I just moved into a student dorm for a semester abroad, and beforehand I emailed them asking whether they had ethernet ports to plug my router into (I use it to connect all my devices, and for WiVRn VR streaming). They confirmed that I could, but now that I’m here the wifi login portal is asking me to accept these terms from the ISP, which forbid plugging in a router. There’s another clause that forbids “Disruptive Devices” entirely, defined as:
“Disruptive Device” means any device that prevents or interferes with our provision of the 4Wireless to other customers (such as a wireless access point such as wireless routers) or any other device used by you in breach of the Acceptable Use Policy;
So what are my options? I don’t think I can use this service without accepting the terms, but also I was told by the student dorm support that I could bring a router, which contradicts this.
EDIT: some additional context:
- dorm provider is a company separate from my uni (they have an agreement but that’s it)
- ISP (ask4) is totally separate from dorm provider, and have installed a mesh network that requires an account. On account creation, there are many upsells including one for connecting more than one device. The “free” plan only allows me to sign in on a single device, and I can upgrade to two devices for 15 pounds.
- ethernet requires login too
- VR streaming requires a high performance wifi 6 network, which is why I bought this router (Archer C6 from tp-link)
You must log in or register to comment.
That seems pretty standard stuff. My dorm had the same policy, because they operated their own mesh network and didn’t want students sending out their own radio signals that would have absolutely made their wireless network not work well.
Is there some reason you need your own router?
ETA: The student dorm people probably meant a network switch. Regular, non-techy people don’t usually know the difference between a router and a switch.
Yeah, the interference argument is fair, but I think this is also the ISP (totally separate third party) trying to protect the paid plans they sell for connecting more than one device…
trying to protect the paid plans they sell for connecting more than one device
It’s definitely 90% of the reason
So it’s a network operated by a third party? That’s interesting. The handful of universities I’ve been to maintain their own.
My university had student apartments, each had their own router. No weird rules since it wasn’t the university’s network at all, it belonged to whoever lived in the apartment. Full router access, connect whatever, put it in bridge mode and connect your own if you want.
If there’s enough space between them, it would be less of an issue. If it was in a multifamily high rise with hundreds of units, I would expect it to cause issues.
psst
Hey, kid, don’t tell anyone I told you about this
*Lifts coat
iodine
https://code.kryo.se/iodine
Description: tool for tunneling IPv4 data through a DNS server
This is a piece of software that lets you tunnel IPv4 data through a DNS
server. This can be usable in different situations where internet access is
firewalled, but DNS queries are allowed.You got the goods! I used an HTTP tunnel when I was in college.
I also like the idea of ptunnel
Ptunnel is an application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies.
I don’t understand how that can be reliable without being extremely obvious.
Man, I wish I knew this back then. I used Google translate as a proxy. Then that was blocked, so I used babelfish’s built-in translation engine which was touch and go. This would have helped a lot lol
I love things that can route internet over something that should not be used for that. For example I’m thinking of making same thing over SMS and Veloren/Minecraft (or anyother videogame)'s private chat or something.
Does it work with DoH ?
No, this is specifically for DNS over UDP (Port 53). What you’re looking for is just an HTTPS proxy. There is no difference between a DoH connection and any other HTTPS connection.
The reason they don’t want you using your own WiFi access point is probably because dorms are prone to over congestion if everyone sets up their own WiFi network.
If you wanted to fuck with them-and you don’t mind spending money-then you could set up your WiFi and get internet via mobile carrier or starlink, so that you never actually have to agree to their terms. Then when/if someone comes around to bitch at you you can watch them slowly come to the conclusion that they’ve got nothing on you.
Otherwise your options are to follow the rules to the letter and live without vr streaming, or accept that you might get in trouble. Some WiFi routers can be configured to not advertise their network; annoying because you’ll have to manually enter the network information on every device, but it might keep you from getting caught.
As for connecting multiple devices without paying; there’s probably some creative ways to tunnel all your traffic through a single device to get around that. Could still get you in trouble if you’re caught.
If you’re doing anything that could get you in trouble with the school make sure you save the email in which they told you using your own router is allowed.
Ah such a masterful plan, paying for your own internet
Tbf you’re paying for the college to provide you internet.
Ah but that one isn’t your own it’s shared
I got news for you about almost every ISP
You don’t actually need internet for the VR streaming part, so you could just set up a router not plugged into the wall
So most dorms don’t want you using your own routers because a bunch of student routers causes A LOT of inference.
You should probably reach out not to the dorm folks but the university networking folks as they’re the ones that will ultimately make the decision on whether or not to turn things off/disconnect you.
