Modular, cheaper boat internet solution via Netgear and MikroTik

I’ve written a lot about my boat network, and in particular, Peplink products that offer a ton of functionality and features. However, those come at a cost – the top of the line compact unit from Peplink can run almost $1000. For the last 6 months, I have been playing with configurations and hardware that cost less, but still provide flexibility and features that more expensive solutions offer.

The Search

I started by thinking about the criteria for on-boat networking and came up with some basic, high level requirements.

Local WiFi – must be able to create a local WiFi network running both 2.4Ghz and 5Ghz bands. Both are required because many locations have too much interference for 2.4Ghz to work properly.

Local Ethernet ports – there should be a few Ethernet ports on the device to allow for connection to items on your boat that cannot use WiFi.

Remote WiFi – must be able to grab remote WiFi signals and use them as a source for the Internet connection. Ideally this should be done via an externally mounted antenna/system.

LTE Internet – must be able to use a standard LTE connection to provide Internet access.

DC power – should run off of DC power, preferably 12v.

Relatively inexpensive – commercial vendor solutions start at $600 and don’t meet all of these requirements. Most are $800-1200 for all requirements, so this solution should be cheaper.

Modular – if possible, it should be modular so various components can be swapped out for lower/higher performance, and when protocols/standards change/improve.

Note that I did not include plug-and-play or dead-simple configuration. I am willing to spend a bit more time setting something up, and have a deep computing and systems background, but I tried to make this solution for someone who has a moderate computing background, or is at least willing to do some work to save some money. If you expect a simple wizard or one screen configuration, this is not the product/solution for you – you are better buying one of the more commercial solutions.

Commercial Solutions

There are a ton of options out there for Internet access both at home and while mobile. I’ve mentioned a few before, including Peplink and Cradlepoint. These are fully commercial solutions that cost quite a bit of money, have tons of features, and are really good for networking nerds like myself, or folks who need abundance of features or functionality. They are generally produced for mobile applications, but lately many manufacturers are targeting the marine industry. The problem with many of these solutions is the cost, both initial and support for ongoing years, and the proprietary hardware they lock you into. I personally use the Peplink Max Transit on Grace and recently upgraded to the newer LTE radio version which was almost $900. I have dual LTE SIMs that can I choose from, 2.4 and 5Ghz WiFi, a LAN port that I uplink to a switch, and a WAN port that goes to my WiFi booster. You can see more details in Grace’s Redundant Internet Setup.

I use fancy rate shaping features, monitor things from cloud services, and do all sorts of other wonderful things that I find interesting, but that I have heard from many boaters, are not interesting to them. It is a great piece of hardware and software, but it comes at a price, and locks you in to their ecosystem.

In addition to those vendors, there are marine specific solutions like the Wirie, Rogue Networks, and many others. Many use the same hardware as you will see below adding a simplified UI to the product, and providing remote support. The cost for this is usually 2-4x times the list price of the hardware, and can drive their solutions up to a similar price point as larger commercial vendors. At the time of this article, the Wirie Pro with LTE added on is $800, and has less than half the features of the Peplink. They are often hard to get (out of stock a lot!) and don’t necessarily have the support department behind them that the larger vendors do.

The biggest reason to choose any of these vendors is the all-in-one solution and support. If you don’t want to get your hands dirty configuring a MikroTik, then look no further, these are for you.

Many people also grouse and complain about how much these solutions cost compared to their “home WiFi router” – take a minute and remember two things. First, if you have been in boating long enough, you know anything with the word “marine” before it makes things far more expensive! Second, does your home router have an LTE connection along with a long range antenna boosting a remote WiFi signal? I thought so. You only have one piece of the three part puzzle that you need on the boat.

Testing

I tried a number of different vendors software and hardware, and reviewed even more online. The first set of tests involved looking for a solution where all or most of the functionality was in one single system. This proved to be very difficult, and pushed the cost up very quickly. In many cases, the only solutions were integrated from several other pieces of hardware, and sold by a company as a service, with large price tags as a result.

Even cutting down some of the criteria didn’t fix the biggest problem of all – LTE internet access. While getting a product that has an LTE radio in it isn’t that hard, having good software around it is surprisingly difficult to find without caveats or features you don’t need. Many companies, including Peplink, Cradlepoint, Mushroom Networks, and many more, provide an entire set of products around managing internet connections via LTE. The features alone around failing over between LTE links, VPN sharing, signal strength monitoring, etc. are very complex, and warrant the $800-1000 price tags for some of that equipment.

