Sunday, 27 July 2014 22:08

Setting up a wireless hotspot using TP-Link TL-MR3020 Wireless N Router

This is a guide on how to setting up a simple wireless hotspot using a TP-Link TL-MR3020 3G/4G Wireless N Router installaing with NoDogSplash. The goal is to provide a free hotspot with a splash page to advertise who is providing the hotspot, it should work as well for other OpenWRT supported router.
 
 
OpenWRT Firmware
The router firmware must upgrade to OpenWRT before you can installing the NoDogSplash.
  • Download the OpenWRT firmware for TP-Link TL-MR3020 to the computer.
  • I'm download openwrt-ar71xx-generic-tl-mr3020-v1-squashfs-factory.bin to my computer since my router hardware version is Version 1.
  • Connect the router to the computer via a network patch cable.
  • Launch the browser and navigate to http://192.168.0.254 which is the default IP for TP-LinkTL-MR3020.
  • Log in to router, enter admin for both User Name and Password.
  • Click on System Tools and select Firmware Upgrade
  • Click on Browse button and choose the OpenWRT firmware that you had downloaded to your computer.
  • Finally click on Upgarde button to start the firmware upgrading as shown in figure below.
    Firmware upgrade
 
 
Login to OpenWRT
  • Navigate to http://192.168.1.1 (notice that the IP had been changed from 192.168.0.254).
  • Click on Login button without enter any password.
  • For first time login, please click on Go to password configuration to change the password and SSH will be enabled automatically.OpenWRT Login
  • As shown in figure below is the OpenWRT status for my TP-Link TL-MR3020
    OpenWRT version
 
 
Overview of my network setup
For security purposes, it is setup to two different IP ranges on the network, so the external network will not link to my internal network. Here’s an overview of my network setup.
  1. AP (existing WIFI with internet connection): 192.168.1.1
  2. TP-Link TL-MR3020: 192.168.0.1
Network configuration
 
 
Changing the router IP address
  • Select Network->Interfaces and click on Edit button as shown in figure below.
    Network interfaces
  • Change to desired network IP, I'm using 192.168.0.1 for my router.
    Change network interface
  • Reboot the router and waiting the router to boot up.
  • Renew your computer IP and matching with the router IP range.
 
 
Connect to the internet
The computer is connected to the TP-Link TL-MR3020 router via a network patch cable, there is no other spare network (RJ45) port on the route since it has only single network port. To make the router on-line, I have to use its WIFI to link to my AP (home WIFI).
 
Note: With the following configuration, the TP-Link TL-MR3020 is configured to client mode, your internet may not work correctly if you setting the TP-Link TL-MR3020's IP range same as your AP.
 
  • Navigate to http://192.168.0.1 (use your own router IP) and login to OpenWRT.
  • Select Network->wifi and click on Scan button.
    Wireless Overview
  • Click on Join Network button which is associate to your AP (your home WIFI)
    Join Network
  • Enter key/passphrase which is matching to your existing AP and click on Submit button.
    Join Network Settings
  • Do not change any settings for the next screen, just click on Save button and continue.
    Wireless Network
  • Click on Wireless Security tab to view your network security settings (this step is not necessary)
    Wireless Network Security
  •  Finally click on Save & Apply button, the changes will take effect immediately.
  • After the router is ready, you shoud able to surf internet from your computer which is connected to the TP-Link TL-MR3020 via a network patch cable.
 
 
Setup a public WIFI
Offering wireless Internet access for guests (public),  the TP-Link TL-MR3020 router must configure as CLIENT mode and AP mode at the same time.
  1. When TP-Link TL-MR3020 router work as a client, it connect to your existing AP (home WIFI) wirelessly.
  2. When TP-Link TL-MR3020 router work as an AP, it offer free Wireless Internet Access for  guests.
The following steps adding an AP network interface to the router.
  • Select Network->wifi and click on Add button as shown.
    Adding a new wireless network interface
  • Enter your ESSID, this is the network name for guests to access your internet (link to TP-Link TL-MR3020).
  • The network is not selected by default, make sure you have select the lan as shown in figure below.
    Setting the wireless network interface
  • Click on Wireless Security tab to allow you to set the security key for your SSID, I leave it to No Encryption since it is open for public access.
    Setting the Wireless Network Security
  • Reboot the router, when the router is ready, any one is able to connect to the TL-Link TL-MR3020 via WIFI with the 123 SSID.
    Available wireless
 
 
Installaing NoDogSplash
NoDogSplash offers a simple way to open a free Hotspot (WIFI) providing restricted access to an Internet connection. NodogSplash is similar to NoCatSplash, but based on WifiDog.
  • Make sure your TP-Link TL-MR3020 have internet connection.
  • Click on System->Software and click on Available packages tab,  notice that there is no packages list available.
  • Click on Update lists button on the same screen allow it to download and install OpenWRT packages from local package repositories or ones located in the Internet.
    Software
  • Click on Available packages tab again, there is a list of available packages for you to install
    Available Packages
  • Enter the package name in the Filter text box to find out the package that you want to install.
  • Here we enter nodogsplash and click on Find package button since we want to install NoDogSplash.
    Install nodogsplash
  • Click on Install button as shown in figure above to start installing NoDogSplash. NoDogSplash installing successful as shown in figure below.
    Installing NoDogSplash successful
 
