Travel Router: How I stay secure on work trips

Greg Heffner August 14, 2024

The Problem

This week I have been traveling for a technical conference and what better time to talk about how I protect myself with this router than with real world examples as I encountered them.

I cant think of a time where I went to a hotel or event where there wasnt wifi available. While this is great for access to the internet when you arent at home, its not so great when you think about all the security issues you inherently expose yourself to when connecting to public internet connections.

When I travel I dont find myself with one smart device to keep track of. I usually have multiple devices with me as my creature comforts connect to the internet to operate. Think about it, watch, cell phones, tablets, work devices, radios, ect.. I asked around at the conference I am at and people on average bring about 3 - 5 devices that connect to the internet when they travel. Now this is very biased data pull as I am around technology professionals but im sure its not too far off the range for "normal" end users. Having this many devices and keeping track of which device has a VPN connected or making sure all devices have internet access, is a pain when you get more than two devices you are maintaining.

What I do

In previous blogs I wrote about VPNs, WiFi, and Pi-Hole adblocking. Please check them for some valuable information on how to protect yourself with software applications. While these are VERY important topics to consider there is ONE single piece of hardware I would never leave home without especially when traveling. The Slate AX a GLiNet travel router. This router is great and I would highly recommend. Its light, uses low power, several security features and I can plug it in my battery bank. I LOVE this resource.

• MAC address spoofing - Maybe not the first thing people think of when addressing security topics but having the ability to clone or spoof a mac address when connecting to Captive Portals or Public connections can be very useful. When a device connects to a open wifi connection most of the time there is a portal that opens that will grab your devices mac ip address and store it when connecting to their network. Businesses use this to put data caps or time limits on the the devices using their service, among other analytics.
• VPN - Natural supporting OpenVPN and WireGuard to be able to encrypt your traffic when browsing the web is very nice. Not having to worry about devices behind my router being on the VPN is really comforting. There is a toggle you can use on the side of the device that you can setup to enable or disable VPN in real time. Not having to use someone elses routers, DNS servers or access points reduces the number of potential vulnerabilities your traffic may come in contact with.
• Device Isolation - While being able to see all the devices on your home network may be beneficial, someone having the ability to know how many devices on a public network could be very bad. Remember the router keeps a list of mac address and IP addresses in its logs. If you travel with family or friends this could protect them as well while being able to separate their traffic. Being able to put them on a separate guest network while being able for them to utilize the VPN and DNS servers to protect them without being able to have access to your own devices.
• Spoofing Protection - Wireless spoofing is a thing. Would you know if the "xfinity" SSID you connect to is real or if its someone else broadcasting the same name to intercept your traffic as a man in the middle? Connecting your device via ethernet or wifi and then broadcasting your own SSID to connect to will enable you to verify and validate your access point connections. Keep in mind from my previous blog about all the information that is passed just to connect to the internet.
• Local Access - Having the ability to log into my devices at home to either upload images or download text files is important to me. I do have cloud storage for some items but being able to save documents and applications on my NAS at home in a RAID is preferred for me. Streaming videos, music, or dashboards connect through the VPN as well.
• DNS/AdBlocking - I dont ever think about ads until I leave my work or home. Its it immediately apparent when ads are a thing if you havent been used to seeing them for a while.

What I would improve

While I understand nothing good in life comes easy, sometimes having to make changes adds unneeded stress. Using this router to its full capabilities does have some initial setup when connecting to captive portals and hotel wifi. I do find myself having to connect my phone or laptop to the wifi before being able to clone that device mac address in the travel router. This can be a pain but once it is setup its good for the entire stay of your lease. If you are at a place where they have lower than 24 hour DHCP leases can be frustrating as you will have to renew your devices internet lease from their router.

Bing AI explanation

The GL-MT6000 Wi-Fi 6 router offers robust security features, including support for OpenVPN and WireGuard® protocols, WPA3 encryption, and DNS over HTTPS/TLS. It also features Bark Parental Control for content filtering and screen time limits. With a powerful quad-core processor, 2.5G Ethernet ports, and DFS certification, this router ensures both security and high-performance connectivity for home and office use. 🔒🚀

Edited by: Lucy Ruiz Oliva