know your opinion, and do you think it would better to install Raspbian, then Docker and run OpenWRT on that? Or to install OpenWRT as the base layer, then Docker and run OpenMediaVault on that?
A video combining both these thing would make my Christmas (and give me something to do!)
Keep drinkin' that coffee, Chuck!
Indeed .. Would be interested in answer for this one :)
What bandwidth are you getting with this setup? I like the idea of loading PI on the box first, then routing using a container or virtual machine.
For anyone having this issue: Router can connect to internet, you can connect to router, but VPN does not launch:
check the logs. For me, it was missing paths in the vpn config file. I had to put the full paths for the CA file, the auth-pass file, etc. Any file reference in that file should have the full path, relative paths won't work. Otherwise the tutorial was flawless
I'd think it would be better to do the wifi interfaces opposite.... USB wifi with the antenna connect to public wifi .. because you will be more distant from the public wifi access point, so the external antenna will ensure a better more reliable connection. Since you're going to be very close to your pi, use it's internal wifi to provide wifi to all your nearby devices... Being in close proximity, they will do just fine off the built in pcb based antenna.
This is cool. Thanks for making these. I am learning a lot about network security and the capabilities of Raspberry Pi through your channel. Network configuration feels like such a complicated beast to tackle, and if you do something wrong, it could lead to some pretty serious problems, so thank you for this.
Hey NetworkChuck, curious about a detail - how much storage on a diy router is sufficient to have? In your video this was done with a 32gig sd card. I’m curious what I could factor for the size I give it. Also the enthusiasm I pick up from these videos reminds of a history teacher who was awesome. It’s the way to go because it sure helps when you are challenged by the path. Love this
The raspberry pi imager wouldnt let me install on anything larger than a 4gb. says something about the size being divisible by.... yada yada yada.. so Im stuck on a 4gb.
@@billc4303 Check if your card reader supports SDHC (> 4GB) and otherwise you can write the image to a 4 gig card and then copy that card to a bigger one before you first boot. You can also use an imager like Balena Etcher which supports more than the Rpi imager.
OpenWRT dopesn't need much though. Default is a 100 MB partition size. You need to resize the partition with a partition manager to make it bigger, which is recommended. But 1 Gig really is enough for a lot of things.
Also, 1 GB of memory is more than enough for OWRT. But you can't get a Pi with less than 2 GB now.
500 megs is plenty for open wrt, it only uses around 100 megs by default anyway, you have to expand the root fs to make use of whatever card you have
This is a great video. Even though doing everything via terminal is terrifying to most people like me, but this is a very clear tutorial and walk me through every step I need.
Give it some time. You'll become addicted to do everything in the terminal 😛
Working through an ssh session to a BASH account is so liberating. You will really have fun. I connect often using an ssh client from my phone to the host.
Using a gui is way easier for beginners, the only reason not to use the web gui on openwrt is for really old devices with less than 64mb of ram or 4mb of flash.
People in RVs are paying big bucks for a box to do this same thing! Add a USB extension cable to the USB Wifi dongle and put it outside on a mast and you have the same thing. Maybe upgrade to a directional antenna.
This was THE MOST informative and interesting Raspberry Pi use I have seen to date. It was amazing to watch, and I WILL be purchasing a "Pi" very soon to duplicate this technique for my use. I do a lot of field service traveling and in hotels all the time. This is exactly what I need, both in those places, as well as in my home. Thank You for your dedication to education for all of us!!
in your Openwrt config you forced 802.11g as the default connection and HT20 means you're forcing a 20mhz spectrum, using channel 7, while disabling shortguard for 40mhz spectrum. After the setup is done, I'd try and use 802.11n on there instead by switching the 11g to 11n. HT20 will work but it won't be as fast as it can go but it won't run into as many issues since it narrows the band to 20mhz. Short_gi 40 0 means you're disabling the short guard for 40mhz but it might be better to change that to short_gi 20 1 to improve throughtput speeds. If you're in an area with little to no wifi networks, then ht40 should work fine with short_gi 40 1.
Excellent catch there.
Very great video. Quick question... Would this setup also contain a "kill switch" for your wlan0 (public internet) connection if the tunnel connection to nordVPN drops? This way we prevent the RaspberryPi from silently failing over to non-secure public internet without checking it constantly?
Doesn't Nord uses firewall, which kills all traffic if VPN terminal drops? In theory it should. I only use free limited random VPN's, haven't had my IP directly exposed yet, apparently.