After discarding all of the expensive vendors, that left a lot of smaller companies and platforms. Having used many of them at work and in past projects, after reviewing even more of the smaller companies, I finally settled on two front runners – MikroTik and pfSense.

I considered several other commercial and open source projects but was never happy with the feature set or hardware that they produced. In many cases, they did not produce hardware at all, and required that you buy off the shelf stuff, which is fine, but once you throw in DC power, switch ports, and WiFi radios, it gets expensive, or requires integration.

pfSense has been around a very long time, and are primarily known as a firewall product. In recent years they were purchased by Netgate, and have been producing their own hardware. However, you can install pfSense on hardware of your own if you so choose. It is an amazingly full-featured firewall with tons of options and features, and plugins to add even more functionality. However, their WiFi support is complex, has limited hardware choices for a DC 12v install, and very poor LTE radio support.

MikroTik has been around a long while as well, and combined with their RouterBoard hardware, offers a crazy amount of differing hardware platforms all with the same OS. I’ve written about MikroTik before, and use a Groove AC as my main remote WiFi unit on Grace. MikroTik offered far more hardware choices that looked good, have an OS that is similar in features to pfSense, although sometimes difficult to interact with, but also had bad LTE support.

At the end of all this testing, I never found a single solution that could provide the core items you would find in a Peplink router – LTE, WiFi and some ethernet ports, all running at 12v DC. Time to break things up into parts!

LTE Solution

After a lot of attempts at trying USB dongles, LTE WiFi access points (commonly called Jetpacks or MiFi), I stumbled across a set of products from Netgear that looked perfect – the LB1120 is the model I chose. This is an LTE modem with varying configurations of Ethernet ports, and nothing else. Not a USB dongle, WiFi access point that has crappy features, or anything else – just raw LTE radio and Ethernet port, which was perfect for my configuration. It is also quite powerful radio/signal wise.

Netgear LB1120 LTE modem

There are three models to choose from, the LB1120, LB1121, and LB2120. The LB1120 has a single Ethernet port, the 1121 a single Ethernet port that can accept PoE, and the LB2120 with two Ethernet ports – WAN and LAN.

 

I chose the LB1120 so that I could have a simplified configuration – one LAN port that connects to my on board router and provides a high quality LTE signal.

NETGEAR 4G LTE Modem – Instant Broadband Connection | works with AT&T and alternate carriers (LB1120)
  • Get automatic 4G LTE connection | Built-in Gigabit WAN for simple connection to your router, switch or computer
  • Fast 4G LTE speeds up to 150 Mbps for downloads and 50 Mbps for uploads with 4G to 3G fallback support
  • Works with any AT&T data plan, and also with alternate carriers
  • Two TS-9 connectors available to connect optional 4G/3G antennas to Improve performance of your mobile broadband
  • SMS message alerts for firmware updates, data usage, and failover to LTE

The LB2120 could work depending on your setup, and I actually tested that unit and had high hopes for it. It has a LAN port and a WAN port with failover functionality built in. I had tried to use the WAN port to connect the remote WiFi grabbing device, but found that when the WAN port failed a health check, it took the port down, which meant that I could not configure the device upstream of it to fix the problem. Sort of a catch 22 situation that would require disconnecting that upstream device in order to add a new WiFi network that I was trying to amplify, so I wouldn’t recommend it for that particular configuration.

The LB1121, which can be powered by PoE, is not likely worth the cost, as it would have to have another device capable of producing PoE. If you continue down and choose not to use a remote WiFi grabbing device from the router, then you could feasibly use it to power the Netgear but I didn’t test that.

Note that I tested the Netgear LB1120 on AT&T and T-Mobile in the US. Your mileage may vary with other providers. It does appear that this device does not have world-band coverage, at least in the US, so please review the models and band coverage carefully if you need international coverage.

A must have accessory for any of the three models is the Netgear MIMO antenna, which plugs into the two ports on the back of the modem and helps ensure you have a quality signal.

