I just moved into a student dorm for a semester abroad, and beforehand I emailed them asking whether they had ethernet ports to plug my router into (I use it to connect all my devices, and for WiVRn VR streaming). They confirmed that I could, but now that I’m here the wifi login portal is asking me to accept these terms from the ISP, which forbid plugging in a router. There’s another clause that forbids “Disruptive Devices” entirely, defined as:
“Disruptive Device” means any device that prevents or interferes with our provision of the 4Wireless to other customers (such as a wireless access point such as wireless routers) or any other device used by you in breach of the Acceptable Use Policy;
So what are my options? I don’t think I can use this service without accepting the terms, but also I was told by the student dorm support that I could bring a router, which contradicts this.
EDIT: some additional context:
- dorm provider is a company separate from my uni (they have an agreement but that’s it)
- ISP (ask4) is totally separate from dorm provider, and have installed a mesh network that requires an account. On account creation, there are many upsells including one for connecting more than one device. The “free” plan only allows me to sign in on a single device, and I can upgrade to two devices for 15 pounds.
- ethernet requires login too
- VR streaming requires a high performance wifi 6 network, which is why I bought this router (Archer C6 from tp-link)
You must log in or register to comment.
I work in university IT so I have some experience here. Some schools are better than others but in general providing IT services for students is like trying to wrangle a herd of starving feral cats who are all in heat.
First of all I have never seen 802.1x implemented (Ethernet authentication) in the wild that wasn’t almost immediately removed. It’s a shitty protocol that’s terrible to debug. I totally get why they restrict APs … my god if every student had one it would be a pain. It would be like standing in a crowded room with everyone shouting and you’re trying to pick out one conversation 20 ft away.
My guess is you’re basically in a situation like my son was at ECU. It’s likely not really a university dorm but closely affiliated hence the reason of a third party. Or the central university IT is abysmal and can’t be bothered. Either way the only reason to use 802.1X is because they think it’s more secure, when in fact it’s way more trouble than it’s worth. You can do the same thing by controlling downstream routing or MAC filtering. The ECU “dorm” did that and it wasn’t much better honestly. You had to go into a website to add your MAC address to get access to the WiFi. Firstly how do you do that when your computer can’t talk to anything. Chicken and egg problem. Secondly for the ones who figured out how to do that using your phone, good luck getting a history major to figure what even what a MAC address was.
My suggestion is don’t bother. If they’ve implemented 802.1x they’re a micromanaged IT and will catch you eventually. I’d also guess they have completely overtaxed their egress traffic and your speeds are abysmal.
On a related note, when you graduate never ever rent from an apt complex that generously process WiFi or Ethernet. It will almost always suck, they will have no one to provide adequate tech support, and they are just using it as another revenue stream.
Sorry I don’t have better advice but if they control the network there isn’t really much you can do.
I was once responsible for a student house (we don’t have dorms in the US sense, this is the closest we have) and I have similar experiences but less extreme. My favourite was when I had forgotten to configure DHCP filtering and someone plugged in a router the wrong way so it started offering DHCP (that didn’t work) to everyone in the building, in a race with our upstream ISP.
Also, the times rats got into the networking room and ate random cables. I should add the network was built by volunteer students in the ‘90s.
I did this a work one time… sorta the same thing. I installed pfsense VM and left the DHCp server on. I killed the network in our office for about 15 minutes.
pretend you didn’t read it and press the button
Connect your PC to the network then run internal networking as you like through a 2nd interface?
Shit, ask4? I think they were the isp when I was at uni about a decade ago. I’m sorry to hear they’re still kicking.
If it’s still the same as back then, all the dorms are essentially on the same lan and they’re using Mac filtering at the gateway. Since this was before Https became ubiquitous this meant you could sniff other people’s http requests.
What you do (what we did) was sign up with one device and setup a proxy on it. I think we used squid-cache. But anything that will masquerade the traffic as coming from that one device should do the trick.
Yes, i think squid proxy would do the trick too. It even has installers for windows.
Mine didn’t either when I lived in a dorm. I got around the network block.
- Plug Xbox 360 into ethernet wall port
- Log into uni network, get internet
- Plug router directly into pc.
