"All in one" Travel Router Idea

RouterOS General
1

HI all,

Compliments of the season & a happy new years to all!

I’ll be traveling soon and I’d like to have my own portable “router swiss arm knife” of sorts. One that is hopefully cheap (<$200) and in stock at reasonable pricing, if I do need to replace it.

Here are my thoughts so far, any suggestions in terms of router / anything I’ve missed / features to add / security to add, would be greatly appreciated!

Ideal Router:

  1. A single router (HAP AC2/AX2/AC3/5xxx). Currently I have a HAP AC2 and AC3.
  2. Ideally small and light.
  3. Can be powered over PoE / standard 5-12V DC barrel jack via a wall plug or mains.
  4. Can be powered using a power-bank (Romoss 30k mAh) + USB B 5V to 12V .
  5. Can be powered using a laptop + USB-B 5V to 12V converter.
  6. WAN - Eth1, WLAN client, USB (Android LTE phone).
    6.1) 4 LAN ports minimum. Ideally 5.
  7. VPN Client / Server.
    :sunglasses: Wireguard / ZeroTier / Talescale support.
  8. QoS
    9.1) Main LAN - 1.VoIP ; 2. HTTPS/HTTP/SSL/browsing ; 3. Streaming (YT,NF,Spotify etc).
    9.2) Guest LAN - 1. " " 2. " ". 9. Streaming " " .

Basic Setup: - I’m assuming I’ll get atleast 10/10Mbps internet connection in most locations, anything more is a bonus. I’ll just have to adjust my QoS Egress/Ingress limits accordingly.

  1. WLAN1 2.4 SSID-001 = Station/Client mode, so it can connect to an Access Point, get a IP & pass internet through to the clients (my phone, laptop).
    1.1) WLAN1 2.4 SSID-002 = IoT / Guest SSID (Pi etc) = ACL for my devices.
    1.1.1) Bandwidth limit = 2Mbps
  2. WLAN2 5.0 SSID-001 = My Wifi = ACL for my devices.
    2.1) WLAN2 5.0 SSID-002 = Backup Wifi = ACL for my devices.
  3. ETH1 = WAN
    3.1) ETH2 = Direct to internet?
    3.2) ETH3-4 = Bridged ; Main Bridge incl WLAN2 5.0 SSID-002 & 003.
    3.2.1) ETH5 = PoE out to VoIP phone ; Isolate port/DHCP ; Bandwidth limit = 2/2Mbps

3.2.1.1) ETH5 QoS = 1. VoIP ; 2. HTTPS/HTTP/SSL/browsing


4) Limit access by MAC address / IP / both ?
5) Firewall rules to protect from Bridge-hopping/visibility? Layer with MAC access lists?


Bonus:

  1. PoE Out - could always get a PoE injector /
  2. Can be powered using a power-bank and a USB-C / PD port + cable/adapter to 12V DC.
  3. No additional Natting / Double Natting.
  4. Minimize Buffer-bloat ? Relevant if not core site router?
  5. Containers for PiHole / Adguard ; Uptime Kuma ; CloudFlare Tunnel ;
  6. Some basic IDS/ISP - How would this impact performance vs relying on the ACL lists? Might be overkill…
2

ddd

3

For travel router Miktotik has mAP and mAP lite for some time now…

I am certain than one of them will serve the purpose…

If not you are to late because Santa Claus wishes are closed and delivered for this year…

4

I am still pretty happy with mAP and mAPLite devices.
Upgrade to latest Wifi-chipsets may happen but not mandatory (in my view).
Upgrade of eth-ports to 1G may be needed though.

5

There is no perfect device. There is no device that supports all of your requirements at once. You need two devices hAP ax2+mAP
PS USB from a laptop can not supply power through a 12V converter. Because this connector can not deliver the necessary power.

6

Thank you for your replies.

@satman1w & @holvoetn

mAP does not meet my requirements for LAN ports. Sadly it does not have 5Ghz and looks to be a bit out of date / old. Lastly, I already have newer, more powerful / feature rich units like the hAP2AC & 3AC.

@Ca6ko -

I understand that English isn’t your 1st language, but perhaps there is some misunderstanding (based on your reply).

  1. I never said there is or has to be a perfect device. :slight_smile: I’ve been in I.T/networking for a while and am aware that few things in I.T / life are perfect. This is where the engineering side comes into play.

  2. As I understand it, all of my requirements for “Ideal Router” & “Basic Setup” are met by a hAP AC2 or AC3. Which requirements in those lists, do you think is “not supported” on a hAP AC2/3 ?

2.1) Any bonus requirements are just that, a bonus, so if they are not supported / possible /available, then it’s not the end of the world. :slight_smile:

  1. USB is 5v, I have USB 5v to 12v converters that work on laptops & power my HAP AC2 or AC3. This was mentioned 2x in my post. :slight_smile:
7

There closer on unreleased hAPax (L41G-2axD):
See: http://forum.mikrotik.com/t/wifi-6-roadmap/136609/191

Still 2.4Ghz, but USB power, AX and more ports.

8

My full travel router set is “MQS” + “hAP AC Lite” + “mAP Lite”
(not “hAP Lite” ! but “hAP AC Lite”)

mAP Lite does the public wifi connection (auto wifi selection via “connect list”) and VPN, powered PoE from hAP AC Lite, which is powered PoE from MQS , which is powered from laptop or car USB or powerbank.
This ‘de luxe’ travel kit has some redundancy. MQS console in hAP AC Lite is just an extra option. Just as the mAP Lite function could have been done in the hAP AC Lite