Netgear 6000450 MIMO Antenna with 2 TS-9 Connectors - Retail Packaging - Black
  • Improve performance of your mobile broadband devices when indoors or in fringe zones with this portable antenna, covering a wide band spectrum (700MHz to 2600MHz).
  • Usable indoors or outdoors. Frequency Bands: 700-906/1710-1990/2110-2170/2500-2700 MHz
  • Improve performance in areas with low 3G or 4G signal strength
  • Compatible with Telstra Mobile Broadband Wi-Fi
  • Aircard 753S or 754S Mobile Hotspots

The performance of this Netgear setup really impressed me in all conditions. The power of the radios and additional gain from the antenna made for one of the highest performing LTE solutions I’ve ever used. The diversity radios made a huge impact on throughput, and not having other random features made for a really simplified configuration. Having software that will use the WiFi device upstream if available, and fall back to LTE when unavailable is similar to high end features on commercial solutions.

This would be a fantastic addition to a boat network with an existing router, but without any LTE.

Router Solution

After  testing a bunch of different hardware and reviewing many others online, I found the best router to be the MikroTik hAP AC. The hardware is simply superior to anything else I could find for the price. It includes a 2.4Ghz/5Ghz WiFi AP, 5 ethernet ports, including one PoE, and operates off of DC power over a wide range. The operating system has a lot of flexibility, and while relatively esoteric and sometimes hard to use, provided most of the features (if not all) of the more expensive commercial choices.

I don’t understand how MikroTik can make such a powerful box for so cheap – the feature set and hardware rival solutions router makers for your home or office.

MikroTik hAP AC lights showing WiFi active and Ethernet port 1 connected

The hAP has 5 ethernet ports, one of which can generate Power over Ethernet (PoE) power outbound to run another device, and one which can accept PoE power in to run the entire router. I chose to use DC power from the boat, and keep things simple. It also has a USB port if you want to try to use their LTE support (don’t), lights for each port and the WiFi radios, a reset button, and that’s about it.

The biggest challenge to any MikroTik device is configuration. Using MikroTik’s winbox configuration tool can help with this, but ultimately you will have to do some research depending on your exact configuration.

I have included a basic configuration example from my testing which setup the hAP in the following:

  • Ethernet port 1 as the WAN connection – this is what should be plugged into the Netgear and is “outside” the firewall
  • Ethernet ports 2-5 as your LAN connections, protected by the basic MikroTik firewall and able to be used for cabled devices
  • WiFi radios for both 2.4Ghz and 5Ghz turned on with network name “your-ssid” and password “your-password” – please change these!
  • Basic firewall setup denying all traffic from the WAN port but responding to ping and allowing existing sessions. Your mileage may vary, and I highly recommend reading more on MikroTik’s site and forums about improving security and your firewall.

The configuration file is available here: sailbits-mikrotik-hap-ac

MikroTik hAP AC RouterBoard, Triple Chain Access Point 802.11ac (RB962UiGS-5HacT2HnT-US)
  • The hAP ac is our most universal home or office wireless device.
  • It is a dual band device with Gigabit ports that allow the full advantages of 802.11ac technology speed, while maintaining compatibility with legacy devices in 2GHz 802.11 b/g/n and 5GHz a/n modes.
  • The omnidirectional antennas allow to mount the hAP ac in any location, and the high power transmitter will ensure good coverage for the mobile devices in your home, office or public location.
  • Other helpful features include a USB port for attaching extra storage or a 3G/4G modem, PoE output on the last Ethernet port, to power other RouterBOARD devices without needing an extra power adapter and an SFP cage, for connecting active or passive optical network modules.
  • Operating System RouterOS - License level 4

Remote WiFi Solution

Having done extensive testing in this area a bit over a year and a half ago, I revisited the various vendors that were part of my tests then, and looked for new ones. Even with that update, I still stand by my current solution for this – the MikroTik Groove AC.

The Groove is a two piece WiFi unit that runs off of Power over Ethernet. It is meant to be mounted outside so that it has a better chance to pick up remote WiFi networks, and comes with clamps and points to make that easy. There’s also an adapter to provide PoE power from a wall wart – I modified mine and connected it to my 12v DC system on the boat.

There’s one Ethernet port on the bottom with a water proof cover. You can run an outdoor quality Ethernet cable from the unit inside to where the router is.

International users please note: the link below is for a US only “locked” version. If you are using this internationally, you should look for the “unlocked” international version.

