Sharing a wireless hotel Internet connection

UPDATE 2/21/16: Easier way to share wireless hotel Internet connection

UPDATE 11/24/13:
I haven’t needed to share a WiFi connection for quite a while but the need came up recently and I decided to revisit this popular blog post from April 2010…Wow. How did anyone follow this convoluted post??? I’m so sorry. Obviously it’s time to write a more straight forward one. Click here.

———————————————————————————

Connect to a hotel WiFi and set up your own private WiFi hotspot using an ordinary wireless router!

After a couple recent business trips, I found that I really wanted to connect my laptop, iPod Touch and phone to the hotel WiFi. However, since the hotel charges for each unique MAC address, I ‘d have to pay for multiple connections. I scoured the Internet looking for some type of wireless sharing device to solve my problem. Surely one existed. It would be dead simple if I wanted to share a wired Ethernet jack (everyday router/NAT, right?). However, I could find no out-of-the-box solution to share a wireless connection. Initially, I did it the hard way using an Apple AirPort Express wired to my laptop (see below for my original post). I could get it to work most the time, but it was a real pain to change configurations. After a little more digging, I found a much more elegant and easy solution.

Do I Need to Repeat Myself?

A few years ago, I hacked a Linksys router with the DD-WRT opensource firmware which allowed me to use it as a network bridge, giving wireless capabilities to my Ethernet-only network devices . I hadn’t paid much attention to that community since then, but my new needs made me check up on what they were doing. Well, it looks like that whole movement has grown incredibly. The best part was that they have moved on from just network bridging to the type of network repeating I needed; one that creates a secondary network! Another surprising thing is that Linksys, as well as other manufacturers, now openly embrace the use of opensource firmware. How times have changed.

Different Flavors of Repeaters

Let me explain why this particular type of repeating is necesssary. When you connect a basic router to, say, your cable or DSL modem, you are adding just the router to your ISP’s network. The devices “behind” the router in your home are on your local area network (LAN) only. The router manages all of the network traffic between devices as well as to and from your ISP’s network. From your ISP’s perspective, the router looks like a single client device.

A wireless network repeater is a device used to expand the range of a wireless LAN. A few home routers offer this as an optional mode. Technically, these are repeater bridges since they create a secondary network segment and connect (i.e., bridge) it to the primary segment. The important part is that both the primary and secondary network segments are on the same LAN.

You might add a repeater bridge upstairs when your wireless router (connected to your cable modem) was downstairs. Devices connecting to the upstairs repeater will operate as if they were connected to the downstairs router. Why would you do this? Well, it may be problematic trying to connect upstairs devices directly to the downstairs router due to a weak signal. Connecting upstairs devices to the upstairs repeater may be more dependable.

The flavor of repeater that I need, however, is one where the repeater creates a secondary segment, but creates one that is its own separate LAN. To do this, it must also do DHCP and NAT. Like an ISP that can only see the primary router, from the primary router’s perspective, it only sees the repeater, even though behind the repeater there may be many other devices. The opensource DD-WRT firmware allows me to turn a cheap Linksys router into such a repeater.

One thing you might take away from the illustration is how dangerous it is to connect directly to a hotel WiFi. It is wide open to attacks from other computers connected at the hotel.

The Easy Way

After reading up what I needed, I bought an Linksys WRT54GL wireless router for $60 at Frys, installed the latest DD-RT firmware, and followed a dead simple on-line tutorial. I had the router sharing a wireless connection in about 20 minutes. (Beats the pants off the days of torture I endured doing it the hard way.) Sure, it’s an old-school bulky blue Linksys router with an AC adapter and not as sleek as the Apple AirPort, but it’s rock solid and works like a charm. To flash the firmware, I used the “Mini-Build required for inital flashing via WEB, v24 preSP2 (Build13064)” file and just used the router’s web interface firmware upgrade function. Easy as pie.

When updating the DD-WRT settings, it may help to understand that the Physical Interface is the part that connects the router to the wireless access point (i.e., the actual Internet connection). As such, you have to manually enter the SSID and passphrase, if any, so the router can make the connection. You’ll need to change these two settings, if you later need to connect to a different access point. However, there is a little optional step that will make the router a universal wireless repeater. (I’m referring to the nvram set wl_ssid=”” start up script step.) This will only work for unsecured connections, like most hotels, but I’m wondering how it works if there are multiple access points in range. FYI I didn’t add the script.