Nerds beware!!
I attempted this project this week because it looks awesome, but with a different adapter because I had it. Do not try to use anything with a RealTek chips. Getting them to work is way more work than it’s worth.
Otherwise, great video Chuck! I found your channel recently and I love what you do!
On the one hand, not bad, on the other hand, routers r sold separately, not because it is a rudiment. The structure of the raspberry pi has not been specially optimized for handling internet traffic, it would be good to compare performance between it and router with similar hardware. And u can't connect more than one device over a wire without a switch or another network card
P.S. Sorry 4 my english
Driver Install command @20:50 >> opkg install kmod-rt2800-lib kmod-rt2800-usb kmod-rt2x00-lib kmod-rt2x00-usb kmod-usb-c
ore kmod-usb-uhci kmod-usb-ohci kmod-usb2 usbutils openvpn-openssl luci-app-openvpn nano
Awesome! Needed this information to continue. Thanks!
Looks cool but hotel wifi as well as most public wifi at Starbucks usually requires me to navigate through a captive portal on the client in order to get connected. How do you do that on OpenWRT?
Came here with the same question…
Let me start saying this projects are amazing. I don't know to congratulate you enough. You have charisma and knowledge enough to pass it in a way that is interesting. Another quick thing, from the content generation stand point it's endless topics for everybody. Please keep doing this great videos. Thank you!
You could also take it to the next step, set up a VLAN in your home that only has access to the internet and not to your local network (securing your home network away from VPN just in case of a breach), and configure a VPN host on that network that you can connect to using this OpenVPN client. Then you don't need to have any VPN subscription if you already trust your home ISP and are just trying to get out of being monitored on public networks.
Would recommend using a spare PC (can get from an electronics recycling depot, or use a second Pi) with pfSense installed and two network interfaces to be able to facilitate this on the cheap without needing fancy routing equipment at home. You may need to get a Dynamic DNS registration though.
Thank you Chuck!
Following along… I’m trying to get the link and guilds to work… I am unable to view it.
I clicked it. Brought me to your Academy… I signed up. Up yet I still cannot find it.
If someone can point me in the right direction that would be great.
I've been seeing relatively high latency on the built-in pi wifi. It doesn't matter if it's OpenWrt or Raspberry Pi OS. ICMP ping shows roughly 0.6-0.7 ms if checking ethernet, but wifi ranges from 3-4ms. If I replace my OpenWRT pi with an OLD OpenWRT router, wifi there becomes 1ms. The pi's high latency ends up reducing my usable bandwidth over TCP due to window sizing/acknowledgements on appliances where I can't tune window sizes. Are you seeing similar latencies with the onboard wifi vs USB, or what else should I look at to debug my local latencies?
Nice feedback - I wonder also, - what is the value in this at all? - is this just to offload the encryption onto the Pi instead of doing it on each connected device? - I just bought a 4G Archer MR400 Dual-band 4G LTE router, - and its pretty awesome for traveling, - avoiding crappy hotel wifi. - I guess I could plug a Pi in via ethernet, - but I am pretty impressed with the Archer - its initial connection speed when opening my laptop is instant and there are no drop-outs. - it was built to order.
@@brentgreeff1115 Dude, the value is you can use this as your home internet router. Plus, it will reliably get 900+Mb throughput.
Adding VPN is nice, however for $50 you will get a more powerful router than most have at triple the price, and you can throw several cheap Avaya Instant AP's which will manage themselves on it for cheap off of eBay for $25 each IIRC 3x3 MIMO too.
Hey Chuck,
David from Arlington here!
Is it possible to swap the antennas? In other words, use the usb dongle as the receiver and the internal pi antenna as the broadcast antenna? The reason I ask is because I need to use an external Yagi directional antenna when camping.
Thank you,
David
why not? the interface you assign is of your choice.
@@bober1019 idk That’s kind of my question. I’m not a Linux programmer or Rpi expert. Is the Rpi interface capable of mimo with multiple devices using it as a router? Or is it specifically designed for a single channel access at a time?