A cheap networking switch would probably be okay by them to get some more wired connections in your dorm room (routers aren’t really a great way to do that).
As a secondary concern, using a router will cause a double NAT for all your connected devices (universities don’t operate in the way ISPs do). That could cause some weird networking shenanigans, particularly for anything peer-to-peer like online games.
That’s good advice, however this dorm is not part of my uni (just a partner to provide housing) and the internet provider whose T&C I’m expected to accept and sign up for 1y of are a totally separate legal entity, that has a bunch of upsells for stuff like “connect more than 1 device” (which my router/AP would basically be bypassing, and I think that’s what these clauses are about). About the interference, is it possible to limit it severely while still having a reliable connection just within my room? I only really want to connect:
- Laptop (wired)
- Phone
- VR for streaming from laptop
You can do a few things to reduce interference if the device broadcasting the signal supports it. Unifi APs support these settings. Most routers with WiFi probably do not support transmit power.
- Adjust transmit power to lower setting
- Higher the frequency, shorter the range (but that frequency may be highly used in the area), so #3 is the better option
- Analyze the frequency usage and picking a frequency that is least used
- If 2.4Ghz band isn’t necessary disable it and only use 5Ghz since it’s a higher frequency it again has a lower range.
- You could also faraday cage your room so the signal won’t leak out, but thats probably more work than its worth.
You shall not use or attempt to use a device or software (such as NAT, Address Masquerading, Proxying, or the connection of an additional wireless router) that would allow you to connect more than the number of devices set out in the Service Information to the Network.
One of the ways they detect this is by checking the TTL of the packets coming from the “one” device is less than expected. If your router is using OpenWrt, you can configure an iptables rule to reset the TTL of outgoing packets to the default.
Assuming they have their own wifi, they just don’t want you using wifi off of your own router. A wired connection should be fine.
Unfortunately, connecting to the ethernet port still prompts me to log into the network (make an account and accept these terms)
Accept the terms and ignore them
And if they complain, show them your previous correspondence with them
Would that work even if the T&Cs are for a third party (the ISP), while the correspondence is with my dorm provider (not legally related to my uni, they just have a partnership)?
Probably not. But there is a good chance that they won’t notice at all. If they do, you can always take it down.
Maybe use an inconspicuous ssid? Like a similar name to a company or institute nearbyTurn off SSID broadcasting entirely. Hidden networks require more technical expertise to discover than most people have.
The ISP techs will still be able to find it, but there’s little reason for them to go looking when nothing seems out of the ordinary.
This is what I was going to recommend. Worse case scenario the internet gets shut off and he has to email somebody and say he won’t do it again. Most likely that nobody will notice or care.
100% the correct answer.
I would just accept the terms and disable wifi, or if you don’t want to double nat just use a switch and accept the terms / login on every device connected to the switch.
This isn’t rare and not altogether a bad idea.
My university had a problem of students bringing their own WiFi routers before the dorms had WiFi. Students would set them up incorrectly and cause a series of problems with colliding DHCP servers and interference and it would cause outages for nearby wired students.
A lot of IT departments locked the network down for these reasons.
Students would set them up incorrectly and cause a series of problems with colliding DHCP servers
That’s an IT problem, not a user problem. The downstream ports should have been isolated at both the link and packet layers. Configuring a router to share an unrestricted LAN between a dorm full of untrusted users is a disaster waiting to happen.
If you are really worried about getting caught not following the exact rules as written, you could always pay for multi device connections… then they won’t care.
But it’s definitely possible to set up your VR router in a way that is not gonna bother anything. Most people in this thread don’t know that your VR router doesn’t need internet access. If the VR stream is all it is doing, it can be isolated from the internet, and the isp won’t know or care it exists.
The other thing about rules, that they don’t tell us autistic people, is that following rules is actually kind of optional. Certainly more optional than it feels like to us. Think about it in terms of what the people were thinking when they wrote the rules, and who will be enforcing the rules and what they will care about. And what the enforcement of the rules would look like. (In this case, the most likely initial outcome of them enforcing these rules would be either an e-mail or paper letter telling you they noticed you are breaking a rule, possibly with details to help you stop breaking it, but likely not). Try to sus out the “spirit” of the rules rather than the letter of the rules. That is how all the other humans use rules and why to us it always feels like everyone is breaking all the rules and getting away with it.
If you follow every rule to the letter… you really can’t do anything. At all. Like, literally, even we are breaking rules we don’t yet know about every single day.
Looks like that tos is just for the wifi network, if you’ve got an ethernet port then that won’t be using the wifi.
