hot spot router
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
hot spot router
i'm trying to find a WIRED ONLY router that i can use for a hot spot internet cafe i'm using about 30 computer can anyone reccomend not so expensive rounter
do you have any ideas as to what kind of access you want the guest accounts to have? will they need a password?albertldee wrote:i'm trying to find a router that i can use for a hot spot internet cafe i'm using about 30 computer can anyone reccomend not so expensive rounter
off the top of my head i think the Belkin N1 router has this. basically internet-only access with no local network visibility. whether or not it can be password free i dont know. i suggest checking out the manual for the basic model or for the fancy onboard display Vision model (.pdf manuals). in addition i would suggest some searches along the same vein to see what else is out there.
"Today is a black day in the history of mankind."
- Leo Szilard
- Leo Szilard
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
with a guest login, you can determine what kind of access to your wireless LAN clients have by their login credentials (if there are any). in this case, what you want is internet-only access for "hot spot" users, yes? personally, i would prefer it if anyone off the street cannot connect and start probing the LAN and all the systems connected to it.
"Today is a black day in the history of mankind."
- Leo Szilard
- Leo Szilard
I think most people would recommend a DD-WRT router at least as a Gateway to manage the hotspot.
DD WRT firmware supports Chilispot and Sputnik Hotpot portal software out of the box as well as AnchorFree Ads (to get free money from ads from client browsers).
http://www.dd-wrt.com/wiki/index.php/Chillispot
The go too router for DD-WRT firmware is the Linksys WRT54GL but only has 16MB of RAM (200Mhz CPU) and may not be sufficient for the 30 concurrent users.
http://www.newegg.com/Product/Product.a ... pk=wrt54gl
The WRT610N is kind of supported and a lot of work is being done to get all features working. It should be supported fully in a few months.
http://www.dd-wrt.com/wiki/index.php/Linksys_WRT610N
It has a 300 CPU and 64MB of RAM and has a two radio 802.11n chipset.
If it is a large cafe you can always setup a WDS network with multiple DD WRT routers.
Oh did you mean wireless or wired. For Wired internet with dedicated workstations you provide for your customers, you'd want a RADIUS authenticated Gateway. For this buy a small computer/serverand install ESXi VM ware, then install FreeRadius and a Gateway distro like IPCOP, PFSense, ZeroShell on the VM server.
http://forums.speedguide.net/showthread.php?t=235860
For Wired, you must have RADIUS MAC NIC authentication or someone can hack your network and siphon data from your clients (using wireshark), which is bad, unless you pay for a cheap VPN service and configure it on each machine and also your Gateway. Witopia is only $5 per month.
DD WRT firmware supports Chilispot and Sputnik Hotpot portal software out of the box as well as AnchorFree Ads (to get free money from ads from client browsers).
http://www.dd-wrt.com/wiki/index.php/Chillispot
The go too router for DD-WRT firmware is the Linksys WRT54GL but only has 16MB of RAM (200Mhz CPU) and may not be sufficient for the 30 concurrent users.
http://www.newegg.com/Product/Product.a ... pk=wrt54gl
The WRT610N is kind of supported and a lot of work is being done to get all features working. It should be supported fully in a few months.
http://www.dd-wrt.com/wiki/index.php/Linksys_WRT610N
It has a 300 CPU and 64MB of RAM and has a two radio 802.11n chipset.
If it is a large cafe you can always setup a WDS network with multiple DD WRT routers.
Oh did you mean wireless or wired. For Wired internet with dedicated workstations you provide for your customers, you'd want a RADIUS authenticated Gateway. For this buy a small computer/serverand install ESXi VM ware, then install FreeRadius and a Gateway distro like IPCOP, PFSense, ZeroShell on the VM server.
http://forums.speedguide.net/showthread.php?t=235860
For Wired, you must have RADIUS MAC NIC authentication or someone can hack your network and siphon data from your clients (using wireshark), which is bad, unless you pay for a cheap VPN service and configure it on each machine and also your Gateway. Witopia is only $5 per month.
