Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Guest WiFi with Cisco EPC3925 - Install separate AP?

  • 10-04-2015 6:54am
    #1
    Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭


    Hi all,
    I have a Cisco EPC3925. From what I can see, there's no guest WiFi.

    I want to have a WiFi connection totally separate to the work LAN/network. Is it possible to install a separate WiFi AP, but have it on a different subnet so there's no possibility of being able to communicate with the LAN?


Comments

  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    Get a decent router with a guest feature and bridge the Cisco to it. Then the unit you chose can properly VLAN out guest clients.


  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary


    ED E wrote: »
    Get a decent router with a guest feature and bridge the Cisco to it. Then the unit you chose can properly VLAN out guest clients.

    Good idea, looks like my best option, cheers.

    any recommendations? :D


  • Registered Users, Registered Users 2 Posts: 1,347 ✭✭✭Rackstar


    Get yourself a free Cisco Meraki access point https://meraki.cisco.com/webinars you won't look back


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    Rackstar wrote: »
    Get yourself a free Cisco Meraki access point https://meraki.cisco.com/webinars you won't look back

    You forget to mention Cisco Meraki requires a subscription. If they ever stop paying you lose access to your devices they'll send you an email telling you the device will stop performing network functions after a certain date.


  • Registered Users, Registered Users 2 Posts: 1,347 ✭✭✭Rackstar


    You forget to mention Cisco Meraki requires a subscription. If they ever stop paying you lose access to your devices they'll send you an email telling you the device will stop performing network functions after a certain date.

    You forgot to mention its an excellent free access point with free 3 year license.


  • Advertisement
  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    Rackstar wrote: »
    You forgot to mention its an excellent free access point with free 3 year license.

    There's nothing free with Cisco, what happens after 3 years when they hold you to ransom? How much does that cost? Cisco are the Mafia of the networking world IMO.

    Buy a 55 quid Mikrotik RB951 and setup a hotspot and you'd have a much better setup for little money
    http://www.interprojekt.com.pl/rb951g-2hnd-p-1370.html


  • Registered Users, Registered Users 2 Posts: 1,347 ✭✭✭Rackstar


    There's nothing free with Cisco, what happens after 3 years when they hold you to ransom? How much does that cost? Cisco are the Mafia of the networking world IMO.

    Buy a 55 quid Mikrotik RB951 and setup a hotspot and you'd have a much better setup for little money
    http://www.interprojekt.com.pl/rb951g-2hnd-p-1370.html

    Nonsense. It costs you nothing for 3 years.

    Cisco are still using the Meraki model for licensing, don't know how you can claim Cisco are like the Mafia from that?

    How many radios has that AP got? Does it have traffic shaping? Layer 7 firewall? Layer 3 firewall? What's the management like on it, is it cloud based and constantly evolving?

    That AP might be fine for home use but the Cisco Meraki is light years ahead of it.


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    Rackstar wrote: »
    Nonsense. It costs you nothing for 3 years.

    Cisco are still using the Meraki model for licensing, don't know how you can claim Cisco are like the Mafia from that?

    How many radios has that AP got? Does it have traffic shaping? Layer 7 firewall? Layer 3 firewall? What's the management like on it, is it cloud based and constantly evolving?

    That AP might be fine for home use but the Cisco Meraki is light years ahead of it.

    Nonsense. You've obviously never even heard of Mikrotik therefore cannot comment. It's an enterprise router, wireless ISPs use Mikrotik for a reason. Does all routing protocols (RIP, OSPF, BGP and more), switching protocols (spanning tree), layer 2 protocols and tunnels, VLANS, layer 2 and 3 firewall, bandwidth shaping, layer 7 protocols, queues and even MPLS for pittance compared to Cisco. The cheapest MPLS capable Cisco router costs thousands. And yes RouterOS is ever evolving through continuous free updates. I've studied Cisco and can tell you Mikrotik is better if you want value for money ;)

    http://en.wikipedia.org/wiki/MikroTik
    http://www.mikrotik.com/software
    http://demo.mt.lv/webfig/ (login username:admin password: blank)

    You still haven't answered the question about how much Meraki costs after you have been held to ransom.


  • Registered Users, Registered Users 2 Posts: 1,347 ✭✭✭Rackstar


    You're completely dragging the thread off topic.

    The OP was looking for a recommendation for a wireless access point to allow guest access.

    I've given the OP a excellent reccomendation of an access point that they can get for free and includes a 3 year license.

    If you don't like Cisco Meraki products and their licensing there's nothing I can do about that.


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    Rackstar wrote: »
    You're completely dragging the thread off topic.

    The OP was looking for a recommendation for a wireless access point to allow guest access.

    I've given the OP a excellent reccomendation of an access point that they can get for free and includes a 3 year license.

    If you don't like Cisco Meraki products and their licensing there's nothing I can do about that.

