I’d like to try to use a mAP lite as a small VPN client bridge over ethernet and wireless. For example, if I went to a coffee shop I’d like to connect the mAP lite to it’s wireless network. Then I’d like to use the mAP lite to connect to my VPN. Finally I’d like to connect my laptop to the mAP lite through ethernet or wireless, passing my traffic through the VPN tunnel.
Has anyone setup a similar configuration recipe they could share? Otherwise can someone point me in a direction to get started setting this up?
I’m interested in wireguard or openVPN as the VPN client.
Yes, im using my mAP lite for exactly this. Im using wireguard and 7.1.1. I can get maximum of 50mb/s for wireguard traffic and then cpu bottlenecks.
As vecernik87 mentioned, its always a little bit complicated to set up thing where you connect to mAP. Main problem is that virtual wireless interface you use to connect to mAP only exists if you have successful connection to some network. So master wifi interface is either in ap mode (so you can conect to mAP but you dont have outside access), or you switch it and make client out of it then you are disconnected and then you need to connect trough LAN and setup virtual interface and make your own network so you can connect to wifi.
Also as akliouev mentionet, i really suggest using vpn client on your pc for ease of use, you need to mess with routes if you want wg to traffic everything trough that tunnel. Its not point and click.
Connecting to wifi on mAP will always be more complicated than connecting with your laptop. mAP will not connect automatically so you will have to set every individual network.
There is the scenario Where an intermediary Device is more secure than a laptop or phone connecting directly to the wifi. Don’t forget. packet sniffing of traffic is not the only thing that hackers can hit when connecting to strange wifi. They can connect and infect your devices that are directly attached. this can protect your devices if you add to the script. some firewall rules. I’m working on a modified Script that will allow for such protection. will post it once I get it done.
In case you “ create AP on the master “ , can you config wirelessly to let it connect to a new WiFi ( which is not on your connect list ) ? Thank you !
Can you both share your configurations so I can give it a shot? I understand the concerns regarding it being less convenient. But there’s a reason I want to set this up.
Yes, that’s the idea behind the script. Either it connects to a known network on the right channel, or it creates an AP for me to add a new wifi to the connect list.
Can’t add a VPN client to the laptop. Then a passthrough VPN is convenient for me. However, I understand that it would be easier to configure a VPN through a laptop.
Thanks for reply! I tried the other day and it somehow didn’t work well with the new wifi. ( when I changed the AP bridge mode to station mode, it disconnected and reboot, so it fell into the loop again to the AP bridge mode). My mAP lite runs 7.1.3 now. Anyway, I will give it a try again.
I’m not sure how that happens. There shouldn’t be anything that makes it reboot.
When you turn your physical interface into a station, the AP will go down. If the station doesn’t have anything to connect to from the station list, the virtual AP will not start. Meaning you will not have anything to connect to.
This is why I have the script run at startup. If there is nothing for the router to connect to, it turns the physical interface into an AP. I will then be able to connect to it, and update my connect list.