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
A lot of enterprise VPN routers work great and, but most have a fatal flaw - their WAN --> LAN and/or LAN --> WAN routing speeds are terrible and usually can only route about 25Mbps WAN --> LAN.
If this is suitable enough for you for a few years, consider a cheap Netgear FVS318G for $130. It can handle up to 6,000 concurrent connections whoch should be enough for your needs. It is not suitable for any P2P application because of the VPN timeout issue.
http://www.smallnetbuilder.com/index.ph ... &Itemid=51
http://www.netgear.com/Products/VPNandS ... S318G.aspx
For a regular SOHO router, a DD-WRT or OpenWRT router is probably what you want, use MAC filtering or RADIUS. The problem is that these may not be able to handle all 30 computers simultaneously. The good thing is the router only costs $60, so you can buy it first and see if it can manage your needs. There are also many resources out there for DD-WRT and especially OpenWRT (but openWRT usually means you need to access the command line because not everything can be done through X-WRT). These routers should be able to do most of the things you need. They both also support VPN servers running on the units themselves and can both act as VPN endpoints for added security (Witopia is only $5 per month and well worth it). QoS is not very robust and may take a long time to configure it for your setup.
You may want to consider buying a $300-$500 PC to act as your gateway, because it is guaranteed to be able to handle the routing and connections and software is also updated regularly. Untangled and IPCop are very popular and Untangled even has Antivirus/spyware and Antispam built into the firewall.
If i were doing it myself, i would run a Radius server. I would then buy the $300 PC and install VMWare ESXi and run both FreeRADIUS and a Firewall/Router Distro on the same machine. AMD Windsor 6000+ is a great buy these days for dual core 3Ghz (may be overkill). A Intel E5200 should suffice.
This method will be able to handle future improvements to the network like adding more workstations, but if I were you, I'd try the SOHO router
If this is suitable enough for you for a few years, consider a cheap Netgear FVS318G for $130. It can handle up to 6,000 concurrent connections whoch should be enough for your needs. It is not suitable for any P2P application because of the VPN timeout issue.
http://www.smallnetbuilder.com/index.ph ... &Itemid=51
http://www.netgear.com/Products/VPNandS ... S318G.aspx
For a regular SOHO router, a DD-WRT or OpenWRT router is probably what you want, use MAC filtering or RADIUS. The problem is that these may not be able to handle all 30 computers simultaneously. The good thing is the router only costs $60, so you can buy it first and see if it can manage your needs. There are also many resources out there for DD-WRT and especially OpenWRT (but openWRT usually means you need to access the command line because not everything can be done through X-WRT). These routers should be able to do most of the things you need. They both also support VPN servers running on the units themselves and can both act as VPN endpoints for added security (Witopia is only $5 per month and well worth it). QoS is not very robust and may take a long time to configure it for your setup.
You may want to consider buying a $300-$500 PC to act as your gateway, because it is guaranteed to be able to handle the routing and connections and software is also updated regularly. Untangled and IPCop are very popular and Untangled even has Antivirus/spyware and Antispam built into the firewall.
If i were doing it myself, i would run a Radius server. I would then buy the $300 PC and install VMWare ESXi and run both FreeRADIUS and a Firewall/Router Distro on the same machine. AMD Windsor 6000+ is a great buy these days for dual core 3Ghz (may be overkill). A Intel E5200 should suffice.
This method will be able to handle future improvements to the network like adding more workstations, but if I were you, I'd try the SOHO router
albertldee wrote:faust i already got the wireless part coverd i'm using the zyxell g-4100 v2 hotspot gateway to extend the rage in'm using a cisco aironet 1310
no worries, bud. in hindsight i did kind of assume a lot and couldnt help but take the wireless security concern idea as a priority. did not know you already had other hardware/policies in place.
"Today is a black day in the history of mankind."
- Leo Szilard
- Leo Szilard
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
Hey,
VMware ESXi is a free server OS that lets you install multiple Operating Systems on the same machine and have all OS's run concurrently. So you can install Windows, Linux, FreeRadius, DD-WRT x86 and any other OS you want through VMWare onto the same physical machine and have the OS's all run at the same time, saving you huge amounts of money because you don't need to buy a new server for each OS you want to have running.