    Sorry, off topic? You missed the bit where I recommended a 55 quid alternative Mikrotik product that does hotspot AP and doesn't hold you to ransom in 3 years. How much does that cost anyway? You've forgotten to answer?


  • Advertisement
  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    And the answer is
    $150 per year
    :eek:


  • Registered Users, Registered Users 2 Posts: 10 Sitevalue


    And the answer is
    $150 per year
    :eek:

    In fairness, you can use the AP for 3 years and then you're under no obligation to pay anything.

    That rubbish you're pedaling is using a 2.4GHz radio which is practically useless in a built up area and will be phased out soon.

    We've use both Mikrotik and Meraki in the office. Meraki is hands down far superior to Mikrotik (the lads on the desk call it MicroCrap). We had to return 2 out of the 3 Mikrotik units as they gave up after 2 months. No problems with the Cisco.


  • Registered Users, Registered Users 2 Posts: 1,770 ✭✭✭tnegun


    The Meraki is free now and is more than adequate for home use pocket the €55 for now use the Meraki and stick it in the bin in 3 years and look for something then. It will do exactly what the OP wants for free!


  • Registered Users, Registered Users 2 Posts: 1,347 ✭✭✭Rackstar


    And the answer is
    $150 per year
    :eek:

    It can be licensed for a lot less than that.

    I think the consensus is that the Meraki is a far superior option and free.

    You're flogging a dead horse.


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    Sitevalue wrote: »
    In fairness, you can use the AP for 3 years and then you're under no obligation to pay anything.

    And then it stops working.
    Sitevalue wrote: »
    That rubbish you're pedaling is using a 2.4GHz radio which is practically useless in a built up area and will be phased out soon.

    Agreed it only has 2.4Ghz, there are off the shelf dual bands in development. The Op didn't specify they needed dual band, it will be a long time before 2.4Ghz is phased out, 5Ghz has no range, does not work well through obstacles or outside the room it's places. You can also build your own Mikrotik to your own requirements for little money. Mikotik was only a cheap suggestion, Ubiquiti would be another choice if you need dual band, even the 200 quid Asus RT-AC68U or TPLink Archer C7 AP would be a better choice than Cisco. I don't buy into this free Cisco stuff because it's ransomware, free is only free for 3yrs then you must change or get caught with vendor lockin.
    Sitevalue wrote: »
    We've use both Mikrotik and Meraki in the office. Meraki is hands down far superior to Mikrotik (the lads on the desk call it MicroCrap). We had to return 2 out of the 3 Mikrotik units as they gave up after 2 months. No problems with the Cisco.

    I've installed lots of Mikrotiks all over the place as hotspots with ticketing systems in pubs, restaurants, guest houses, conference halls. No issues, no fails other than power supplies where they didn't have POE. I've seen uptimes on 50 quid routerboards of over a year.


  • Registered Users, Registered Users 2 Posts: 20 Rurbs


    I'd be going with the free Meraki for sure. You just throw it away after the 3 years. The mikrotik is old technology and probably won't last 3 years and you'd have paid for it. This is a no brainer.


  • Registered Users, Registered Users 2 Posts: 10 Sitevalue


    And then it stops working.



    Agreed it only has 2.4Ghz, there are off the shelf dual bands in development. The Op didn't specify they needed dual band, it will be a long time before 2.4Ghz is phased out, 5Ghz has no range, does not work well through obstacles or outside the room it's places. You can also build your own Mikrotik to your own requirements for little money. Mikotik was only a cheap suggestion, Ubiquiti would be another choice if you need dual band, even the 200 quid Asus RT-AC68U or TPLink Archer C7 AP would be a better choice than Cisco. I don't buy into this free Cisco stuff because it's ransomware, free is only free for 3yrs then you must change or get caught with vendor lockin.



    I've installed lots of Mikrotiks all over the place as hotspots with ticketing systems in pubs, restaurants, guest houses, conference halls. No issues, no fails other than power supplies where they didn't have POE. I've seen uptimes on 50 quid routerboards of over a year.

    You've lost the argument here completely. The Cisco is a far better option.

    You're completely anti Cisco and there's no talking to you. I wouldn't be surprised if you've failed CCENT and are taking your frustrations out here.


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    Sitevalue wrote: »
    You've lost the argument here completely. The Cisco is a far better option.

    That's a matter of opinion, I've listed 4 vendor alternatives that don't push towards vendor lock in and hold you to ransom in 3 years. Cisco Meraki are just hoping you set these devices in productive environments and then quids in $$$$. It's part of their big shift from selling products to providing services, subscription services.
    Sitevalue wrote: »
    You're completely anti Cisco and there's no talking to you. I wouldn't be surprised if you've failed CCENT and are taking your frustrations out here.