Groove A 52 ac
  • Mikrotik RBGrooveGA-52HPacn Outdoor CPE 802.11ac support, Weatherproof, durable and ready to use.
  • Mikrotik RBGrooveGA-52HPacn comes with Level 4 license and includes Dual Band 2.4/5GHz Omni directional antenna.
  • Wireless standards 802.11a/b/g/n/ac
  • GrooveGA 52HPacn Antenna 6dBi (2.4GHz) 8dBi (5GHz)
  • 720MHz RAM64MB Storage size 16MB RouterOS License level 4

Configuration Choices

I decided to show a couple different configurations possible with this set of equipment based on needs.

LTE & Remote WiFi

 

This is the full featured solution with both LTE and WiFi internet sources available. Port 1 on the MikroTik hAP router connects to the Netgear for LTE internet access, and port 5 connects and powers the MikroTik Groove via power over ethernet (PoE) to capture remote WiFi signals.

To configure failover between LTE and WiFi, I recommend reading Two gateways failover and Advanced Routing Failover on MikroTik’s site. Please note the example configuration file provided above does not include the failover configuration.

Based on how you configure failover, you could have WiFi as primary when a network is connected, and only use LTE when absolutely needed. I personally use LTE all the time, and only turn remote WiFi on when I know there is a network nearby that is high quality, and that I can get on reliably. I have found most marina networks to be slower than LTE or have issues with quality signal (see Marina WiFi is Hard). As a result, I have mine configured with the MikroTik Groove disabled most of the time unless I absolutely need it, and rely on LTE.

Whichever way you configure it, this setup gives you the best of both worlds with plenty of flexibility.

LTE Only

This is the cheapest and simplest configuration, but also one that many folks choose if you don’t care about grabbing remote WiFi signals. Pretty simple and straightforwards – ethernet from router to Netgear. The example configuration provided in sailbits-mikrotik-hap-ac will work for this setup.

Given that less and less marinas seem to be providing WiFi (at least around here), this seems like a more likely way for folks to get Internet on the boat via LTE.

Power

All of these devices accept 12v DC. The MikroTik can accept from 10-57V, the Netgear accepts 12V, and the MikroTik Groove accepts PoE from 10-30V.

I’ve run the Netgear on the boat for 4+ months at widely varying voltages from 11-14+ without any issues, but your mileage may vary. I doubt it is designed as well as the MikroTik – if you’re worried, either run it off of AC/inverter power, or use a buck converter to take whatever voltage you are producing on the boat, and make sure it’s always 12v.

For the MikroTik router and the Netgear, I simply wired their barrel connectors into a DC fuse block each with their own fuse matching the manufacturers specs. For the MikroTik Groove, I prefer using the MikroTik hAP router’s PoE port, but I have also used the provided PoE adapter, lopped the barrel connector off, and run it off of the varying 11-14+ volt boat power system by connecting it to the same DC fuse block with its own fuse.

Modularity

Not only is this setup modular to the point that you could swap things in and out, but you don’t have to use all of the pieces to begin with.

If you already have an onboard router, but don’t have LTE, grabbing the Netgear is an easy way to add it with minimal cost, but providing a high performance connection.

Same with the on-board router – if you don’t have one now, and are a DIY’er, the MikroTik has a fantastic set of WiFi radios for both 2.4Ghz and 5Ghz, runs off of boat power, has a ton of ports, and can be expanded on later.

You can even combine a booster with this configuration and supercharge it, although it will add almost double the cost. You can read more about how to do this in Best LTE antenna and booster for the boat.

Pricing

Here are the general costs at time of writing.

LTE & Remote WiFi:

ItemPrice
Total$381.20
MikroTik hAP AC router$127.66
Netgear LB1120 LTE router$111.15
Netgear MIMO antenna$27.49
MikroTik Groove A 52 ac$99.90
Various ethernet cables$15

LTE Only:

ItemPrice
Total$271.30
MikroTik hAP AC Router$127.66
Netgear LB1120 LTE router$111.15
Netgear MIMO antenna$27.49
Single ethernet cable$5

Comparison

While saving this much money is nice, it is important to review the benefits in choosing something like this over a more expensive commercial solution.

Pros

  • Less expensive than a single commercial solution
  • Modular – when LTE category X comes out, you don’t have to replace the entire unit to get the faster access (which is the case with Peplink/Cradlepoint).
  • Simpler components – if you need to replace/upgrade/change one part, its easy to do.