It is actually very easy to do and worth setting up for the IT experience. It is by far the most robust solution out there and you can even install DD-WRT or OpenWRT on the computer because they have x86 builds. Hoever, the IPCOP distro solutions are better for this PC hardware.
You really don't need a computer with a lot of horsepower for your application. A $300 computer will do (or cheaper like $250) as long as it has two Network Cards or Dual NIC mobo. You only need to Run FreeRADIUS and IPCOP at the same time.
This computer is only $260 and is ready to run (no monitor mouse keyboard speakers). You just need to buy another gigabit NIC which is $10-$15 at most.
http://www.tigerdirect.com/applications ... 0&CatId=31
http://www.tigerdirect.com/applications ... 4&CatId=31
If you find the Netgear does what you need then stick with it. Keep in mind the routing speeds are very slow so if your Internet Downlink is faster than 25Mbps, say 50Mbps, this router is capable on only routing 25Mbps MAX.
VMware ESXi is a free server OS that lets you install multiple Operating Systems on the same machine and have all OS's run concurrently. So you can install Windows, Linux, FreeRadius, DD-WRT x86 and any other OS you want through VMWare onto the same physical machine and have the OS's all run at the same time, saving you huge amounts of money because you don't need to buy a new server for each OS you want to have running.
It is actually very easy to do and worth setting up for the IT experience. It is by far the most robust solution out there and you can even install DD-WRT or OpenWRT on the computer because they have x86 builds. Hoever, the IPCOP distro solutions are better for this PC hardware.
You really don't need a computer with a lot of horsepower for your application. A $300 computer will do (or cheaper like $250) as long as it has two Network Cards or Dual NIC mobo. You only need to Run FreeRADIUS and IPCOP at the same time.
This computer is only $260 and is ready to run (no monitor mouse keyboard speakers). You just need to buy another gigabit NIC which is $10-$15 at most.
http://www.tigerdirect.com/applications ... 0&CatId=31
http://www.tigerdirect.com/applications ... 4&CatId=31
If you find the Netgear does what you need then stick with it. Keep in mind the routing speeds are very slow so if your Internet Downlink is faster than 25Mbps, say 50Mbps, this router is capable on only routing 25Mbps MAX.
-
YeOldeStonecat
- SG VIP
- Posts: 51171
- Joined: Mon Jan 15, 2001 12:00 pm
- Location: Somewhere along the shoreline in New England
I'd run PFSense myself.
Very strong traffic shaping/QoS features, so one or two people doing heavy work will not negatively affect the performance of your other users.
Untangle would be another great distro...as it has some UTM features to help protect your machines.(additional antivirus/antispyware scanning, good content filtering)
It has a built in captive portal if you wish.
VMWare is a way to have 1x large powerful physical server and you can run several "virtual servers" inside of it. So for example you can have a big quad core Xeon with 16 gigs of RAM, and you can run 4x installations of Windows Server inside of it, each sharing the CPU and splitting up the RAM and hard drives space and network card. Pretty handy and some useful tools, however I don't use VMWare for any firewalls/edge devices...I prefer to keep those on a separate physical box.
Very strong traffic shaping/QoS features, so one or two people doing heavy work will not negatively affect the performance of your other users.
Untangle would be another great distro...as it has some UTM features to help protect your machines.(additional antivirus/antispyware scanning, good content filtering)
It has a built in captive portal if you wish.
VMWare is a way to have 1x large powerful physical server and you can run several "virtual servers" inside of it. So for example you can have a big quad core Xeon with 16 gigs of RAM, and you can run 4x installations of Windows Server inside of it, each sharing the CPU and splitting up the RAM and hard drives space and network card. Pretty handy and some useful tools, however I don't use VMWare for any firewalls/edge devices...I prefer to keep those on a separate physical box.
MORNING WOOD Lumber Company
Guinness for Strength!!!
Guinness for Strength!!!
