I just purchased a GL.iNET GL-MT300N-V2 to use a portable router. It comes pre-installed with openwrt which I was happy about, it isn’t something that will loose support. Then I got thinking, can / should I put pfsense on it?
pfsense will not run on that MediTek processor.
Well that makes for an easy decision.
Next question, do I trust the openWRT firmware on it or do I download the latest version from the source?
Not sure, I don’t ever use openWRT or that device.
Neither have I. That’s why I am thinking I want to reflash the firmware from a trusted (known) source. Or am I being overly paranoid?
Do you have discussions about them being without trust? I have a little AR750s at home that I use for an access point, seems to be fine except for an occasional glitch that knocks out the 5ghz radio. Normally comes right back and not something that happens very frequently at all.
1 Like
@Greg_E, thanks. I have nothing to suggest they are untrustworthy, I just have no experience with them. It is good to hear your experience has been positive.
My question comes from the fact that I don’t know what their track record is with firmware updates. Is it pure openWRT or do they add things? Do they update it when new releases come out or do they sit on it till they get around it? I don’t have the device yet so I haven’t had a chance to poke around and see what it does.
I got it for its price and I am pretty sure openwrt is what the WiFi pineapple is based on. Part of me wishes it did run pfsense, because I don’t have the desire to learn different ways to do the things I know, just to learn different things.
Trust me, I wish I could run pfsense on it too, that would open some possibilities.
I haven’t really taken a deeper dive into the software, but they did recently update my ar750s and it applied without issues. I think downloads are freely indexed so you could take a look at the history.
I will say that the device I have is a little under powered. More ram and slightly faster cpu would be nice, more storage would be nice too. These are minimal devices which helps keep the prices down.
I did try to get a site to site openVPN running on mine, but there ended up being some user errors in the config that I didn’t find until after I had already bought a computer to run pfsense. Now pfsense does all the routing on my lab and the AR750s (Slate) is just an access point. It would probably work now that I solved the config error.
I can’t think of a single “pocket” sized device that can load pfsense. You can get close with something like a Mele Quieter2, and that assumes you are using the wifi board to create an access point. I haven’t tried it and might not. Depends if I buy a second or third Quieter2 computer. I want a couple more for my lab, but need to think about it for a bit. I have one that runs Zentyal on my lab for a domain controller, need at least one windows client, and I’d really like a similar power/heat device that can have 4 SSD connected for a little Truenas box (without using USB drives).
Now all that said, keep an eye on the Raspberry Pi Computer Module 4 and all the boards coming out for it, you might be able to build a travel router with all the features you want. But I doubt it will be pfsense based, maybe opnsense will make a build for the Pi computers.
My immediate application is actually at a grandparents house. They live in the middle of nowhere and I have to set up a point to point network to get service in the house. I am setting up some unifi APs for wireless in the house. My goal is to upgrade the netgate box in my house and move my sg-1100 to their house.
After that it lives in my backpack. I was hoping to set up a VPN back to my house on it but, given your experience, it sounds like that is going to be a bit of work.
Have you heard of openWISP? It is a way of remotely managing openwrt.
It has wireguard built in and that is a lighter weight VPN, so that might be fine.
And the problems I was having was all my fault, had the same issues when I set up my home pfsense box and it took a few nights of thinking about it to discover the issue. In the end, I had the vpn tunnel on a network that was too big, set it down to a /30 and everything started to work. But since I spent the money to build pfsense, I never went back to try on the GLi device again.
The advice I got on their forums was that openvpn will work, just don’t expect gigabit speeds. I have a 70/6 mbps cable ISP so speed was never really an option and I knew it would be enough for that link.
That’s perfect, I was planning on using wireguard.