Cons

  • 3 devices instead of one – adds more cabling, power, etc.
  • Complex configuration – this is not something to overlook. The MikroTik OS in particular is complex and very modular, but also very frustrating to many people. It is best if you have some sort of computing background – this solution is not for those who want plug and play or simple wizards to set things up. If that is what you need, you are stuck paying for a more expensive solution.
  • Integrated features missing – the commercial solutions have features that take advantage of the fact that they are controlling all aspects of your Internet connection – WiFi, LTE, LAN, etc. – and can leverage that for some really nice features. Some of these can be achieved with the above, but they are not as robust.

Conclusion

For roughly half the price of a single-vendor solution, you can build an Internet setup on your boat that allows for a local 2.4Ghz & 5Ghz WiFi networks, four Ethernet ports, LTE internet access, and remote WiFi internet access. It does require a bit more configuration, but you will have a quality solution that can be updated, upgraded, and expanded on without much effort.

21 thoughts on “Modular, cheaper boat internet solution via Netgear and MikroTik

  1. Great article. Super useful.

    Would you be interested in collaborating on an easier-to-configure interface for the Mikrotik Groove? There’s a node.js module for controlling it. You seem adept at many Mikrotik things and I can easily build the progressive web app part. I suspect most people want to be able to simply pick an AP from a list and just start using it.

    Also – I built a combined AP + Groove unit that can run off 12v. Could I bring one over for you to try out? It was designed to be portable and easily stowed during cruising without the need for any external antenna mounting.

    • Aquabelle: thanks for catching that! I had originally given my configurations funny names, and had three configurations instead of two. I also was using the Netgear LB2120 instead of the LB1120, but after testing found that the LB2120 was not suited for the configuration, and given that it cost more, I removed it from my recommendations.

      The other configuration missing was the MikroTik hAP AC router connected to the Netgear LB2120, and the Netgear using its WAN port to connect to the MikroTik Groove. That was much simpler in terms of the MikroTik hAP AC configuration, letting the Netgear choose to use the WiFi MikroTik Groove or LTE, but it didn’t work reliably. In particular, the Netgear would shut off the WAN port if connectivity wasn’t available via the Groove, which meant you couldn’t get to the Groove to configure it to use a different WiFi network. Sort of a catch 22.

      I’ve updated the post to remove that name and make sure things are all consistent!

  2. Steve: given how many of your growing band of followers are outside the US, it is worth noting that the MikroTik Groove AC is available in two models. The ‘locked’ version is intended for use within the US only. For all other countries, the ‘unlocked’ version should be ordered.

  3. Steve,
    Thanks for the great article! This realistic approach is within my grasp, both financially and insofar as the skills needed to get it up and running.

    I’m interested in optimizing LTE reception as we want to spend a lot of time exploring the BC coast, anticipating areas of weaker signal. Last month you wrote a great review of LTE antennas. While the WirEng was the top choice, the Wilson was your number two pick and costs about a third of the WirEng. What do you think about the cost-benefit return of spending the additional money above the Netgear MIMO antenna and adding the Wilson? I know it wouldn’t give the benefit of a diversity antenna, but perhaps a second inexpensive antenna could be sourced to address this.

    Those boosters you reviewed are obviously desirable in areas with weak signal, but they’re priced beyond the scope of this project.

    Thanks again for sharing your expertise with us!

    • Anson,
      Thanks for the comment! Glad to hear that this could help you with a project.

      Having two antennas (diversity) is more beneficial for throughput and performance, not necessarily signal strength. Of course, having the Netgear add-on antenna would be better for signal strength than just the built in antenna for the Netgear router, but not anywhere near as much as an outside-mounted antenna.

      Some folks have found that the WirEng BoatAnt antenna is hard to find, and that they’ve even been pointed to a newer version that costs $500! The Wilson is still a fantastic antenna, and both because the BoatAnt is hard to get, and for cost reasons, I would definitely recommend it.

      If you decided to use the Wilson, and end up also using the Netgear LB1120, you’ll need a converter from whatever cable you end up using (I believe the Wilson comes with some) to the connectors on the back of the Netgear. I don’t have those specs right in front of me now, but I’m sure it’s pretty easy to validate.