In addition to the Physical Interface, you need to set up the Virtual Interface. This is the access point you are creating that you will connect your laptop and other devices to. What’s the difference? Well, the router only has one radio. As such, it is impossible for it to be truly communicating with the Internet access point (i.e., acting as a client) while simultaneously broadcasting to remote connections (i.e., acting as a host). The cleaver programmers quickly alternate between the two tasks, so from the user’s perspective, it appears as if it’s doing things simultaneously. Genius!

Anyways, this was easy to do and seems to work well. Below is the original entry I was going to post before I found the easy way. It may help you understand what the WRT54GL is doing; however, it remains mostly because I spent too damn long writing and editing it to just trash it =).

UPDATE 4/6/10:
After my success with the Linksys WRT54GL, I  switched to a Buffalo WHR-HR-G54. The Buffalo takes up about one-half the space and only has a single external antenna. In fact, it has an internal one and seems to work fine only using that if I’m in close proximity. Also, Buffalo is suppose to start shipping routers with DD-WRT pre-installed!

UPDATE 4/15/10:
On my first trip with the new repeater and it works flawlessly! A side benefit is that all my devices automatically connected to it since they already had the connection settings saved. Also, even though this particular hotel does not secure their WiFi (i.e., I could connect all my devices for free even without the repeater), I’m still using the repeater since it provides some level of protection between my stuff and the hotel’s WiFi network. Speed hasn’t been an issue.

UPDATE 6/17/10:
I feel compelled to state the obvious that this set up will not protect you from the normal hazards of connecting to a public WiFi hotspot. The normal suggestions to use HTTPS and VPN still apply.

UPDATE 11/15/13:
This post continues to get tons of hits after 3-1/2 years! Anyways, many routers have the bridge feature built-in and you don’t really need DD-WRT anymore, at least from what I’ve read. The TP-LINK TL-WR702N looks really good and it’s so tiny. I actually ordered the 703N version from China (via eBay) which already has DD-WRT installed. It was only $26! I’ll post something when I get it to test.

UPDATE 12/7/14:
The instructions miss an important step: After you set the Physical Interface settings and save, go to Status > Wireless and click Site Survey at the bottom. Look for the desired network in the list that appears and click the Join button on the right. Note that hovering over the entry in the Open column will tell you what type of password security is being used so you can use that in the following step.

———————

The Hard Way

I found a lot of nuggets of information on the Internet, but no one place that really let me get my arms around the solution. Hopefully, I’ll succeed where others have failed :-) There are basically just two things you need to do: 1) Hook up a wired network bridge to your laptop that wirelessly connects to the hotel WiFi access point; and, 2) Put your laptop in ad hoc mode. After that, you can easily connect any wireless device, like an iPod Touch, to your laptop, which now acts as an access point. (See illustration)

First, you need to get a network bridge. What is a bridge? It’s just a device that connects one network to another and manages the connection. In our case, it is bridging a wireless network (e.g., the hotel’s WiFi) to a wired network (your laptop only). You can find dedicated bridges, but they are expensive and not very portable. The best thing to get is a WiFi router that has a “bridge” mode. (Sometimes it’s called a client mode or not even called anything specifically!) I found three portable devices that looked like they had a bridge mode: The D-Link DWL-G730AP, the ASUS WL330GE, and the Apple AirPort Express.

On a side note, Linksys once offered the WTR54GS Wireless G Travel Router. From what I could gather, this is exactly what I was looking for, but sadly it appears to have been long out of production with no apparent replacement from Linksys or a competitor. The key listed feature is “shares a wired or wireless internet connection”. Other than the WTR54GS, I could not find a single portable device that would share a wireless connection out of the box. The ASUS WL330GE does have a repeater mode, but from what I can tell, it will only extent coverage and doesn’t have the capability of simultaneously creating it’s own independent network.

I opted for the AirPort because of it’s nice compact design that doesn’t require a bulky AC adapter. The D-Link and ASUS units looked kinda outdated too. The AirPort supports 802.11n. I gotta say, though, as nice as the AirPort looks outside, the software interface is ugly as hell and cumbersome. Every other router I’ve ever seen uses a nice web interface except this one. Basically you set the settings in a PC utility and it transfers a settings file to the device.

(NOTE: The following instructions are for a PC running Vista, but you should be able to do the same things on other operating systems.)

A couple things to take care of first:

  1. Connect your computer to the AirPort with an Ethernet cable.
  2. You must be in range of the wireless network.

OK, let’s configure your AirPort to work in bridge mode.

