I'm in the security field and I travel a lot. I don't trust hotel networks to be either secure or private, so I wanted something portable and easy to use to help with both privacy and security. So I make a portable privacy router using:

• TP-Link TL-WR710N

• OpenWrt BarrierBreaker 14.07

• OpenVPN

• anonymous vpn service

The full set of instructions are at http://www.digitalreplica.org/2014/10/p … cy-shield/ but here's the highlights of what it does.

The TL-WR710N is cheap and tiny, but it has two ethernet jacks and a wireless chipset that can do client mode and AP mode at the same time. So I have a wired and wireless connection on both the external and internal side of the firewall to allow for whatever network type is needed. Obviously the firewall is set to block everything incoming from the external side and allow internal traffic out.

I use the reset button to start and stop the vpn (and reset if you hold it long enough). The vpn start/stop scripts change the LED to blink different patterns depending on when the vpn is connected or not. This lets you connect to the hotel network at first to get through their captive portal pages, then connect the vpn and stay private. For most setups, it's that easy to use. Only connecting to a new hotel wireless network requires accessing the OpenWRT web interface.

I hope the instructions are useful to someone else. I tried to make them easy enough that anyone can follow along and get something similar set up. Feel free to post comments either here or directly on the site.

Danny

Sounds a bit tedious if you ask me, why not just use your home router equipped with OpenVPN and connect to that (while it still is at home of course, just to be clear). That is how I did it when I was in the States on vacation and my Router is in the Netherlands, worked perfectly fine and you also get to use your shares safely for back-upping without the need of buying this router and paying for a VPN service.

There's absolutely no reason you couldn't use this with your own vpn server and save a few bucks. I wouldn't recommend it, unless you're comfortable dealing with Internet-exposed services and can make sure you secure it properly. There's other considerations too.

• A vpn on one device is way easier than getting the vpn connected on a couple of laptops, a phone and a tablet. Sometimes I have a couple more devices that may or may not support OpenVPN at all.

• My home upload speed is crap, so using it would slow down my Internet connection considerably.

• I have a mix of work and personal devices, and I won't allow a work machine vpn access to my house

Past that, it was just a fun little geeky project to work on. It let me experiment more with OpenWRT without the risk of screwing up my main Internet router.

Danny

Thanks for this.  It looks very useful.  I've ordered a WR710N.

Using a portable VPN endpoint with your own home connection assumes a lot too much of the average user and is really only practical if you actually need to access resources or services at your own home or office ie: network drives, printing, etc.

1.  Running and securing a home server with VPN endpoint is not user-friendly.
2.  Having the bandwidth and data allocation at home to support such a thing reliably is not your typical home-user connection.

Remember many home connections now have data usage caps, even as the ISPs raise network speeds..
Also, upstream bandwidth is still severely limited compared to downstream bandwidth and a VPN connection will of course use TWICE the bandwidth you would at home as you are directing ALL traffic both IN and OUT of this connection - your home is just the middle-man in every transaction as you access the Internet through a VPN.

For $50-100/year you can subscribe to dozens of different commercial VPN providers, most of whom offer connection endpoints around the world, so you can either secure your identity, and/or your location.  You can use a VPN to access geo-restricted services ie: Netflix or BBC iPlayer, or for other purposes.  Many also allow multiple connections, so you could connect your iPad or PC and phone at the same time, and all the good providers offer PC, Mac, IOS and Android clients - really good ones offer OpenVPN configuration files or instructions so your router can connect automatically.  So for ~$5-10/mo. I'd say the commercial services are a far more cost-effective choice.

(Last edited by anonym00se on 28 May 2015, 04:02)

Me too, ordered one.

But be careful: while v1.x has 8 MB flash, the new v2 only has 4MB.

So, I could load openwrt, but I fear that there is not enough room for openvpn without lot of works.

--> Anybody has a good idea for another small openwrt router with 2 Lan-connections and enough flash?

Hi,
on the 4MB version, I managed to install Attitude Adjustment with openvpn and lucy. (I did not succed with Barrier Breaker, not enough room)

I did dirty modifications on the wr703n profile (to change the name), and build the image with imagebuilder.

But I lost the second lan. I have just one lan and one wlan. Enough for me,  because hotels hotspots are often wifi. I'm just using it on wifi.

Danny - how's the speed on this? I'm working with a HooToo using some stuff that wingspinner and RangerZ posted (and your write-up). But VPN speed is maxed at about 5mbit but more typically in the 2-3mbit range.

Please let me know. Thanks!

You could expand the flash memory with an USB memory Stick (see https://wiki.openwrt.org/doc/howto/extroot). It works well, but I have a problem with the USB port. I need to use an active USB Hub for the memory stick. Without I get USB errors (see dmesg on console) and the device 'sda' doesn't exists in /dev.

Has someone the same problem with the WR710N Version 2.0?