- Assign router same ip as Xbox
- Spoof router mac address to match xbox
- Unplug from pc
- Quickly swap cable in wall from Xbox cable to router cable, Indiana Jones style
- Internet for 1 month. Repeat monthly.
this gives me playstation 1 CD swap vibes
(inserting a legal cd to pass verification and then swapping it for your own cd)
TIL you aren’t a wireless professional until your hacks comes with a cinematic soundtrack.
You’re not a wireless professional if you use wired ethernet cables…
As someone who has administered networks and written policies like this the concern here is that you will run an open network that may be used for piracy, hacking, DDOS or to send bomb threats. Tracing down this type of behavior is required by law and allowing students to run open networks makes this near impossible.
Not only that, but managing wifi channel congestion in a dorm is a pita.
It’s tough enough when you fully control the airspace, to have nice clean coverage and overlapping cells.
But then add dozens or hundreds of individually managed APs in a tiny space…with DFS and/or 160MHz channel widths?
Ops best bet is to get their own 5g home internet and plug in.
You’ll be hard pressed to get a router to talk to a captive portal sign in…but if OP wants to get creative, this can easily be fixed with a dumb switch and a Linux PC with two NICs. You could use windows for this, but why would you?
That seems pretty standard stuff. My dorm had the same policy, because they operated their own mesh network and didn’t want students sending out their own radio signals that would have absolutely made their wireless network not work well.
Is there some reason you need your own router?
ETA: The student dorm people probably meant a network switch. Regular, non-techy people don’t usually know the difference between a router and a switch.
Yeah, the interference argument is fair, but I think this is also the ISP (totally separate third party) trying to protect the paid plans they sell for connecting more than one device…
trying to protect the paid plans they sell for connecting more than one device
It’s definitely 90% of the reason
So it’s a network operated by a third party? That’s interesting. The handful of universities I’ve been to maintain their own.
My university had student apartments, each had their own router. No weird rules since it wasn’t the university’s network at all, it belonged to whoever lived in the apartment. Full router access, connect whatever, put it in bridge mode and connect your own if you want.
If there’s enough space between them, it would be less of an issue. If it was in a multifamily high rise with hundreds of units, I would expect it to cause issues.
Is this a problem with 5G networks? There are more channels and they don’t go through walls as well, right?
Tl;Dr It’s complicated.
Do you mean 5Ghz networks (5G is cellular tech, after all)? If so, 5Ghz can travel through walls, but it doesn’t travel as far, because there’s an inverse relationship between range and channel width. Also, 5Ghz has a shorter wavelength; some of the signal’s light will get absorbed by the walls, but not all of it.
Ultimately, you’d still have the same problem: too many radios sharing a limited range of frequencies on a band would interfere with each other if sufficiently close.
It would be akin to having everyone playing different music at full volume on their own personal speaker; you’ll inevitably hear the people closest to you. Radios can’t “hear” anything outside of their chosen frequency (channel), but if other people nearby are also on that channel, you might catch or lose some unintended packets, triggering a resend event (TCP) or causing stuttering/lag (UDP).
The number of channels available for 5Ghz varies by country, with the EU having the most, iirc. In the US, if you try to force your router to use one of the blacklisted channels, your devices will likely not connect (unless they were directly imported), despite being able to use the 5Ghz spectrum.
Where I went to school, originally the dorms were on the university network but a year in they offloaded us onto regular, commercial ISPs. The change was great for us since the university network was very strict on stuff like torrents (using DPI any torrent, even legal, got you disconnected for 24h)
In that case, just set up a router level VPN. The university probably doesn’t give a shit. Which is why the help desk IT kid said it’s fine, probably.
It’s the 3rd party ISP just being greedy. The ISP may not even care as long as you’re not running an insane amount of traffic through it. Often this type of stuff is added to TOSs to allow them the option, if you’re being a bad actor.
As someone whose job it is to deploy and manage wifi at a small university-adjacent student accommodation, these are similar to my rules. There are enough students that know enough to cause a problem, but not enough to know the pitfalls. It’s best to just blanket cut this off for everyone’s best experience.
Can you give some examples of issues you mention?