The ethernet connexion still requires a login/account creation/T&C acceptance sadly.
Users are often dumb. Imagine 100 people who think they know what they’re doing trying to set up a bunch of custom networking.
That’s your dorm.
Most dorms either outright prohibit using personal hardware like that or require the schools IT department to install it themselves and set it up.
Run a network of your own someday and you’ll understand. It’s hard enough to get your own network working perfectly without a bunch of wildcards popping up everywhere.
Using your own WiFi router also bypasses the wireless security settings to access the school network.
Some resources are only available while on the network (printers, access to library, academic papers, other student hardware). Now imagine a random person in a coffee shop next door had u limited access to these resources via an unmanaged access point.
Name and shame that crappy backwards university.
It’s perfectly reasonable there’s no shame involved.
The part that isn’t reasonable is the misrepresentation. The Ethernet ports in the dorm aren’t allowed to be used with WiFi routers, contrary to what the student was told beforehand.
The rule might be fine, but not lying about it. If it was just a mistake, the dorm company should still attempt to make it up to the student. This was a deciding factor in choosing this dorm, by the sound of it.
Not all that surprising. I don’t know of any network manager who’d happily allow rogue routers on their network, particularly if you still have it configured as a DHCP device and not a pass through device, which most college students do not consider and will very much disrupt campus network performance.
Why does the dhcp on the router affect the main network? I’d think if it has its own network the main network would only need to deal with the router, as opposed to all the devices connected to the router if it was passthrough?
Ah! I just saw you specified if it’s configured for pass through. If it is configured for pass through, then yeah it likely won’t cause issues on the network. The DHCP server is the critical bit.
From a network management perspective, though, they still won’t want these because you have to trust all these college students are going to properly configure their devices - most of them won’t know how and won’t bother figuring it out. And then you still have the issue of a bunch of unmanaged access points to your network, which is just poor security.
Yeah a simple little unmanaged switch would solve all these issues for about $20 and probably wouldn’t break the ToS.
Yeah. I think OP’s issue is they may have a few devices that are wireless only. Not sure of the best way to handle those.
Ah yeah just saw they specifically want to connect a VR headset wirelessly. I’m not real sure how to approach that either, if there’s any kind of port on the headset at all they could potentially adapt it to RJ45 but that defeats the whole point.
If a wireless connection is a must OP is just going to have to disable SSID broadcast, restrict it to certain MACs, and try to lock it down as much as possible and hope for the best. If they do it right it’ll won’t interfere with other devices and no one will ever know.
I just saw you specified if it’s configured for pass through.
I didn’t, that’s just bad grammar. Edited the comment
Because that router will be broadcasting DHCP signals and offering IPs, conflicting with the authorized DHCP servers on the network. This wiki article will probably explain it better. I’m not so good with the words an such.
A consumer router only operates DHCP on the LAN side. Presumably one would plug the WAN side into the university network, making this a non-issue.
Some of my other replies address that. Worked in IT on a college campus, and every class will have at least a few clueless users who just plug the cables into the LAN ports.
Makes sense. Would that not be trivially mitigated by just blocking dhcp responses from unapproved servers on the switch though?
Should be, yes. At that point it’s a question of how well the network was configured. I’d hope this wouldn’t be much of an issue these days - I did graduate from college in 2011, and I’m sure (hopeful) campus networks have improved since my student IT job days. These days my router config experience is from the ISP side. The only private network I’m responsible for is my own, thankfully!
I went to college in the mid-late 2010s and I recall they specifically banned WiFi routers, but when I checked what they meant specifically all they cared was that it didn’t broadcast on the 2.4 or 5 ghz spectrum and if it was all wired I was fine.
I don’t know much about networking but that page seems to be about someone else setting up a dhcp server without the knowledge of the administrators or the users. In op’s case the concerns about mitm attacks don’t apply and the other concerns sound like problems that could arise in cases of misconfiguration or if the users aren’t aware they’re connected to a different network. I also couldn’t see anything about it affecting the main network’s performance
I mean, it’s all right there in the first two paragraphs. Keep in mind that by DHCP server we aren’t talking about something specifically set up by people with malicious intent. A home router is a DHCP server when not configured for pass through. Students who don’t know how routers actually work (we can’t all be IT nerds, lol) plug them into their dorm Ethernet jack, and now you’ve got an unauthorized device offering IP addresses that conflict with the authorized DHCP servers, which can quickly start causing issues with any new devices trying to connect to the network, and existing devices as their DHCP leases expire. Also keep in mind that we’re talking about a college network that will likely have local network resources for students like shared drives that would not be accessible to anyone connecting through the rogue device. Your IT department will quickly start getting complaints about the network that are caused by an access point you have no control over.