      Having the Wilson outdoors and connected to the Netgear will definitely help with hard to find signals, as long as you mount it up away from other interference and use a short amount of high quality cable.

  4. Steve: is there a strong case for the gigabit ethernet ports in our typical on-board applications? The MikroTik hAP Lite is available with ac wireless and almost the same spec, but has standard 10/100 ports…and is about 40% of the cost. I am thinking of CE/MaxSea and networked radar and sounders….

    • Aquabelle: the hAP Lite has one other missing piece – 5Ghz wireless. If you frequent decent sized marinas, I highly recommend you don’t skip that feature. I can think of 3 marinas near me where 2.4Ghz wifi is so saturated that even on my own boat down belowdecks, it is unusable.

      However, back to your original question – most marine equipment that I have come across, even ethernet connected high fidelity sounders/radars, would operate fine at 100 megabits. I’m sure over time some of the newer stuff will use more bandwidth, and I would steer away from anything that is not a full switch. Hubs and some of the MikroTik stuff can have impacts if they are a simple bridge and not fully switching.

  5. Steve: hAP Lite DOES have 5Ghz (I wouldn’t consider it otherwise) but is has just one chain vs 3 chains for 2.4Ghz. Interpreting the significance of ‘chains’ in wireless topographies is way, way above my paygrade though!! But I’m guessing squarely in yours….!?

    • Hmmm we must be looking at different model numbers then. I see the hAP Lite (https://mikrotik.com/product/RB941-2nD) which only has 2.4Ghz, the hAP Lite TC (https://mikrotik.com/product/RB941-2nD-TC) which also only has 2.4Ghz.

      Ah found it, we’re talking about the hAP **AC** Lite (https://mikrotik.com/product/RB952Ui-5ac2nD) which does have 5Ghz. Compared to the one I used above, it has a slower CPU, half the RAM, same license levels (important for features), slightly smaller footprint, and much less power usage (8W vs 17W!).

      It does have less performant antennas as well as less chains and overall WiFi performance, but if you don’t have that big of a boat, you should be OK. The normal hAP AC will definitely outperform this one in both speed and in coverage given its higher gain antennas and more chains.

      A good alternative! There are so many choices to choose from with MikroTik – any of them with a license level of 4 and a few ports would work as well.

  6. Steve, great article, and very timely. I REALLY need to get an LTE solution instead of the useless Wi-Fi I have now….I’m curious about the recommended antenna for the LB1120 – it’s apparently quite small (4×6″ or so), and comes with a 1M cable. So – if you locate the LB1120 below decks, is this really going to help you much? I was envisioning something you could mount on the arch, or at least externally somewhere… Do you have any installed photos of the gear you described in the article? (and do you do any one-on-one marine consulting in the Seattle area?…jk…sort of)

    • Hi Grant,
      Thanks for the comments! Yes, the Netgear antenna is meant for window mounting nearby the router itself, not necessarily to be run outside somewhere. I don’t think it is weather proof in any way. Even if you have the router belowdecks, you could get the antenna up away from other interference and have it on the fiberglass hull or in a porthole, which would make a big difference.

      I searched for a photo of that particular part of the install and I don’t have one handy. I had the router in my Internet Alcove, which is a cabinet belowdecks, and ran the antenna cabling up through a gap to a porthole, and used the suction cups it came with to attach it to the porthole. Of course that might not be terribly usable if someone wanted to open the porthole, but it was the best way to get signal without a booster, and without just using the standard antennas.

      One way to test if you are already planning on the Netgear router is to order it without the antenna and see if you have decent signal wherever you mount it. You could also look at adding a booster, external and internal antennas if you really wanted it to perform at top notch, but that of course costs more $ and power (see https://sailbits.com/best-lte-antenna-booster-boat/).

      Even the smaller Netgear antenna, mounted near the Netgear router would still be better antennas than the ones internally, but it might not be a huge improvement, just enough to allow diversity to work better, or something similar like that. Testing would be required wherever you’re going to install it.

      Surprisingly, I do actually do a lot of one-on-one consulting in the local area 🙂 People run into me while I’m on the dock or visiting another marina, or reach out and ask if I would look at XYZ networking thing, or something along those lines. Always happy to see other folks boats, make suggestions and share my knowledge, because inevitably I learn something new every time I am involved with someone else. That’s one of the main reasons I do this stuff!