A few stories:
I’ve had a student install a super cheap (g only) repeater to provide wifi to their car in the car park, due to its location a number of students ended up using that rather than our APs. This slowed access for them dramatically.
I’ve had a student physically remove an AP to get to the 2.5 gigabit port they connect to, they somehow thought that would be better than the 1G they have in their rooms, despite it all being the same link out.
An overseas student cloned a MAC of their device to a travel router and effectively ran a VPN server for their family to try and give them an IP in our country.
The accommodation only has an hour of my time per week or so, they’re not paying a lot so issues only get dealt with when I have the time for them, this leads to an extended period of bad access for folks and many complaints to the staff.
The main point of the story is that not all students take the experience of their neighbors into account. Hence the restrictions.
The difference here is that the ISP is up charging for multiple devices, meaning this isn’t all being done for benevolent reasons.
The way many apartments work for non-students is each has its own WiFi. Honestly compared to how bad some Hall’s WiFi is this is a better option, but it’s not without problems. A lot of ISP routers either don’t support or don’t turn on by default DFS channels, 5.8GHz channels, 6 GHz band, or have WiFi 6 for BSS colouring. This means there will be loads of interference between adjacent WiFi networks.
It’s really frustrating especially when you have ISPs like Virgin whose kit has DFS support, but despite touting smart wifi they just never enable it, and most people don’t know to enable it either.
Yea that is true, there’s definitely either a profit motive or they don’t think they have the bandwidth for everyone to have multiple devices and are this introducing an up charge/scarcity to cover up that.
The site I look after we have a restriction on device numbers, 5 per room. Even that is flexible and not really enforced as in reality the network will be fine with thousands even. The main restrictions are about device behavior and preventing causing interference or outages.
There’s only 120 rooms in the site I look after so it’s not massive.
We’re running W-Fi 6 with all channels enabled including DFS channels. We’ve great coverage (roughly one access point per 4 -6 rooms in a 90s building).
Not OP, but I’ll add on some more complications.
Your network is designed with the minimum number of access points you need to have really good coverage. Adding more access points to the rooms increases interference and takes up usable frequencies. Rogue access points are hard to find and university IT has very limited resources.
That enterprise gear of the colleges using it’s part of a bigger picture system with alerts and alarms and the ability to see an address problems and locate issues effectively.
Man, things sure have changed since I was in college. The university had one /15 and three /16s so every single ethernet port everywhere on campus had a publicly routable IP.
Napster was so goddamn fast…
Full 10Mbps line speed!
Honestly this sounds like a bit of a pickle. If I were in your situation I would just use one of the cellular carriers 5g internets. I personally use a T-Mobile 5g internet hotspot with a fresh tomato flashed nether 6700 plugged into it. Then I basically do all of my networking from that. Latency is a fair bit higher (usually about 30-50ms) but upload is significantly better than spectrum.
I remember when I was in college running a hackintosh. I was at the end of the hall and had awful Wi-Fi reception, so I just had my desktop emitting Wi-Fi for me and my dorm mate. I pirated some stuff but never seeded. I told my roommate about pirating and whatnot and showed him how to pirate Parks and Recreation. He didn’t turn off seeding. The university banned my MAC address, but luckily I could spoof one and have internet. He had to go to the dean and tell him he was sorry and that he won’t do it again to get my hardware MAC banned so I didn’t have to change it every time I booted up.
The fact that it was so simple for me to get around this ban was hilarious.
The reason they don’t want you using your own WiFi access point is probably because dorms are prone to over congestion if everyone sets up their own WiFi network.
If you wanted to fuck with them-and you don’t mind spending money-then you could set up your WiFi and get internet via mobile carrier or starlink, so that you never actually have to agree to their terms. Then when/if someone comes around to bitch at you you can watch them slowly come to the conclusion that they’ve got nothing on you.
Otherwise your options are to follow the rules to the letter and live without vr streaming, or accept that you might get in trouble. Some WiFi routers can be configured to not advertise their network; annoying because you’ll have to manually enter the network information on every device, but it might keep you from getting caught.
As for connecting multiple devices without paying; there’s probably some creative ways to tunnel all your traffic through a single device to get around that. Could still get you in trouble if you’re caught.
