Re: How do I create/configure a secure wireless network for my office AND allow customers to connect wirelessly?

From: Bruce in Alaska <bruceg@xxxxxxxxxx>
Date: Thu, 17 Aug 2006 21:27:45 GMT

In article <1155826706.401135.317670@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
"Mark" <in2unow@xxxxxxx> wrote:

I am setting up a small business. I have a DSL PPOE account and
purchased a wireless router. I have one laptop that is wireless, 2
computers and 1 LAN printer that have NICs for wired lines.

This network presently is working well for me; all my PC's can share
files from each other, etc..

Now the fun part (this is where I need your help): I want to allow my
customers to bring their laptops into my store and wirelessly surf the
web while service is being performed on their cars.

What can/should I do in order to maintain a secure LAN network for my
computers (which includes one wirelss laptop) yet enable public
wireless access for my customers? I'm not sure what to do.

Thanks!
Mark

I run a MicroISP via both Wired and WiFi Access, and you problem is
not new. there are a few things that can be done to deal with the
Access Issues.

For wireless:

1. Buy Wireless Routers that have MAC Address Access Capability and
then when each customer comes in, enter his WiFi MAC Address into the
Routers Access List. This still allows you to use DCHP for AutoSetup
Negotiations, but restricts access to just those customers that you have
entered. The drawback is that you have to get each laptops MAC Address,
and load it into the router, the first time they use your network.

2. Use Static IP Adressing for each customers Laptop, and have your
wireless subnet, on a non-default IP Subnet.

For wired:

1. Some routers allow you to set a range of IP Addresses to have Access
to the WAN Port, and then use DCHP to only allow that range access thru
the router.

2. Use Static IP Adressing for each customers Laptop, and have your
wired subnet, on a non-default IP Subnet.

In my Network World, I have to deasl with multiple Mutually Exclusive
Subnets, that exist on a common Copper Wireplant. None of these
subnets are allowed to interact with each other, and since only
one DCHP Server is allowed per Routed Copper WirePlant Segment
only one of the Mutually Exclusive Subnets can use DCHP for
AutoSetup via DCHP Leases. The rest are Static IP Addressed. I have
multiple Mutually Exclusive WAN Gateways to the Internet, thru which
each Subnet access's the Internet. All my Wireless AP's (10+) a Router
Types and each of their WAN Ports are Static IP Addressed on one of the
Static IP Addressed Mtutally Exclusive Subnets. This allows me to use
the DCHP Servers built into the WiFi Routers to admin leases on the WiFi
and Wired Ports of each, thru the MAC Addressing Access list for each
WiFi AP, and by assigning the DCHP Server in each AP a different subnet,
I can see who is connecting thru which AP, and using which Gateway. I
also have a DNS Casheing Server/Web Server on that subnet that supports
the WiFi Network due to long latencies on my SAT Internet WAN Connection.
It is a bit convoluted but it works and I have positive control over
access on all ports, wired, and wireless, except on the Mutually
Exclusive subnet that uses DCHP, and I am not responcible for
maintainance of that network, and the guy that is doesn't seem to care.
I don't use any WiFi Encryption as this Network is out in bush Alaska,
and we don't get many snoops this fasr out, since the nearest road is
250 miles away. This makes connections very fast and easy to deal with
if problems arise on the WiFi side of things.

Brucee in alaska
--
add a <2> before @
.

Follow-Ups:
- Re: How do I create/configure a secure wireless network for my office AND allow customers to connect wirelessly?
  - From: Barry Margolin

References:
- How do I create/configure a secure wireless network for my office AND allow customers to connect wirelessly?
  - From: Mark

Prev by Date: Re: long ssh connect-times on WLAN
Next by Date: Re: How do I create/configure a secure wireless network for my office AND allow customers to connect wirelessly?
Previous by thread: How do I create/configure a secure wireless network for my office AND allow customers to connect wirelessly?
Next by thread: Re: How do I create/configure a secure wireless network for my office AND allow customers to connect wirelessly?
Index(es):
- Date
- Thread

Relevant Pages

Re: Best WiFi transmitters?
... I have 2 customers using this router. ... On the Wireless -> Basic Settings page, the 3rd box down is "Wireless ... That's a fairly new laptop that comes with Windoze 7 64 bit. ... No BlueToothe or Wi-Fi so interference from that phone is unlikely. ...
(alt.internet.wireless)
Re: Best WiFi transmitters?
... On the Wireless -> Basic Settings page, the 3rd box down is "Wireless ... signal strength to you get on the Acer laptop when things are working ... The laptop is in the living ... causing the router to go weird. ...
(alt.internet.wireless)
Re: wireless connection
... The router is an SMC Barricade 4 port wireless router with usb print ... > the laptop an internal one or card? ...
(microsoft.public.windowsxp.network_web)
Re: Renaming a wireless connection
... Replaced a router with a Belkin that has wired and wireless in its ... Desktop is wired to this router. ... Laptop found the wireless and connected with the name ... ||| I'm assuming we're talking the default SSID Name here? ...
(microsoft.public.windowsxp.network_web)
Re: Renaming a wireless connection
... || Replaced a router with a Belkin that has wired and wireless in its ... Desktop is wired to this router. ... | Laptop Computer Name? ... | I'm assuming we're talking the default SSID Name here? ...
(microsoft.public.windowsxp.network_web)