@@MooreWoodWorks in my experience the integrated wifi/blutooth often drop and i think the same chip provides both services and is just trash if you look at a rapbery pi 4, bt and wifi are both under the same sheild plus the range is pure crap. i have 2 pi 4's and dont use the on-board BT or wifi and use usb dongles instead. anyways during the video(witch i dint watch fully) there should be a part where the "wan wifi" is being configured on the internal pi wifi. that interface has a name, just like the usb wifi dongle interface has a name. simply use the usb interface as the wan wifi you will be extending.
i belive with a proper mu mimo usb dongle you might be able to run both wan(shared/extended free wifi signal) and lan off of it.
@@bober1019 Thank you very much for your advise. I will rewatch the video and just swap the setup procedures and see if that works.
Thanks again!
@@bober1019
Is it possible to disable the onboard wifi and use two usb interfaces instead?
Great video! Can someone explain to me why you would try this instead of using a VPN to your home network? Or just using nordvpn on your laptop in a coffee shop?
Think of security as layers of an onion.
This Pi setup is essentially a firewall for your devices, which tend to be quite expensive &/or not so portable.
@@biologicfarm8555 That first part makes more sense but I’m still a bit confused how it’s any different from a vpn on your laptop? From what I understood from the video(which means I’m probably missing something), the pi router was still insecure until he enabled the vpn feature/add on
@@diegoz9896 He is using the PI for vacation for his family. So if he is in a camper, the LAN would connect to a mini NAS for movies, so his kids can watch movies on their phones, ipads, etc. Also the PI connects to the campsite WiFi and then connects to NordVPN to secue traffice if he and his family wants to surf the web.
Chuck, I can't keep up anymore :)
Please can you do a raspberry pi book with all your favourite projects and links to the videos, you're one of my favourite sources for cisco tutorials and now you've engaged with the pi it's amazing.
The enthusiasm and readability of the steps make your tutorials so engaging and easy to watch and follow.
Hi Chuck, I also did this project following your instructions with an RPi3, I only had one problem with the usb dongle I bought on Amazon and found that it didn't work as an AP, but in the configuration I reversed the two antennas (RPi3's built-in antenna as 'ap' and USB dongle as 'sta') and it works fine! This may help other people who have the same problem as me. Please bring other content and projects using the Raspberry. Thank you
hey would you be able to explain where the file is to change those settings? I'm trying to get this to work and would rather not need to track down the specific adapter at a local store lol
Love your videos Chuck! Been watching you since I was first getting my CCENT back in 2018. You've kept me inspired on my networking journey. Thanks and keep it up!
Hi Chuck. It would be great if the travel router would also have 4G or 5G so that you could use that to connect to the internet if no WiFi is available. Making it truly the ultimate travel router ;)
yup true , im thinking the same way too..
There are usb devices that have a LTE modem and card slot built in, or you could USB tether your phone just by installing the rndis driver.
@@rysterstech that is true, but not all USB LTE modems work under OpenWRT.
@@rysterstech but getting them to work is another story.
Hmm raspberrypi becoming hard to come by at the moment, price wise I've seen prices nearly double.
Damm
There was no coffee in the mug. And this, said approx. 1000 times in the video, is crazy and golden.
You can also do this with a usb stick, and just use the usb stick plugged into your laptop for internet anywhere you go. 🙂
Great video! I did this with a Pi 4 but when I connected the wifi dongle I noticed my speeds were really slow. So, I connected this to a wifi extender configured to be an access point and was seeing comparable speeds to my home router even from behind the VPN.
What is the benefit of using RPi as router? Like on a road trip if i use RPi as a router and connect all family members to RPi but obviously for that RPi first need to connect to the wifi network. Then why not my family members automatically connect to that wifi network instead of RPi router. can you help me out with my question?
@@DanishNaseer1 Two things: 1) added security layer. Most people use the default settings on their home router to include the default password. 2) if your devices are set to automatically connect to your Pi router then it's just plug and play.
This would be my favorite IT channel, but I'm a tea drinker. 😂
I am curious how the speeds compare to your main network? I was interested in doing something like this as my room has almost no wifi connections so I was going to use a router to connect via WDS allowing me to get wifi in my room and use the ethernet ports.
Are the speeds similar to the normal router or are they drastically lower?
That depends on so many things, from used wifi-standards (like B, G, N, AC or AX) to quality of the device to distance to other factors that decide it. Wifi is often slower than cable but it doesn't have to be. I have a 200Mbps-subscription and I can get those speeds everywhere in my house due to proper access-point placement.