  1. Run the AirPort Utility.
  2. After your device is recognized, click the Continue button. (Note that it can take its sweet time to recognize your device.)
  3. Give the device a name and enter a password. This password is just used if you want to change the settings later. Click Continue.
  4. Choose “I want AirPort Express to join my current network” and click Continue.
  5. Choose “I want AirPort Express to wirelessly join my current network” and click Continue.
  6. Finally, select the wireless network you want to access, enter the login info, and click Continue.
  7. Click Update on the next page and your settings should be transferred to the device.
  8. If it all works out, you will get a Congratulations screen and the green light should be lit on the AirPort Express unit.
  9. Unplug the AirPort Express Ethernet cable. Wait a few seconds and re-plug it in.
  10. As you use the AirPort with different access points, you will need to change the wireless network login settings. You can do this by clicking the Manual Setup button and changing the settings on the Wireless tab.

Now, even though the AirPort successfully connects, if you are setting this up at home, your laptop may still be using your normal direct connection to your wireless network. As such, you need to disconnect from any wireless connections (or just temporarily turn off your laptop’s wireless radio). You may also need to set any existing wireless connections so that they don’t reconnect automatically. You need to test if you can connect to the Internet via just the AirPort connection. Open up a browser and try accessing a website. Essentially, your laptop should think it’s connected via a wired Ethernet connection.

The above is probably the trickiest part to getting this whole thing to work. If you don’t really understand networking, it will be difficult to troubleshoot and way beyond this short tutorial. However, it is pretty straightforward and should work.

Next, enable Windows Internet Connection Sharing (ICS) on your laptop:

  1. In Vista, open the Control Panel and click the Network and Sharing Center icon.
  2. Click on Manage Network Connection link on the left side.
  3. Right-click your Local Area Connection icon and choose Properties from the pop-up menu.
  4. Click on the Sharing tab
  5. Enable the “Allow other network users to connect through this computer’s Internet connection” option. (If a drop-down menu is visible, set it to your wireless network connection.)
  6. Close the windows down.

Warning: When you enable ICS, I found that it changes the TCP/IP settings for the Wireless Network Connection to a static IP instead of DHCP. Moreover, ICS will not work through the wireless connection if it is set to DHCP. The ramification is that if you want to go back to directly connection to WiFi via DHCP (e.g., when you are at home). You have to manually change this setting.

Now, set up an Ad-hoc network connection on your laptop:

  1. On the Network and Sharing Center window, click Set up a connection or network.
  2. Choose “Set up a wireles ad hoc (computer-to-computer) network” and click Next and Next again.
  3. Give it a (SSID) name, like “adhoc”
  4. Try WPA2-Personal security and enter your network passphrase. For whatever reason, I’ve had better luck connecting with the less secure WEP.
  5. Enable the Save this network option and click Next.
  6. This should set it up and make it ready to use.

Now, just connect to the Ad-hoc network from your portable device, like it was an ordinary WiFi connection. Be patient! I have found that after you connect to the access point, it can take several seconds for Internet access to be available to the portable device.

In the future, you will likely need to re-connect to the Ad-hoc network on your laptop. Just open the Network and Sharing Center, click the Connect to a network link on the left side and choose the Adhoc connect you created.

Well, that’s it. You can now share a single hotel WiFi connection with multiple devices. I anxious to test this out on my next business trip.


A note on Windows Bridge Mode

I also tried formally bridging the Local Area Connection to the Wireless Network Connection within Windows. To do this, you just hold Ctrl and select both connections in the Network Connection window, right-click and choose Bridge Connections from the pop-up menu. Using this method, I could connect my portable devices, but I could not get my laptop to browse the Internet. ICS seems to be a form of bridging that works better.

Speed up FTP transfer by disabling SPI on your router

My VOIP phone service ViaTalk recommended I disable SPI (Stateful Packet Inspection) on my router for better performance.

I did a little research and it appears that the primary purpose for this is to prevent DoS attacks which seems like overkill on a home router. Anyways, disabling didn’t seem to improve my VOIP service, but I was uploading a file today and was getting a significant upload speed improvement, maybe 20+%. Downloads seem faster as well. Nice!

Of course, if that is all this option is designed to do, it seems kind of stupid to have it on by default in a home-level router.

Note: On my DLink DIR-655 the option is under Firewall Settings on the Advanced tab.

UPDATE:
I should mention it speeds up downloads as well. A friend of mine who lives in Chicago was already getting an astounding 29,877 kbps down and 4655 kbps up. He switched SPI off and it increased to 32, 185 kbps down and 8,328 kbps up!