 
 
Starting NoDogSplash
You must enable NoDogSplash before you can use NoDogSplash.
  • Select System->Startup, click on Disable button next to nodogsplash as shown in figure below.
    System Startup
  • Click on Restart button to start NoDogSplash service as shown in figure below, the service is take effect inmmediately (NoDogSplash may consist of bug, sometime you need to restart twice in order to start the service correctly, but there is no problem if you reboot the router).
    Restart nodogsplash
  • Navigate to any website (eg. google.com or your router IP), the NoDosgSplash splash page (landing page) should appear.
    NoDogSplash splash page
  •  Click on the NoDogSplash icon to start surfiing internet.
 
 

Customise splash page
The splash pages (landing page) is stored on /etc/nodogsplash/htdocs/ directory. Edit the splash.hml file to customize your "splash page". I'm using WinSCP to edit files on the router. You can use standard html and javascript for coding.

Navigate to your router IP with port 2050 to view your splash page before or after authentication. Use this to test your splash page.
http://192.168.0.1:2050
 
NoDogSplash configuration file
NoDogSplash should work very well without any changes to the configuration file, however you may want to modify this file to adequate your free WIFI network system.
The NoDogSplash configuration is store on the /etc/nodogsplash/nodogsplash.conf file.
 
GatewayInterface at line 14 is set to br-lan by default, br-lan or br0 are used to make multiple virtual or physical network interfaces act as if they were just one network interface. With the GatewayInterface set to br-lan, NoDogSplash is bind to wireless and wired interface.
GatewayInterface br-lan
 
You may want to access to certain port after authentication. Adding the following two lines inside FirewallRuleSet authenticated-users (after FirewallRule allow tcp port 22 at line 55) allow the Gmail to send and receive email using an email client software (eg. Microsoft Outlook).
FirewallRule allow tcp port 995
FirewallRule allow tcp port 465
 
You may want to access to certain IP address before  authentication. Adding your router IP address inside the  FirewallRuleSet preauthenticated-users section (at line 89) allow you to login to OpenWRT web interface without  authentication.
FirewallRule allow tcp port 80 to 192.168.0.1
 
Open port 443 allow you to access https webpage before authentication. Adding the following two lines inside FirewallRuleSet preauthenticated-users section (at line 89) allow you to access facebook without  authentication.
FirewallRule allow tcp port 443
FirewallRule allow tcp port 80 to 73.252.64.0/18

 

You may want to redirect the URL to your own website after authentication. Example below will redirect the URL to my personal website after authentication.
 
You may want to force the guests to see the splash screen after certain amount of time. Adding following lines will fource the guests to see the splash screen at least every two hours (120 minutes).
ClientIdleTimeout 120
ClientForceTimeout 120
 
 
 
NoDogSplash status
SSH to router, you will able to show a lot of nice info.
ndsctl status
Here is the example of output.

==================
NoDogSplash Status
====
Version: 0.9_beta9.9.8
Uptime: 0d 5h 42m 3s
Gateway Name: NoDogSplash
Managed interface: br-lan
Managed IP range: 0.0.0.0/0
Server listening: 192.168.0.1:2050
Splashpage: /etc/nodogsplash/htdocs/splash.html
Redirect URL: http://ediy.com.my
Traffic control: no
Total download: 0 kByte; avg: 0 kbit/s
Total upload: 0 kByte; avg: 0 kbit/s
====
Client authentications since start: 6
Current clients: 2

Client 0
IP: 192.168.0.120 MAC: 00:11:22:33:44:55
Added: Mon Jul 28 07:26:51 2014
Active: Mon Jul 28 07:56:41 2014
Active duration: 0d 0h 29m 50s
Added duration: 0d 0h 29m 50s
Token: 9660d3fc
State: Authenticated
Download: 2170 kByte; avg: 9.69893 kbit/s
Upload: 401 kByte; avg: 1.79455 kbit/s

 

Client 1
IP: 192.168.0.120 MAC: 11:22:33:44:55:66
Added: Sat Jul 19 12:23:34 2014
Active: Sat Jul 19 12:29:15 2014
Active duration: 0d 0h 5m 41s
Added duration: 0d 0h 5m 41s
Token: ac37311a
State: Authenticated
Download: 1575 kByte; avg: 36.9634 kbit/s
Upload: 169 kByte; avg: 3.96788 kbit/s

 

====
Blocked MAC addresses: none
Allowed MAC addresses: N/A
Trusted MAC addresses: none
========

Read 87031 times Last modified on Thursday, 21 September 2017 16:56
Back to Top