So I can only report my case, I have a raspberry PI 4 as a ap and I'm running pihole (so that my phone has adblock) and unbound (dns server) and in my case it's running faster than when I use my normal wifi because our floors and walls are really thicc, when you combine a VPN with your ap you should get a speedslowdown that is measurable but not that you can feel it, as long as your not gaming over it. But you will need to test it yourself, when you use it alone just place it a room next to, or in your room that you most commonly use :)
This project/device doesn't really solve any issues in a elegant way. It's more of a learning lab.. your better off just connecting your computer directly to the wifi.
@@FilnetMgnigon you need to learn networking. Without this, or a travel router of some sorts you are unable to bring things like your Chromecast for example as most hotel wifi networks have device isolation and a portal to log in with a maxjmum number of devices per login code.
@@NickyHendriks those are trash reasons that have little to do with networking and everything to do with the hotel. Where in RFC does it state that hotels require a max number of logins per room code? The only real benefit is that if you have a million devices for whatever reason and want to only setup 1 VPN, then you can do that with this. All your reasons are just guess work
Found a limitation with Raspberry Pi devices. If you use a really early device (in my case a B+) without in-built wireless then you get in sticky spot. You can't install a USB Wifi device to give the OpenWRT internet access unless you're connected to the internet, and if you can't use the Ethernet because that's how you're accessing the terminal (or GUI). I can think the only way out is to 1) bridge internet via the computer you're using to programme the Pi, or 2) connect the Pi to a monitor/KB/Mouse to free up the Ethernet port, or 3) remove the SD card and load the driver packages on through copying from your computer.
Or - just thought of it - 4) edit the Pi ethernet static address so it's on your home network, and so it can see the internet through your home network, and you can connect to it from your computer.
But you would still have to connect the OpenWRT to the respective wifi network (Starbucks, Motel or whatever) each time?
Just curious, is there a way for this build to allow for captive portals/TOS agreements?
This was my first thought as well. Most hotels I've stayed at recently all have a captive portal which would make solving that problem a must if this is going to be useful.
After doing some quick poking it doesn't seem like you can do that directly with this. You would need to connect to the network and get past the captive portal on your phone/laptop/whatever first and then close the mac address of that device onto the Raspberry Pi to trick the network into thinking the Raspberry Pi was the one that connected 😕
Hmm a remote Chrome session might be a good solution.
The main problem I could see with using Lynx would be those annoying portals that require you to watch a video or have some other ad experience. They probably wouldn't work well in Lynx.
That's a fair point, I'm not sure. My suspicion is it is needed though given that there are many similar guides to this one that do talk about the captive portal being an issue.
Thank you very much for your videos!!! I love them and inspire me to do IT stuff. But what happens with the public WIFI networks that use a captive portal? Can you still use the raspberry pi?
I think it just opens the captive portal on the device that is connecting for the first time
Question for Chuck and friends: I have my first Pi - very exciting. Do you all normally re-flash the SD every time you want to try something different? Or do you buy a handful of SD cards to swap out? Also, can you partition a larger card into different Pi flavors and multi-boot? One final question -- for now: What about getting a larger card and using Docker for the various Pi flavors? Just typing that and I thought of many more questions but I will spare you for now. Thanks!
I'm no expert, but:
Considering it's easy to reflash opensource projects, id assume that's the way to go unless you have the money for buying many cards.
If you want to do multiple projects on the pi at the same time, then docker would be a great way to go I believe
Multiboot isnt very common with the pi. It is not a workstation and usually serves one particular purpose.
Docker (for the most part) containerizes applications, not OSes.
It depends. If you are new and want to play around with different OS, having one SD card is fine. You will have to wipe the SD card each time. (Warning, just know that sometimes partitions are created by an OS to make multiple drives, that can give headache when reformatting). Berryboot is an option for one SD with a select number of multiple OS it supports. After experimenting, buying multiple SD for OS's you like, or boot from an SSD.
A bit delayed here but since you're just starting out and are likely going to be switching os's fairly often I'd suggest booting from USB as flashing and reflashing will damage the SD card faster than it would a USB drive.
the sdcard/ usb ssd( for rpi3b+ and rpi4b) is the storage so ergo yes you need to flush it everytime( I recomand getting an ssd they last longer). Also as others pointed out Docker only containerizes applications and small dev environments. As for multiboot.. depends on what rpi you got. If its the Rpi3 then yea it wont work. If your advanced and know WHAT YOUR DOING then you could build a bios for the rpi4( has onboard cmos mmc) and no I wont teach you how to do that cause this is a very advsnced topic.
