Wireless hotspot basics



  • Hello folks,

    I'm completely new to this game, having just been asked to set up a very basic 'i agree to the terms of service' page to allow users to access a wireless network.

    We've got a Cisco 5505 router.

    If I'm understanding correctly, I need to have a computer w/ pfSense installed on it hooked up to the router at all times in order to make this work?

    Thanks!



  • pfsense offers a versatile and feature-rich "captive portal" in addition to being a router/firewall.

    However I wouldn't use it as an AP for a public hotspot, since support for wireless protocols (e.g. 11n) in pfsense itself is rather limited, due to the limitations in the underlying OS FreeBSD 8.1.



  • @dhatz:

    pfsense offers a versatile and feature-rich "captive portal" in addition to being a router/firewall.

    However I wouldn't use it as an AP for a public hotspot, since support for wireless protocols (e.g. 11n) in pfsense itself is rather limited, due to the limitations in the underlying OS FreeBSD 8.1.

    Okay, thank you.  Do you have any recommendations?  Was I correct in my understanding of how the setup would need to operate?

    Thanks!



  • Well, it depends on your network topology, but chances are you can replace the 5505 with pfsense and use external APs for Wifi access.



  • @dhatz:

    Well, it depends on your network topology, but chances are you can replace the 5505 with pfsense and use external APs for Wifi access.

    Okay, perhaps I'm just not understanding how this is supposed to work:
    Are you saying I don't even need a wireless router, but can use a computer running pfsense in its stead (hooked up to the actual modem), and then get an external AP for wireless?

    Thank you.



  • Yes, you can use pfsense as a router/firewall (which is what pfsense was primarily designed for) and CP and use external APs for wireless.

    Everything depends on the functionality one requires from a wireless hotspot:

    Will it be serving 5 users or 100 users?
    Will it be serving a single location (e.g. hotel lobby) or a larger area?
    Will you need multiple SSIDs (e.g. an open one for guests and a WPA2 one for company staff)?
    What type of devices will be connecting (smartphones only have 2.4GHz Wifi, whereas laptops are dual-radio)
    etc



  • Thanks again for taking the time to answer my questions!

    Basically we're looking at a setup like this:

    • Wireless access, restricted to a common area in an apartment building (essentially a hotel lobby)
    • Can't see it being more than 10 - 20 users at a time
    • Just an open connection BUT we're aiming to have a basic 'i agree to the terms…' web page users need to click through to access web
    • Primarily laptops for connecting, but I'm sure at some point someone'll try and connect with a handheld.

    We've got a Cisco ASA5505, if that makes any difference.



  • I'd rip out the ASA entirely, we have a lot more and better functionality for those kinds of networks, none of the licensing restrictions of the 5505, and unless you're recycling a 15 year old PC which would be about equal, you'll get better performance. You can duplicate everything you're doing on the ASA, and add captive portal for the terms of service acceptance page.


Log in to reply