GL.iNet Router Review GL-A1300
Before I retired I had a job with extensive travel involved. I would sometimes take a full sized router with me to hook up at the hotel. Back then most hotels had an ethernet jack in the room. I’d simply push my own wifi network to my computer, phone, and many times an audio streaming device like a Chromecast or Raspberry Pi. Oh how I wished they would have had a GL.iNet Router back in those days.
I only found out about them recently on a Discord Forum. Some of the guys are using them for all kinds of amazing networking hacks. Even though I barely leave the house these days I wanted to get one just to see what I was missing out on.
The GL.iNet routers are based on OpenWRT which I have some experience with. Back up the clock 10 years or more and I was convinced (and still am) that having a router with an Open Source OS is way more secure than having an off the shelf Walmart router. Historically, I have ran OpenWRT several times on several routers and I always found it kind of geeky and sometimes hard to set up.
GL.iNet has added a fancy Admin portal on top of OpenWRT. OpenWRT GUI is called Luci. Translation: Luci configuration was geeky and the GL.iNet admin page is easy to use and intuitive.
In this instance you can see that I’m using the router as a repeater on my own home network. Because, hey, I’m at home testing this. It has 2.4 GHz and 5 GHz wifi and if you look close you can see I’m hooked to a Virtual Private Network (VPN). One glance gives you the whole story.
What’s This Thing For?
Quite simply ……… A lot of things. But most importantly it is for internet security when using Open Wifi Networks. Free hotspots are found at hotels, airports, coffee shops, etc. Hooking up to them is DANGEROUS. Anyone can see what you are doing.
The only thing you can do to protect yourself on Free and Open Wifi is to connect to a VPN which creates an encrypted tunnel between your computer and the VPN server. Consequently, no one can see what you are up to.
Plug in the router, connect it to the free wifi hotspot and it automatically connects to your VPN. You can then hook your computer, or phone, or tablet to the GL.iNet wifi network and know that your connection is secured and SAFE.
If your hotel has an ethernet jack, even better. Just plug it in, and it will connect to the configured VPN automatically.
I can’t even begin to list in this short blog what you can do with this. OpenWRT is crazy powerful. It has a ton of features such as:
- OpenVPN Server
- OpenVPN Client
- Wireguard Server
- Wireguard Client
- Tor Network
I’m done listing stuff. There’s even more. Quite simply, this is the most powerful, and configurable router you can get in a travel sized form factor. The downsides are slower processor speeds and slower network speeds. But, trust me, it’s fast enough for hotel business work and entertainment.
GL.iNet Router VPN
I use ProtonVPN and if you just log into your ProtonMail and go to the VPN settings there is a WireGuard configuration page.
It downloads a .conf file which you just drag and drop into the GL.iNet router interface.
I run my own WireGuard server at home on OPNSense and things are a bit trickier here.
If I download a Windows or Mac or iPhone WireGuard client when I create a configuration file it gives me a set of Public and Private Keys which makes it a snap to configure. However, GL.iNet doesn’t seem to do this.
So what I did was to copy an existing configuration file from a Mac and just used it. And wouldn’t ya know……..IT WORKS! But, I’m not a fan of having two identical configuration files on two different devices. I have stuck my head in the GL.iNet forums and asked for some help.
But for now, I can go to a hotel, plug in the router, connect to the hotel captive portal, and my router connects to my home VPN which means I can tunnel into my network. Also, I still have that encrypted tunnel for safe browsing.
Making The Conf File
How I eventually got figured out how to make a conf file for my home WireGuard Server was this: I used the Mac WireGuard client to create a working file and then I just cut and pasted it over into the GL.iNet manual WireGuard configuration. Smart, huh?
Then I made a 2nd working configuration for the MacBookAir.
I was wrapped around the axle thinking I had to MAKE the configuration file in GL.iNet. Turns out you just need a working configuration file made from any WireGuard client software.
The GL-A1300 Slate Plus is currently running Firmware version 4.4.5 which is reported as:
OpenWrt 21.02.2 r16495-bf0c965af0
This build is dated February 2022. The current version of OpenWRT is 22.03.5 as of this writing. This means that you are not running the latest and greatest OpenWRT. There are nightly snapshot builds available which I haven’t tested yet.
Yep. It has support for using Encrypted DNS over TLS from Cloudflare or NextDNS. That means your searches are fully encrypted from prying eyes. Not only is support built in, it is super easy to configure. I’m really beginning to love this router and how powerful it is.
I was able to easily add Tailscale support but I don’t get Tailscale. For example, let’s say I have a server or NAS that has Tailscale. Yes, I most certainly can connect to its IP address if my GL.iNet device is on Tailscale but if I have a VPN connection into my own network I can get to all my servers and devices. I can see how attractive Tailscale would be if I had just two devices I wanted to connect to each other.
But as it is, I’m content to access my whole network from afar.
This router has a USB port which storage can be connected to. From inside the Applications configuration you can setup a Samba server, WebDAV, or DLNA. Wow! That’s pretty darn powerful. I almost said nifty.
About That USB Port
Here’s a neat trick that involves an RTL-SDR software defined radio. They are inexpensive USB devices that can listen to around 500 kHz to about 1.7 GHz. That’s just about anything you’d want to listen to. Short Wave, Medium Wave (AM Radio) and FM. Police, EMS, Fire (all analog) and Weather radio can be listed to as well. I could go on and on about what you can do with an SDR radio.
Connect to your GL.iNet via ssh which I found was configured by default.
ssh 192.168.8.1 -l root
Then input your password. Once in, run these commands:
opkg update opkg install rtl-sdr
Lastly, you can plug your SDR into the USB port and type:
rtl_tcp -a 192.168.8.1
This can be added to Luci to autostart at boot if so desired.
Now go into an SDR client like SDR++ or SDR# or GQRX and connect by selecting RTL_TCP server and inputting the IP address of 192.168.8.1 and port 1234 and hit the start arrow. Voila! Radio!
Now you are a real Road Warrior! You have a VPN encrypted router that is also a radio that can listen to darn near anything. Of course your results are going to vary greatly by whatever antenna you have connected to the SDR. When I used to travel and do this with an OpenWRT router I just used to take a really long wire and throw it out the window of the hotel room.
What’s not to love? Small and light form factor. 2 ethernet ports. A USB 3.0 port with OpenWRT security and some other tricks thrown in for good effect.
If you travel you really should have something like this in your Go bag. Free Wifi is dangerous.
The only gotcha I see at all is that the manual configuration for WireGuard doesn’t make a key-pair but I bet the smart folks on the GL.iNet forum will help me work through that. As I mentioned I did use a workaround.
Hurry up and get one of these things.