I see, I thought routers knew not to do dhcp on the Wan port
Typically they do. Which is great until you get a student who doesn’t understand WAN vs LAN and plugs both connections into the LAN ports. Never underestimate the power of a Stupid User.
They do know enough to not send DHCP leases upstream…
If you plug the dorm ethernet jack into the LAN side of a consumer router, there’s a chance they don’t.
Sure, you can catch this if you watch the dhcp leases your router is handing out, but…
Which is all well and good until you get someone who plugs both connections into the LAN ports.
Downvoting just because I pointed out a scenario you didn’t think of isn’t so classy.
I’d be happy to set my device to passthrough mode, but I think the ISP prevents peer-to-peer connections (which my laptop would make to the VR headset) unless you buy one of their plans for Chromecast/smart TVs. Would that prevent it from working? And would I still be able to connect multiplw devices despite their one-device limit?
It’s hard to say without knowing all the details of how the college configures their network. Back when I was in college, I had a student job with the campus’ IT department, and students running into issues getting all their devices connected was a regular issue at the start of every year.
The main problem with most college networks is that you’ve typically got an enterprise setup that’s also having to double as home internet service for those living on campus. Depending on when the network was built it was likely only planning for students to have a laptop, maybe a desktop too, as opposed to modern times when just about every electronic device has an internet connection.
Some things just may not work like they did at home.
That’s fair yeah. In my case the dorms are a separate unrelated company from the uni (they just have a partnership) and the ISP is yet another third party that did the install and sells extras to each student. I think it’s pretty scummy since I read my whole dorm contract and it never said this would be a condition to the “free fast wifi” access.
Is there a limit to the number of devices allowed to connect that this rule is trying to enforce?
Either way, if the vr headset doesn’t need internet connection you could connect your computer to the internet wirelessly and to your own router via cable for vr.
Eww, yeah, that sounds like a crappy setup to milk more money from students with no other option - especially if you’ve got student aid requiring you to live in school housing.
You may want to see about getting your own wireless carrier internet service. Not the best solution, but at least it would be yours and unrestricted.
I’m only staying for a semester (via Erasmus, or what remains of it post-Brexit) so while I did consider this I don’t think it’s very viable.
Fair enough. My recommendation would be set the router to pass through and see if it works. Just secure the wireless network created by your AP - be a responsible network policy violator!
I don’t really have any other ideas that wouldn’t involve additional hardware, which doesn’t make much since give the short time you’ll be there.
Mine didn’t either when I lived in a dorm. I got around the network block.
- Plug Xbox 360 into ethernet wall port
- Log into uni network, get internet
- Plug router directly into pc.
- Assign router same ip as Xbox
- Spoof router mac address to match xbox
- Unplug from pc
- Quickly swap cable in wall from Xbox cable to router cable, Indiana Jones style
- Internet for 1 month. Repeat monthly.
I would set up your router, turn off ssid broadcast and forget about it. It’s doubtful they have the equipment to find an access point that doesn’t actively announce itself to the world .
Edit: it means you will have to manually add your wifi network to your devices by typing in the ssid on them but other than that there shouldn’t be any issues
They will find it. Hidden is a software switch and your device just doesn’t show it. It’s still being advertised, however.
If they go looking. It’s unlikely they went out of their way to purchase and configure specialized devices in the building to catch it proactively.
I work IT at a university. They do go looking for this sort of thing. Every time students move in and plug in their equipment from home, entire network segments collapse. There is a game of whack a mole each time the term starts.
If somebody goes and causes an outage, I would expect nothing less than a tech walking around and trying to triangulate the offending router.
But in OP’s case, it’s an external ISP that provides internet services to the dorm. As long as nobody gives them a reason to start looking, I don’t expect a for-profit ISP to be sending out a contractor proactively beyond the first week of move-ins. That costs them money, and likely a lot more money than they would recover by catching the handful of people trying to dogde the per-device upcharge.
You may be right. The sales side lines up a contract, installer comes out, and they move on.
Maybe it depends on the access point. When I turn it off on my router there are no beacons sent. Unless you specifically probe the ssid it doesn’t announce itself. BUT granted when you make a connection the ssid does show up during the handshake. If you were watching at the exact moment of connection then it would be detectable. I suppose they could use a mass deauther device and cause new connections and detect while that is happening but they they would need to triangulate the location of said ap… Again a lot of extra equipment.
