In this section we discuss some quick and easy ways to get yourself a small travel router up and running if you find yourself frequently on the go. Take this device with you to use on public, friends networks, or hotel WiFi for an extra layer of privacy and security. When used properly with a VPN, these small little routers give you a big boost for keeping your traffic online private and more secure.
GL-iNet routers are a favorite for me, they offer a full spectrum of routers for just about any needs, from tiny 2×2″ sized Shadow to larger units for robust home or business networks.
Great all around travel or home router:
Slate AX (GL-AXT1800) Gigabit Wireless Router
Specifications
• CPU: IPQ6000 1.2GHz Quad-core Processor
• Memory/Storage: DDR3L 512MB / NAND Flash 128MB
• Foldable Antennas: 2 x undetachable external Wi-Fi antennas
• Protocol: IEEE 802.11a/b/g/n/ac/ax
• Interface: 1 x WAN Ethernet ports, 2 x LAN Ethernet ports, 1 x USB 3.0 port, 1 x Type-C power port, 1 x MicroSD card slot (Max.512GB), 1 x Reset Button, 1 x Switch button
• Ethernet Ports: 10/100/1000Mbps
• Power Input: Type-C, 5V/4A
• Working Temperature: 0 ~ 40°C (32 ~ 104°F)
• Dimension/ Weight: 125 x 82 x 36mm / 245g
Smallest Travel Router, only 2×2″
Shadow (GL-AR300M)
Firmware
While GL-iNet uses OpenWRT firmware, which is open source, there are at least two capable of having their firmware flashed to DD-WRT, arguably the most secure firmware, and also open source. This article gives a brief description of the differences among OpenWRT, DD-WRT and Tomato. For a complete list of routers that have the capability of running DD-WRT visit this page.
GL-AR150 White (similar to the Shadow)
GL-AR300M Shadow (also a small pocket router, a personal favorite travel router)
GL-AR150 White Mini Router
GL-AR300M Shadow
Default login to router is 192.168.8.1, navigate to this IP on your local network and be sure to change your default password ‘goodlife’ to something unique and secure.
SSID (Set Service ID): Change the name of your router SSID.
You can also potentially avoid having your router physically mapped out by other devices, such as most phones, from WiFi scanning by adding ‘optout’ and/or ‘nomap’ at the end. I like to change the default name to make it appear as if it’s a different physical device, for example, instead of having the default name of the actual router from GL-iNet, I set it as ‘Verizon-4537-optout-nomap’ to appear as if it’s a phone or hotspot from Verizon. We like tricks.
Did you know that most phones scan for WiFi, even if your WiFi setting is turned off, and report the signal direction, strength and use the phone’s location to add to Google/Apple databases? This means that when the FedEx or UPS driver, or anyone else with a phone gets within range of your WiFi router, the phone will send the exact location of your router up to Google or Apple, who map these out. This is one way that your IP address can be used to physically locate exactly where your network is. This is also why we love GrapheneOS phones, they do not do WiFi scanning in the background like Google Android or Apple iPhone.
Malicious agents will see the name of the device and can attempt to login by using the default gateway (192.168.8.1), default username (admin) and default password (goodlife) to take control of the router. This applies to other brands of routers as well, it is relatively easy to search for default router information online. Check out this example with Netgear routers.
Configure your VPN Client on your GL-iNet travel router
Each VPN company will have varying instructions on how to generate a configuration file to import onto your travel router. GL-iNet offers a fairly user friendly guide to help you set this up properly using OpenVPN or Wireguard:
https://docs.gl-inet.com/en/4/tutorials/
When configured with a VPN on your router, this provides a nice layer of privacy and security both. Your router will connect using the VPN protocol, and your device (phone and/or computer) will connect to your router without leaking as much information. When connecting to internet without this VPN configured router, even with VPN killswitches enabled, your device leaks information to the ISP. Prevent this with your new VPN travel router and stay safer online.
Design your home or business network
to make a nice visual diagram, using their own software, or manually with something like LibreOffice Draw, Microsoft Office, etc.
Another excellent tool to create visual mapping for your network, or any other similar project, try out:
Generally, a wired connection to your devices is preferred, both from the ISP modem/incoming internet to your router, and from your router to your device. If you need wireless to connect a phone for example, still hardwire the router to the incoming internet using a LAN ethernet cable, and connecting to your router wireless.
Hotels and other public WiFi connections collect a lot of data from our device, using a router with a wired connection drastically reduces the data collected about your phone or computer, especially when using a travel router. I never connect directly to public or hotel WiFi with my device, I use the travel router instead. Wireless networks at hotels and public spots typically have a ‘splash page’ that requires user input, this step has the capability to see a frightening amount of data about your device, including past paired Bluetooth and WiFi connections, and much more.
Interview with GL-iNet on Watchman Privacy Podcast:
https://watchmanprivacy.com/2022/08/30/35-gl-inet-interview-slate-ax-and-travel-routers/
Tongue Mountain, Gifford-Pinchot National Forest, WA (Mt Rainier visible in background)