  7. Steve, thanks much for the quick and detailed response. Please let me know the best way to reach you regards getting together on my boat – I would really appreciate a couple of pointers on this setup – many thanks,

  8. Steve, I’ve gone ahead and ordered all the gear you recommended (though I did end up ordering the hAP Lite AC version of the router). While I’m waiting for all to arrive, I have been going over the configuration steps necessary. I think I get what’s needed. But one thing is bothering me: the spare ports on the router I’ll use for my Furuno NN3D MFD and DRS radar. But the MFD insists on being the DHCP device (the ‘master’ in Furuno-speak). I don’t think I can have both the Groove set up as DHCP and the MFD trying to play this role too, can I? If necessary, I could disconnect the Groove when navigating using the MFD…but given my very limited networking skills, thought I’d throw this to you.

  9. Nice article.

    I have a USB3 powered hub with 3x 4T WD Passport disks attached (for media and backups.) Could I attach this to the USB port of the MikroTik hAP AC router and be able to access the drives over the Wifi ??

  10. Great writeup.

    FYI – the WiFiRanger GoAC is built on top of the same powerful MikroTik hAP hardware, but with completely custom software that addresses several of the issues you raised. In particular, the WiFiRanger excels at tethering to hotspots over USB, and it provides a very simple UI.

    For anyone interested in a simpler overall setup, it is definitely worth a closer look. It costs more – but the software and support is worth it to many.

    Our review of it:
    http://www.mobileinternetinfo.com/review-center/wifiranger-goac/

    Cheers,
    – Chris

  11. Great article Steve. I pulled the pin and bought all this gear: skipping the max transit for now. would love to see your config with both wifi and LTE setup. (if you have this setup). My current question is whether I should set both the groove and the HAP AC router to both be Routers with NAT in place, or whether I should configure the Groove as a bridge. If I wasnt going to setup LTE it would be super simple to have the groove be the router and just have the HAP AC be a wireless access point. Can you see any issues with having both the Groove and the HAP both be configured as Routers? ( I was going to create separate network address ranges so routing doesnt get weird between the LAN-HAP network and the Hap-Groove network)

    • Sounds like lots of new fun toys!

      I prefer to set them routed for a couple of reasons. First, routed mode means you can have separate networks, firewalls on each of the devices, and know exactly what you are connecting to at any time. Having a firewall on the Groove is nice because whatever WiFi AP you’re connected to could be compromised or have other traffic going on that you don’t want to repeat down to the hAP AC. It is also clear if you give out organized network addresses what is coming from where when you are debugging things. 192.168.10.0/24 is the hAP AC DHCP scope and WiFi/LAN network addresses, 192.168.20.0/24 is the Groove, etc. etc.

      I’ve also seen bridge mode on MikroTik devices completely hose networks, mainly because, well, they’re bridging. Bridges are powerful in that they usually forward everything from one side to the other. So if you had crappy traffic coming out of your hAP AC, and the Groove was in bridge mode, the Groove will happily forward it out onto whatever WiFi network you’re connected to. If someone noticed, they could ban you, or in many cases, if you are spewing too many packets, advanced WiFi network systems will slow you down or cut you off. Having a NAT means things that are forwarded by a bridge wouldn’t necessarily be forwarded by a NAT/routed configuration.

      Bridges in general to me are just harder to deal with when there is a problem.

      Many people worry about double NAT’ing or the number of NATs, and that just isn’t something to worry about anymore. On a mobile device, you’re being NAT’ed many, many times – even on a home network connection, or a marina WiFi connection, you are undoubtedly not directly on the Internet, and are being NAT’ed at least once. Another time doesn’t hurt, and it doesn’t add any significant latency or processing power for these situations.

      But if you didn’t want separate networks, etc. you could configure the Groove as a bridge, and the hAP AC as the router. I don’t remember exactly how you’d be able to get into the Groove if it was in routed mode, it might get funky if it is not connected to something…

      The best way, if you want a bridged config, would be as you mentioned – the Groove as the primary router, and the hAP AC bridged. I’d take a look at the CPU specs though, as I think the hAP AC has a much better CPU and more ram than the Groove, and would likely be a better candidate as a router.

Leave a Comment

Click here to subscribe to updates without commenting.