So, something I've really wanted to do, but don't have the chops for is this:
Make a small dongle that plugs into an ethernet jack and sets up an wifi access point that is run over a VPN. e.g. I could give one to my friend and any device they connect would connect to my VPN.
a) Is that possible?
b) Would that get around Nintendo Switch NAT issues?
The last time this chip came up I got the idea, but I'm not sure how doable it is.
Edit: I forgot that a stretch goal would be to change the setup. You could have the VoCore connect to a wifi network, and then plug the USB side into a device (nintendo switch doc or computer) to emulate a USB ethernet adapter, but of course send the traffic over wifi through the VPN.
Sounds like you are looking for a travel router. GLinet makes some good ones. I have one of these: https://a.co/d/gbWTmjS
I use it to connect to hotel WiFi then provide its own WiFi (or Ethernet) connection to my devices. It can connect to vpn to route the traffic like you mention.
Edit: I should also mention that it’s very doable to DIY this using OpenWRT, and some compatible SBC that has WiFi and Ethernet.
You don’t want something crazy underpowered like VoCore for this.
Many of the gl.inet routers can run vanilla OpenWRT out of the box—the linked router above (Beryl) included[1]. Be mindful that not every one of their routers can as some run unsupported chipsets that require a custom build, but many do. Can always check for support on the OpenWRT page for gl.inet routers[2].
Just here to second the recommendation. I'm in no way affiliated, I've just happily used several generations of their routers for this exact purpose.
EDIT: Wanted to point out that their newest and most powerful travel router with (upcoming—in the latest v23 release candidate[3]) support from mainline OpenWRT is the Beryl AX (GL-MT3000)[4].
Your challenge will be throughput, without hardware acceleration every packet needs to be handled by the CPU and you're going to pretty quickly bump up against throughput limits. Travel routers will generally offer hardware acceleration and have everything ready to go in one package, so great news - the thing you're looking for exists today!
The ESP32 chips have the ability to drive both Ethernet and Wifi. There is some onboard hardware accelerated encryption also. So in that case you could make the physical device easily enough. VPN can often do proxy-arp so that the NAT issue would not appear. Whether it would give you enough performance, unknown.
I've been doing just that with a Raspberry Pi Zero W and a USB ethernet adapter. The eth adapter is set to dhcp, and the wifi sets a hotspot. The wireguard adapter is routed/from to wifi with firewall rules. I even tested the Pi plugged to a powerbank and it still works.
For those wanting to do similar things, I found https://www.thinq.ai/RPi_Ethernet_USB_OpenWRT.html to be a pretty good page on how to do usb over ethernet in both directions with open wrt, which was a big chunk of the mystery for me.
> b) Would that get around Nintendo Switch NAT issues?
Depends on the game. Animal Crossing is particularly bad in that regard - say you have two kids and they want to be able to play with one remote friend each as the host, it's impossible: it will not work without the hosting Switch being completely exposed to the Internet, and there can only be one "catch all" device configured on your router at the same time.
I get that Nintendo doesn't wish to run a STUN/TURN setup but JFC, that's penny pinching on the wrong end.
Interesting. I did not know that about Animal Crossing. It sounds like that's because the last person is remote? I'd ideally be trying to resolve that quirk by using VPN (plus proxy-arp?) to put all the switches on the same VPN despite being geographically distant.
I dunno about a dongle, but yes that's fundamentally reasonable sounding. I would do it by taking a Raspberry Pi equivalent and setting it up with automatic Ethernet configuration, wireguard for the VPN, and hostapd+dnsmasq for the WiFi. I've never actually done the step of bridging the Wi-Fi access point to a VPN, but I can't imagine that it's terribly hard.
A USB powered Linux device with a USB-Ethernet gadget driver and Wi-Fi hardware should be possible, but that can’t be powered by a power-over-laptop-Ethernet-jack if that’s what you’re after; Ethernet is either isolated or well filtered and can’t provide current.
IIRC Facebook used to provide a small wifi router that you’d plug into your home network and it would connect itself to the office VPN, then just provided office wifi at home. Sounds fairly similar to what you’re suggesting.
Make a small dongle that plugs into an ethernet jack and sets up an wifi access point that is run over a VPN. e.g. I could give one to my friend and any device they connect would connect to my VPN.
a) Is that possible?
b) Would that get around Nintendo Switch NAT issues?
The last time this chip came up I got the idea, but I'm not sure how doable it is.
Edit: I forgot that a stretch goal would be to change the setup. You could have the VoCore connect to a wifi network, and then plug the USB side into a device (nintendo switch doc or computer) to emulate a USB ethernet adapter, but of course send the traffic over wifi through the VPN.