Might consider doing an approach like this as no travel router I can find mentions capabilities of connecting to public wifi rather than being bound to an Ethernet connection
can't wait to do this... will be using it in hotels and on flights... only need to buy account for flights from now on!
Don't mean to be a hater, but there arent any links below :(
Use your imagination
Not at first glance, you need to click in links and guides which will brung you to his website, from there navigate your way to this video and theres a step by step with links and commands
Chuck, you're amazing, and I go to Disney all the time and WISH I had this setup - for me, the holy grail would be to have a PI set up like this as a remote router, running OpenWrt and Pi-hole (with unbound - as an all-around DNS Solution) on the same device... I'm looking for documentation about how to do this... but YOU certainly do have the flair and competency to make an amazing video on how to make this happen.
I hope you trip rocks!!!
Isn't better solution to setup VPN at home as well as ON on all you mobile devices, so when you connect to internet anyhow (GPRS, LTE, WiFi) all the traffic goes encrypted over your VPN?
@@ewoks42 I’m certainly down with that. Some places seem to have VPN access blocked, so I can’t get to my home UniFi VPN network to connect remotely. There’s definitely a lot of online blogs on connecting OpenWrt with Pi-hole, but not in a single solution like this… ideally, I’d want my kids to connect to the wifi (conveniently name/password as the same as my home network) for school and work and Oculus connections without having dealing with hitting every device and get them connected to a new network. I suppose this would also get past the number of devices one can have on a particular guest network like you’d get at a hotel like Universal Studios. Disney doesn’t have any restrictions on number of devices.
@@oxoSeanoxo I'm relatively new to all of this, but couldn't you use this setup and VPN to a raspberry pi you have at your home network that is running pivpn and pihole and achieve all of this without combining it on one pi?
Sounds like this is what you're referring to: ruclips.net/video/FnFtWsZ8IP0/видео.html
@@utubepunk In fact, I followed this exact video... works really well.
Does this cover connecting to open networks, which need yout to accept the network rules and / or login before being able to use the network? Since the DNS is changed to cloudflare / google, neither the WRT router or the clients get the authorizeation site displayed ... if not this is only usable for classical WiFis without additional authorization.
Your x5 daughters are very lucky to have father like you. God bless your family from Pakistan
A really useful and well presented video. Thank you. I've been looking for something like this. I have a Pi 3b that I want to use it in exactly the same way as you have with the same configuration but without the vpn. What I want to do is restrict certain devices that connect to the wifi hotspot at certain times - the kids phones. Coming from a pfsense background I know how to do it via the firewall rules. Can the same be done with openwrt on the Pi?
I was curious about this as well as I wouldn't mind setting up a router in a similar configuration in my household. I don't know anything about the capabilities you get with pfsense, but based on what I just read in the OpenWrt documentation, it looks like you can restrict access for MAC addresses by time of day.
If you don't want to completely block internet access by time of day, but instead want to block access to specific domains by time of day (*cough* social media *cough*), it looks like you can do that as well through a squid proxy. Check out the Parental Controls section of the documentation for more info on how to setup a router with these configurations.
After thinking about how I want to setup my router, perhaps I'll redirect all social media traffic during "off hours" to NetworkChuck and John Hammond videos. This would allow them the ability to break out of the box I'm restricting them to, but only after significant research and a thirst for knowledge. =P
@@JustinWebPro This sounds promising. At the moment I have everything I need except the usb wifi dongle which I ordered last night. Installation and configuration wise I'm as far as plugging in the dongle but can't go any further. Just hoping it's possible to do what you are suggesting and I think also can be done on the firewall side of things. Pfsense rules are very easy to set up and are also very powerful. I have this in place for all other network devices in the house. I also don't have the the pfsense server powered on during the night to save on power and noise. The silent Pi solution for those certain devices is the last step in completing my network setup. Thank you for taking time to respond to my question. Much appreciated.
@@JustinWebPro I can now confirm it does work. A simple reject traffic rule for an IP or MAC address from the LAN to WAN does exactly what I want. There is the added feature of enabling the rule for certain times of day. Perfect for blocking the kids phones at bedtime and the set top TV box for streaming during no tech time. It might not be as powerful as pfsense, but for what I need it for its perfect.
@@F16_viper_pilot The things we have to do and the trials we have to face to keep the family safe from the evils of the internet! 😁