securing wifi but giving easy access

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › securing wifi but giving easy access

n00dy

482 posts

Ultimate Geek

Lifetime subscriber

#77061 10-Feb-2011 13:11

I have a friend that has a cafe and used to offer a free wifi/internet access via an unsecure modem. Customers visiting the cafe for coffee etc could use their laptops ( or computers in the cafe ) on the net however this was abused by nearby business's and people not using his cafe and as a result always had usage blow out along with the additional costs. We want to secure the network with basic protection and customer will see a password / passphrase / authentication code listed or given out in the cafe once a week or so. We used WEP (open) ( yes I know it ihas little secuirity but its just a buffer ) and a password phrase "latte" however a few customers could access the net ( most using Vista ) we then changed it to WEP (shared) with similar results. We have disabled secuirty in the short term until we can work it out. We want it to be easy for the customers to access the net without having to get an IT person to set it up.
We are using a Telecom 2wire Gateway, 3 computers connected via LAN, one laptop via wireless ( business owners ) and then mulitple devices from ipad/iphone/pda/macs/notepad/laptops for customers using different platforms.
TIA

wellygary

8323 posts

Uber Geek

#437739 10-Feb-2011 13:26

You'll probably get more responses if this was moved to the Network>LAN (Ethernet/Wifi/routers) Forum,
Your B/Band ISP is fairly moot to any answer,

Is a Mod willing to oblige and move this thread?

{MOD EDIT : SP : Good call, done}

matisyahu

1623 posts

Uber Geek

Trusted

#437740 10-Feb-2011 13:27

n00dy: I have a friend that has a cafe and used to offer a free wifi/internet access via an unsecure modem. Customers visiting the cafe for coffee etc could use their laptops ( or computers in the cafe ) on the net however this was abused by nearby business's and people not using his cafe and as a result always had usage blow out along with the additional costs. We want to secure the network with basic protection and customer will see a password / passphrase / authentication code listed or given out in the cafe once a week or so. We used WEP (open) ( yes I know it ihas little secuirity but its just a buffer ) and a password phrase "latte" however a few customers could access the net ( most using Vista ) we then changed it to WEP (shared) with similar results. We have disabled secuirty in the short term until we can work it out. We want it to be easy for the customers to access the net without having to get an IT person to set it up.
We are using a Telecom 2wire Gateway, 3 computers connected via LAN, one laptop via wireless ( business owners ) and then mulitple devices from ipad/iphone/pda/macs/notepad/laptops for customers using different platforms.
TIA

The best suggestion I can provide is this: Setup the wireless router to WPA2, have a password that changes every day (close the wireless down at the end of the day, turn it back on when you open up the shop and change the wireless password each time you open the shop) - put the password up on board in the shop or something so that it forces people to come into the shop rather than seeing it from the road.

That is about the best way I can think of which will cause the least amount of problems. All devices these days support WPA2, even netbooks running Windows XP SP3 automatically have the required update to log onto a WPA connection.

"When the people are being beaten with a stick, they are not much happier if it is called 'the People's Stick'"

richms

28176 posts

Uber Geek

Trusted

Lifetime subscriber

#437741 10-Feb-2011 13:28

Google for captive portal and you will be on your way to finding the info you want. It will need extra hardware however as you cant run it on the 2wire.

Richard rich.ms

n00dy

482 posts

Ultimate Geek

Lifetime subscriber

#438157 11-Feb-2011 09:19

is WPA2 same as WPA2-psk
I have the choice of WPA-PSK and WPA2-PSK ( same line )
or WPA2-PSK
or WPA-PSK

buying addition equipment is not an option we want to go down.

It appears that the 2wire modem from Telecom can allow/restrict quite a bit and will will more on to securing the netowrk via some of these settings at a later date but right now just having easy encryption is whats needed. Thanks

raytaylor

4014 posts

Uber Geek

Trusted

#438466 11-Feb-2011 22:53

A netcomm ticket system with captive portal where you can issue a ticket number and limit time or data will cost in excess of $1200

A simple solution is to buy a cheap wifi access point - TP-Link make a nice one.
Set it up so the cafe owner can open the config web page and change the WPA-PSK code every day.

Ray Taylor

There is no place like localhost

Spreadsheet for Comparing Electricity Plans Here

Ragnor

8221 posts

Uber Geek

Trusted

#438485 12-Feb-2011 00:32

Yeah there are 3 main options:

1:
If you don't mind paying a fairly small one off cost to buy a solution that will work out of the box with just a small amount of config, both of these are really good:
http://www.zenbu.net.nz/ or http://www.tomizone.com/

2:
There's the teach the owner how to change the wireless password daily, then put it on a sign in the shop or give it out written on coffee/loyalty type cards sort of thing.

3:
Learn a whole bunch of FOSS stuff and use a linux or bsd based gateway where you've setup captive portal.

trig42

5811 posts

Uber Geek

ID Verified

#438501 12-Feb-2011 07:47

Or, turn down the transmit power on the router so that the neighbours can't use it.

You would need to experiment to see how much you need to turn it down.

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

vulcannz

436 posts

Ultimate Geek
Inactive user

#443179 24-Feb-2011 21:06

Look at the Sonicwall TZ-100W (or maybe a -200W. It supports guest services and Virtual AP's on the same radio (ie mixed WEP/WPA/WPA2 + unsecured for guest access). Plus can shape the traffic on the guest network (and block stuff like peer2peer, porn etc).

The guest system is easy to use, you can generate a bunch of 'tickets' and dump them to a CSV, I used to merge them into a Word document with instructions for dummies.

foremannz

34 posts

Geek

#443261 25-Feb-2011 07:36

I've been looking into the Zenbu idea, and you can give out free credit (several different amount options) or the users can pay (you get % back from paying customers) - this allows you to give out a token amount, and if they want more, they have a quick way of getting more and you get money back to cover the cost of the extra use :)