If you’re doing anything that could get you in trouble with the school make sure you save the email in which they told you using your own router is allowed.
Some WiFi routers can be configured to not advertise their network; annoying because you’ll have to manually enter the network information on every device, but it might keep you from getting caught.
Just name the network something like Samsung S20 Personal Hotspot. They’re not gonna look into why a student created a Hotspot with their phone.
Or, shit - lock the fucking door.
If it’s a dorm they have the key.
IT does? Damn, didn’t know - my bad. Where I’m from IT doesn’t have the keys, and the people that do have the keys know better than to try entering people’s dorms, unless it’s really something critical. Wifi doesn’t qualify.
Where I went to college, they probably didn’t directly have the key, that’d have to go through maintenance. But one of the things you signed on to initially was for maintenance to enter if they needed to while you were out.
Plus, at least half of the WAPs were actually in rooms and not hallways, so to service the network beyond IDF problems they’d have to get in
Ah such a masterful plan, paying for your own internet
Tbf you’re paying for the college to provide you internet.
Ah but that one isn’t your own it’s shared
I got news for you about almost every ISP
You don’t actually need internet for the VR streaming part, so you could just set up a router not plugged into the wall
You do if you are rendering in the cloud, e.g NVIDIA CloudXR. Not sure what OP plans to do.
NVIDIA CloudXR
that’s an incredibly tiny edge case.
Sure yet it’s a perfectly legitimate one. I’m not OP, it might be exactly their use case.
in a dorm room?
realtime cloud VR rendering for use in a dorm room?
A lab, sure.
A dorm bedroom?
pfft
I’m not sure if you played PCVR in the Summer but imagine that in a tiny room… it’s just way too hot. Again I’m NOT saying it’s good, or bad, I’m only saying you made assumption about OP usage. I’m not sure if you tried CloudXR but basically, it works and it’s not that complex to setup (e.g 1h) so it’s relatively faster and cheaper than building and owning a gaming PC.
I don’t understand why you are even arguing about a legitimate usage.
because I’ve been into vr for about a decade and know no one who uses cloudXR. 120hz ain’t gonna happen over a college dorm network. 90hz on quest 2 would be very challenging.
wait, you realize, his requirement for streaming has NOTHING to do with cloud rendering right?
Not a lawyer but if you have an email that says you can, I’d argue it’s override the ToS assuming the person giving permission actually legally can.
Anyway I bet what they avoid is reselling access so I believe as long as you don’t pay for yourself then resell to others you’ll be OK.
This. The ISP isn’t going to care about (or notice) a single person using a router. They will notice and care if 1 person is consuming the data of 20.
The email says that you can do it. It doesn’t say that you can do it without purchasing the upsell option.
And importantly, the email is from my dorm (whose contract simply said they provided free fast wifi), while these unexpected T&Cs are from the dorm’s ISP.
Is the VR streaming in the Local net (PC to Headset)? Just run the WiFi router without plugging it into the wall. Connect only the pc and the headset.
Also, appart from that, to use more wired devices, maybe use an unmanaged switch. Don’t think that does anything forbidden here.
Robust but complex solution:
-
Set up an encrypted VPN at the router level. Any encryption will work, even weak dumb encryption is fine. Any attempts to decrypt it would be mad illegal.
-
Turn off your SSID.
It is now functionally impossible to detect anything about the traffic or the Wi-Fi router without some serious or illegal methods.
It is now functionally impossible to detect anything about the traffic or the Wi-Fi router without some serious or illegal methods.
You should really spend some time learning about WiFi signals. Tracking down rogue Access Points is a pretty common thing and having the SSID turned off does fuck all to prevent it. On the easy end, many enterprise wireless network controllers have rogue AP detection built right in and will show you a map of the location of the rogue AP. Harder, but still entirely possible, is running around with a setup just detecting the signal and triangulating it.
Yeah, I mistyped part of the sentence. Should have been “without some serious effort or illegal methods.” Serious effort is well beyond most ISP’s. They aren’t sniffing wireless AP’s then busting down doors to find out if its a 5g AP or an AP using their network. I actually know quite a bit about WiFi signals. I happen to be certified in Meraki (CMSS). If the uni said “no wireless signals” that would be a completely different story.
-
