Re: Securing WiFi in a Hotel/B&B

In article <8r1aq4d9tlpq4k9o1dreauepri6ft211si@xxxxxxx>, "Paul" wrote:


Why not just set a WPA key, change this weekly/daily and give it to
whoever asks.

That wont help much because if 4 rooms ask for the key on the same
day, it will be the same key, and wont separate it from the owners
connection anyway. So if anything happened on that particular day, all
five could be accountable?

Not if you get a block of public IP addresses from your ISP. A /29
(255.255.255.248) subnet would give you 8 public IP addresses that are
routed by your ISP down your one ISP connection. You then get your
router to allocate each fixed, public address to known locations in your
LAN. The router's logs should show, for each logged time period, which
public IP address went to which PC MAC address. Hence you know what
external Internet address, as known and logged by the external network,
goes to which visitor's computer, which goes to your computers, etc.
You can also set the router to hide your PCs from those of visitors or
go the whole hog and make each visitor's LAN computer invisible to each
other LAN computer.

You could even get visitors to "test" the login when they arrive, "so
they get the key correct", and you can "set the LAN security" by only
allowing connections from these pre-checked computers. Indeed, you can
make the router allocate a specified public address to a specified MAC
address which you can then equate to a single visitor's ID. *You* know
all this is just so you get the MAC address of the visitors' computers
into your router's log and so have a list of MAC addresses against each
vistor's name but the visitor will just assume you are somewhat paranoid
about security on your LAN. :-) Given your logs, you can supply
information to *authorised* enquirers as to which IP address was
connected to which computer, as identified by its MAC address.

There are other ways of achieving what you want, a simpler one of which
is converting to a wired LAN connections. That way, the public IP
address could be allocated to a given wired access point on your LAN in
the rooms.

Amongst other "business" ISPs, I know AAISP provide such blocks of
public addresses as part of their inclusive costs, providing you justify
the need.

--
John W
To mail me replace the obvious with co.uk twice
.

Relevant Pages

  • Re: About Mac Address
    ... connection with it's own collection of problems. ... it was working again with that mac address. ... has called, but my question is, did she possibly call and the ISP just ... some strange coincidence, you're connected to your unspecified router, ...
    (alt.internet.wireless)
  • Re: Cannot connect to Internet with ADSL Gateway - PLEASE HELP!
    ... problem solved but MAC address was not the cause. ... Spoke to ISP but this time they provided me with the appropriate ... router settings which seem to work so far. ... I am now stuck with my wireless connection, I cannot get my notebook to ...
    (microsoft.public.windowsxp.network_web)
  • Re: Do Macs require IP troubleshooting like PCs do?
    ... if anyone has every worked at a Mac ISP before could give me some data. ... If its an old modem that needs to be bridged with a PPPoE connection ...
    (comp.sys.mac.advocacy)
  • Re: Broadband bandwidth problem
    ... DG814 from a G4 apple Mac running OSX. ... A month ago I lost my connection to the net. ... about by my ISP they informed me that changes at their end meant I ... My ISP has told me I may need to change the router but I'm not ...
    (comp.sys.mac.system)
  • Do Macs require IP troubleshooting like PCs do?
    ... if anyone has every worked at a Mac ISP before could give me some data. ... If its an old modem that needs to be bridged with a PPPoE connection ...
    (comp.sys.mac.advocacy)