Public Wifi

Posted on 2010-09-19
Medium Priority
Last Modified: 2013-11-09
OK, I'm a WIFI newbie.  We have a cisco 827 Router, cisco 350's as bridges, and cisco 1200 AP.  I just got funding for cisco aironet 1520's 3 or 4 of them.  I would like to setup the new wifi so we can see current usage, have a splash page, content filtering, and be able to stop filesharing.
 Does cisco offer a GUI for the end user to check on the current usage?  
 Are these features possible with this HW?
What is the best way we can maximize our covrage with this hardware, should we have a certin attenas or better AP's?  I was going to replace the current AP's with the new ones and remount the old ones someone else to extend coverage.  Would we simply get better coverage with new attenas?
I'm not even sure what to ask or where to start....HELP....
Question by:CCtech
1 Comment
LVL 37

Accepted Solution

meverest earned 2000 total points
ID: 33713748

there are quite a few specific questions amongst your post there - I'll try to pick them out and answer them all ;-)

A lot of the functionality that you refer to is not really a function of the hardware, but more about some kind of access software.  

Most advanced AP systems achieve access integration using RADIUS and there are lots of RADIUS solutions around including open source (e.g. www.freeradius.org) and proprietary (e.g. http://www.open.com.au/radiator/)  RADIUS server will allow you to permit or deny access to a list of username/passwords stored in a database or other store (e.g. text file, ldap etc)

Windows server also ships with a radius server (called 'Internet Authentication Service') that can support radius authentication to the windows userbase.

Support for user account details like check usage and change password and billing etc is usually delivered by a user account manager application.  There are lots of these sorts of applications available too - like emerald (http://www.iea-software.com/products/emerald5.cfm) and DuxTel Commander (http://www.duxtel.com.au/software_overview.html)

Content filtering, also, is usually implemented as an independent service, and often as a filtered web proxy server.  Another relatively simple implementation is use of DNS level filtering, like supported by openDNS (www.opendns.com)

There are a couple of ways to do authentication, depending on your requirements.  If you have a closed network where you want only authorised users to connect (like an office, corporate or other industrial application) then you will want to make sure that a user can't even connect to the wireless without providing credentials.  in that case you will apply your radius to the wireless layer using EAP/PEAP etc so that the user sees an authentication request as soon as they try to connect to the ssid.

If you want a more tarditional hotspot arrangement, when anyone can connect to the wireless and browse a few selected web sites (usally including a payment service) then you will want to use a hotspot system like chillispot (an open source solution) or the mikrotik hotspot that comes built-in with routerOS (www.mikrotik.com)

Last of all, you ask for comment on alternative hardware - personally, I'd say that you can't do much better than Mikrotik routerOS for price and performance.  You can buy mikrotik based hardware (www.routerboard.com) for about one fifth of the price of an equivalent cisco, and you get a whole swag of advanced features like p2p file sharing filters and built-in hotspot service.

You can deploy a 100% mikrotik network with routerBoard APs and gateways, or you can use other brand wireless AP (including cisco etc) and then use a mikrotik or linux + chillispot router as the authentication gateway.

To deploy over wider areas, I recommend to use some kind of repeater or mesh solution.  Most wireless AP hardware (including cisco) will support 'WDS' service which allows you to set up 'repeater' stations that extend the coverage of a single AP.  Some systems (including mikrotik) support a dynamic 'wds' system that allows you to create a self-learning mesh network where all repeaters automatically make a connection to the nearest running peer - and automatically reassociate with another device of that nearby peer goes offline for any reason.

Some devices (again Mikrotik included) can also support multiple gateways so that you can have more than one gateway with an internet connection in the wireless mesh, and repeaters will automatically choose the nearest operational gateway for redundancy and reliability.

So there's a few comments to hopefully get the discussion started - feel free to seek clarifications!

Cheers,  Mike.

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article we have discussed about the OS X EI Capitan and how to fix Wi-Fi issue in OS X El Capitan. We have explained how to delete system level preferences and create a new Wi-Fi location to resolve Wi-Fi issue.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

616 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question