Campground WiFi question

[pspfreak]

Let me just quickly describe the setup I'm using and what situation I have.

This campground is out in the middle of nowhere, where there is no cell signal. I have to resort to the campgrounds provided wifi, which is operated by a local ISP to them. This local ISP charges per device for the season, and its not an inconsiderable amount. To get around this for the past year I have been using a Ubiquiti loco m2 to pick up the campground wifi, bring it into a pfsense router, and rebroadcast this to the campsite we are at. This has been going along fine. We aren't the only ones who do this sort of thing. Now recently, this ISP has caught on to what we are doing, and has kicked us off the network. I can only assume they are looking for MAC addresses that would appear to not be from a wireless device, like a phone or laptop. And by the way, I do have a valid reason for doing this other than cost. The outdoor WiFi they provide is horrid, signal strength wise, so with a mobile device with a small antenna it really just doesn't work well at all. 

 

Now, what I would like to try is putting the loco m2 into router mode, and cloning the MAC address of a cell phone that I have. I was thinking this should prevent them from picking up on the fact that I am using a router, as long as this is what they were doing. It's a small municipal type isp, so I don't think they were doing traffic snooping and looking at TTL's and such. Is there anything the LTT community could recommend to keep me under the radar? I was also considering disconnecting this when I leave the campground, just to try to make it harder to spot. I know this would also mean I have multiple layers of NAT but this shouldn't matter too much for basic tasks. 

[Electronics Wizardy]

8 minutes ago, pspfreak said:

, bring it into a pfsense router,

Is this router doing nat?

 

If it is, they the ISP will only see one mac address(the router) for all the devices.

 

Really work with the isp here. There are a lot of ways to tell that your doing this type of setup, and your much better working with the ISP or getting something like starlink.

[pspfreak]

Just now, Electronics Wizardy said:

Is this router doing nat?

 

If it is, they the ISP will only see one mac address(the router) for all the devices.

 

Really work with the isp here. There are a lot of ways to tell that your doing this type of setup, and your much better working with the ISP or getting something like starlink.

Yeah, the router was doing NAT. We've tried working with the ISP, called them up and described what we want to do and it was basically a "well this is what we offer dont like it too bad so sad" type deal. Starlink is something i've thought about but with tree coverage you can't even reliably get satellite radio, so I don't think starlink would work out.

[Electronics Wizardy]

1 minute ago, pspfreak said:

Yeah, the router was doing NAT. We've tried working with the ISP, called them up and described what we want to do and it was basically a "well this is what we offer dont like it too bad so sad" type deal. Starlink is something i've thought about but with tree coverage you can't even reliably get satellite radio, so I don't think starlink would work out.

Best next option is probably one of the travel routers, but still doesn't really hide traffic.

 

Running everything over a vpn would hide the traffic better, but you don't know what your doing thats flagging their system.

 

How are they authenticating clients? Is it all based on mac?

[pspfreak]

1 minute ago, Electronics Wizardy said:

Best next option is probably one of the travel routers, but still doesn't really hide traffic.

 

Running everything over a vpn would hide the traffic better, but you don't know what your doing thats flagging their system.

 

How are they authenticating clients? Is it all based on mac?

Pretty sure its MAC based. When you first login it brings you to a captive portal to pay for service. No way to transfer that service without calling them and begging and pleading. The loco m2 has router capability, do you think that would work in this case? I don't suppose they're doing too much snooping although maybe a VPN wouldn't be a terrible idea. I have gigabit here at home so I could just vpn back here. 

[Electronics Wizardy]

Just now, pspfreak said:

Pretty sure its MAC based. When you first login it brings you to a captive portal to pay for service. No way to transfer that service without calling them and begging and pleading. The loco m2 has router capability, do you think that would work in this case? 

Yea id try using the router on the loco m2, removes a factor. Id try putting everything over a vpn too, so they can't look up TTL or the device info from http browsing.

[pspfreak]

4 minutes ago, Electronics Wizardy said:

Yea id try using the router on the loco m2, removes a factor. Id try putting everything over a vpn too, so they can't look up TTL or the device info from http browsing.

I'll try router mode with MAC cloning and see how that gets me. I don't they are going that in-depth. Thank you.

[Donut417]

1 hour ago, pspfreak said:

Let me just quickly describe the setup I'm using and what situation I have.

This campground is out in the middle of nowhere, where there is no cell signal. I have to resort to the campgrounds provided wifi, which is operated by a local ISP to them. This local ISP charges per device for the season, and its not an inconsiderable amount. To get around this for the past year I have been using a Ubiquiti loco m2 to pick up the campground wifi, bring it into a pfsense router, and rebroadcast this to the campsite we are at. This has been going along fine. We aren't the only ones who do this sort of thing. Now recently, this ISP has caught on to what we are doing, and has kicked us off the network. I can only assume they are looking for MAC addresses that would appear to not be from a wireless device, like a phone or laptop. And by the way, I do have a valid reason for doing this other than cost. The outdoor WiFi they provide is horrid, signal strength wise, so with a mobile device with a small antenna it really just doesn't work well at all. 

 

Now, what I would like to try is putting the loco m2 into router mode, and cloning the MAC address of a cell phone that I have. I was thinking this should prevent them from picking up on the fact that I am using a router, as long as this is what they were doing. It's a small municipal type isp, so I don't think they were doing traffic snooping and looking at TTL's and such. Is there anything the LTT community could recommend to keep me under the radar? I was also considering disconnecting this when I leave the campground, just to try to make it harder to spot. I know this would also mean I have multiple layers of NAT but this shouldn't matter too much for basic tasks. 

Might be time to see if you qualify for Starlink. This way you can tell that Local ISP to pound sand.