Small Packages
We're in the dog days of summer, and the family and I are spending each weekend in the Berkshires at our cabin in the woods. (Outfitted with SDWAN, as you may recall from my previous post.) But just because I'm lakeside does not mean that my job stops – in fact, last week while I was on vacation I had an escalation call almost every day.
When work needs to happen, failure is not an option: I must have access to our internal systems in order to help isolate network failures. Many of my company's customers have opened up specific ACLs to permit inbound traffic from our corporate office, so when I need to troubleshoot issues alongside them, I'll generally hop through our office to get to their network. I could use VPN, but what's the fun in that when your company makes something so much better?
I'll go into the gory details of my office-within-an-office setup at some point, but for the purposes of this post there is a tenuous, yet critical link between the 128T sitting on my desk and our internal guest wifi network. Unfortunately, my desk is nowhere near a wired jack, so I'm resigned to using wifi to bridge my "desk LAN" with the corporate LAN. For reasons that are no good, my wifi bridging had been done using a pair of cheap devices (two of them, for redundancy purposes) that have a tendency to fail once per week.
When I'm not in the office and one of those wifi bridges fails, it's no big deal – I can log in via the other one and reboot it. But there have been enough occasions that both of them have failed that led me to investigate other options. My newest discovery is the subject of this article: the GL.iNet USB150.
This little $30 marvel is a USB-powered OpenWRT system that will, out of the box, act as a wifi repeater. My application is a bit different though; I put it into the USB port of my little Fitlet2, set it up as a wifi client to our guest wifi network in the office, configured it as a bridged interface within my 128T, and voilà! A USB ethernet-to-wifi bridge for connecting in.
Because this little guy is running OpenWRT, it has access to loads of packages. I've only just gotten it working yesterday, but already set up a Tor "hidden SSH service" (here's a blog that talks about how you can do this, too). I've also installed Quagga, and will use it to exchange routes with 128T using OSPF.