Yes,
Like stonecat said, uplink and downlink QoS is a must to assure all 30 users have a smooth internet experience. A PC (x86) linux distro firewall might be needed if the netgear begins to choke in heavy use. Untangled is not the only Distro with a AV filter. Many distros are extensible through plugins and provide free AV filtering (Copfilter for IPcop for example). Zeroshell has a builtin RADIUS server and AV shield as well.
VMWare (and Xen etc...) is not only used for high performance servers (though, that is the vendors targeted market). If you use lightweight storage or firewall operating systems, regular PC Hardware works just fine for a hypervisor environment. It is encouraged to use virtualization to save money on the initial capital cost and the expensive operating costs from electricity since you will already be running 30 PCs in your cafe.
Like stonecat said, uplink and downlink QoS is a must to assure all 30 users have a smooth internet experience. A PC (x86) linux distro firewall might be needed if the netgear begins to choke in heavy use. Untangled is not the only Distro with a AV filter. Many distros are extensible through plugins and provide free AV filtering (Copfilter for IPcop for example). Zeroshell has a builtin RADIUS server and AV shield as well.
VMWare (and Xen etc...) is not only used for high performance servers (though, that is the vendors targeted market). If you use lightweight storage or firewall operating systems, regular PC Hardware works just fine for a hypervisor environment. It is encouraged to use virtualization to save money on the initial capital cost and the expensive operating costs from electricity since you will already be running 30 PCs in your cafe.
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
yeoldstonecat
i have that problem now at a store i useto manage so i got a packeeteer packetshaper for about $140 i heard it's the best u see everythign because it's connected between the router and switch boy i'm telling u when they start to use that aries download everything stand still have u ever use that packeetter packetshaper before is it good
i have that problem now at a store i useto manage so i got a packeeteer packetshaper for about $140 i heard it's the best u see everythign because it's connected between the router and switch boy i'm telling u when they start to use that aries download everything stand still have u ever use that packeetter packetshaper before is it good
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am
this is the setup i have
Modem -> Neatgear Router ->Internet Phone|camera|Server|Packetshaper
Packet shaper - > Linksys switch -> patch Panel - Computer
All computer running
the wireless is on a different system because i'm not in the store i'm using the zyxel g4100 v2 it's a stand alone wi-fi hotspot for hotel and so on it come with a printer if someone need wireless time the cashies just press a button and it print the username and password better accounting for me cause i only drop by the store once in a while
does that setup sound ok anything i'm missing always open to improvement
Modem -> Neatgear Router ->Internet Phone|camera|Server|Packetshaper
Packet shaper - > Linksys switch -> patch Panel - Computer
All computer running
- Windows XP
- Cafe Suite Client to control time and price
- and Misc. Program office & so on
the wireless is on a different system because i'm not in the store i'm using the zyxel g4100 v2 it's a stand alone wi-fi hotspot for hotel and so on it come with a printer if someone need wireless time the cashies just press a button and it print the username and password better accounting for me cause i only drop by the store once in a while
does that setup sound ok anything i'm missing always open to improvement
-
YeOldeStonecat
- SG VIP
- Posts: 51171
- Joined: Mon Jan 15, 2001 12:00 pm
- Location: Somewhere along the shoreline in New England
Haven't used it....it's a big old name, been around for a while, commonly used in large/enterprise environments. I specialize in SMB (Small - Medium Business Network).albertldee wrote:yeoldstonecat
i have that problem now at a store i useto manage so i got a packeeteer packetshaper for about $140 i heard it's the best u see everythign because it's connected between the router and switch boy i'm telling u when they start to use that aries download everything stand still have u ever use that packeetter packetshaper before is it good
One thing I like about Untangle is you can block many of those common p2p/torrent types of traffic, so a few of those abusers won't bring your network to its knees for your legit users.
Not being familiar with Packeteer, I'm sure they would be like others and allow you to classify certain types of traffic and assign parameters to it, so that you could take this Ares music downloading traffic for example, and give it a trickle of a bandwidth allotment.
MORNING WOOD Lumber Company
Guinness for Strength!!!
Guinness for Strength!!!
-
albertldee
- Regular Member
- Posts: 261
- Joined: Thu Jul 18, 2002 4:20 am