Mikrotik Hap ac -> OpenWRT

Wcool

Has anyone flashed a Mikrotik Hap ac with OpenWRT?

From Openwrt.org I can see it is supported:

https://openwrt.org/toh/hwdata/mikrotik/mikrotik_rb962uigs-5hact2hnt_hap_ac

But there is very little info on how to install. Only link I could find is this:
(basically a forum search)
https://forum.openwrt.org/search?q=RB962UiGS-5HacT2HnT%20(hAP%20ac)

And I couldn't find any independent article on the net with a thumbs up for this device.

Anyone tried this?

The high horse brigade

Why would you do this? There is literally nothing RouterOS can't do.

Wcool

Sorry only saw the reply now. While I agree with you that RouterOS has more features out of the box, there are several reasons for me:

1) The obnoxious user hostile interface. I am quite a technical person but I don't want to learn iptable principles for a simple port forward. Every time I want to configure something simple I have to do a DuckDuckGo search to help me get it done. The command line interface is bat**** crazy, some sort of castrated linux command line. Reporting is extensive but similarly burdened by overcomplication. I still don't know what to switch on to see a useful report of what device is using what connections over time.

2) It's not open source, While I do trust Mikrotik it's hard to fathom what is happening inside. With OpenWrt I can compile myself if needed and I can use my Linux skills to modify the system if I want to. I can't add extra functionality outside what Mikrotik provides.

3) (very minor0 there were some security issues with servers that running unprotected on the router (these have been fixed)

The high horse brigade

Wcool wrote: »

Sorry only saw the reply now. While I agree with you that RouterOS has more features out of the box, there are several reasons for me:

1) The obnoxious user hostile interface. I am quite a technical person but I don't want to learn iptable principles for a simple port forward. Every time I want to configure something simple I have to do a DuckDuckGo search to help me get it done. The command line interface is bat**** crazy, some sort of castrated linux command line. Reporting is extensive but similarly burdened by overcomplication. I still don't know what to switch on to see a useful report of what device is using what connections over time.

2) It's not open source, While I do trust Mikrotik it's hard to fathom what is happening inside. With OpenWrt I can compile myself if needed and I can use my Linux skills to modify the system if I want to. I can't add extra functionality outside what Mikrotik provides.

3) (very minor0 there were some security issues with servers that running unprotected on the router (these have been fixed)

I get you, I just thought you were trying to dumb it down

Re #1. Use winbox, then the command line will feel intuitive. It runs well in wine
Re #2. What extra functionality would you need
Re #3. Yeah I've had a tik at my mams hacked but it was a lesson, I've all mine updated and well locked down now.

I actually have 4 tik devices here on my home network, I have 3 vlans (main, guest and iot) and use cAPs and Capsman for wireless management which is similar to Ubiquiti Unifi but a little harder to configure with less bells and whistles

Wcool

I would love to investigate if I can create pihole functionality on my router.
https://pi-hole.net/

And I think wireguard is going to be massive.
https://www.wireguard.com/

Just imagine how life would become easy if it's just a standard linux box?!

OpenWrt has thousands of packages installable with a few commands or clicks
https://openwrt.org/packages/start


I never understood why Mikrotik never developed a user friendly interface. With the quality of the hardware and the prices they would blow away most of the competition bar some chinese brands.

The high horse brigade

Yeah I have pihole running in docker on a server, Can't live without it.
In fact I'm also using Nextdns on my phone which is pihole in the cloud
https://www.nextdns.io/

heffsarmy

The high horse brigade wrote: »

Yeah I have pihole running in docker on a server, Can't live without it.
In fact I'm also using Nextdns on my phone which is pihole in the cloud
https://www.nextdns.io/

Pihole great, blocks alot of ads on android apps. You can setup up your own vpn and pihole on google cloud on the free tier...

https://github.com/rajannpatel/Pi-Hole-PiVPN-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-OpenVPN-Configs

The high horse brigade

heffsarmy wrote: »

Pihole great, blocks alot of ads on android apps. You can setup up your own vpn and pihole on google cloud on the free tier...

https://github.com/rajannpatel/Pi-Hole-PiVPN-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-OpenVPN-Configs

Yeah but always on VPN on Android eats mobile battery. Android pie allows for private DNS

heffsarmy

You don't need to have VPN turned on all the time, only when you need it...The link I attached has been tweaked for mobile device to use lower battery.

The high horse brigade

heffsarmy wrote: »

You don't need to have VPN turned on all the time, only when you need it...The link I attached has been tweaked for mobile device to use lower battery.

Yes I have a VPN and pihole at home. It's cumbersome to have to connect a VPN to get adblock out and about which is why I use private DNS instead

@Op, did you get anywhere with this, I'm curious as I have plenty of Mikrotik devices lying about

Wcool

Not sure if you are referring to flashing router or pihole:

1 Flashing router: no, I don't dare at the moment, I do have backup routers but need to get some time in the weekend just in case of calamity. I also need to put back some tagging of packets so my ISP can see it's his traffic and I am not completely sure how it works and need to know what I am doing first.

2) pihole: yes I have pihole running with DNS over HTTPS enabled on a PI 2. I configured my Mikrotik to use the pihole as DNS server so I it is completely transparent to any device (I didn't have to to change any settings but to the Mikrotik router)

I used this guide for DNS over HTTPS Configuring DNS-Over-HTTPS on Pi-hole
I quite like the idea of using Google resources to get rid of Google advertising but at the moment I stick to disabling Google wherever i can: basically I don't use Google anymore except LineageOS Android.