    Agreed I'm not a fan of Cisco, I don't see the value. Not everyone that studies Cisco becomes a fanboy. I passed CCNA, didn't feel like taking it any further. I am considering doing MTCNA and beyond because it could be more useful to me.


  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary


    Thanks for the info guys. I actually have one of those AP's as i'm subscribed, but not planning to install it in the scenario I talk about as I want a 'fit and forget'.

    I will take a look at the 55 euro AP now, thanks


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    JohnCleary wrote: »
    Thanks for the info guys. I actually have one of those AP's as i'm subscribed, but not planning to install it in the scenario I talk about as I want a 'fit and forget'.

    I will take a look at the 55 euro AP now, thanks

    Be sure to check out the Ubiquiti AirRouter and Unifi (very costly but amazing)
    http://www.interprojekt.com.pl/unifi-c-108_182.html


  • Advertisement
  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    If you do do with Mikrotik there's a big thread with info, configs and scripts in nets and comms


  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary


    If you do do with Mikrotik there's a big thread with info, configs and scripts in nets and comms

    Thanks for the tip.

    I'm after just a simple config, so will end up going with something plug-and-play'ish (apart from initial config, of course)


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    JohnCleary wrote: »
    Thanks for the tip.

    I'm after just a simple config, so will end up going with something plug-and-play'ish (apart from initial config, of course)

    The Mikrotik ships with a default config that's pretty much the same as any residential gateway wireless router. Enabling hotspot on Mikrotik is a simple as clicking hotspot in the Winbox GUI. It will reboot and runs a script that creates a VLAN with a virtual wireless access point in a new subnet and creates all the firewall rules blocking access to your lan subnet. You might just need to untick http to turn of the hotspot login web page to give access to Wi-Fi without login as hotspots generally have open Wi-Fi security and use web login.


  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary


    The Mikrotik ships with a default config that's pretty much the same as any residential gateway wireless router. Enabling hotspot on Mikrotik is a simple as clicking hotspot in the Winbox GUI. It will reboot and runs a script that creates a VLAN with a virtual wireless access point in a new subnet and creates all the firewall rules blocking access to your lan subnet. You might just need to untick http to turn of the hotspot login web page to give access to Wi-Fi without login as hotspots generally have open Wi-Fi security and use web login.

    That sounds ideal, and an idea I prefer to getting a new router with Guest WiFi and then using the Cisco in bridge only.

    That's the 55 euro one you're referring to, yeah?


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    JohnCleary wrote: »
    That's the 55 euro one you're referring to, yeah?

    Yes


  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary


    The Mikrotik ships with a default config that's pretty much the same as any residential gateway wireless router. Enabling hotspot on Mikrotik is a simple as clicking hotspot in the Winbox GUI. It will reboot and runs a script that creates a VLAN with a virtual wireless access point in a new subnet and creates all the firewall rules blocking access to your lan subnet. You might just need to untick http to turn of the hotspot login web page to give access to Wi-Fi without login as hotspots generally have open Wi-Fi security and use web login.

    Just a heads up, that this didn't work. I don't know it was me, or the router, but when I enabled the hot-spot, it didn't behave as you said. Infact, enabling the hot-spot didn't seem to make any difference.

    I found a tutorial online about creating a virtual access point, giving it a DHCP range, new SSID etc. and then set up some firewall rules.

    This worked, but it was a bit messy as the original wireless access point was still live (hiding the SSID worked good enough for us)


    Wondering, is there something i'm doing wrong re. hotspot? As I have to install another one next week


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    JohnCleary wrote: »
    Just a heads up, that this didn't work. I don't know it was me, or the router, but when I enabled the hot-spot, it didn't behave as you said. Infact, enabling the hot-spot didn't seem to make any difference.

    I found a tutorial online about creating a virtual access point, giving it a DHCP range, new SSID etc. and then set up some firewall rules.

    This worked, but it was a bit messy as the original wireless access point was still live (hiding the SSID worked good enough for us)


    Wondering, is there something i'm doing wrong re. hotspot? As I have to install another one next week

    http://myconfigure.blogspot.ie/2013/05/configure-mikrotik-as-hotspot_9254.html?m=1

    You can pretty much click next through the hotspot menus when setting it the settings will be there.


  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary



    Pretty sure I did all of that, but i'll test it with the other one next week.

    Curious as to them setting the hotspot on ether2 as opposed to wlan1 - was this for testing purposes? I'm guessing it's wlan1 i'd be setting the hotpot on?


  • Registered Users, Registered Users 2 Posts: 9,605 ✭✭✭gctest50


    JohnCleary wrote: »
    Thanks for the tip.

    I'm after just a simple config, so will end up going with something plug-and-play'ish (apart from initial config, of course)



    http://www.openmesh-uk.com/index.php?cPath=21&osCsid=43989fd6c7baf19d6e90347b03612781

    managed from anywhere through this yoke :

    https://www.cloudtrax.com/dashboard.php


    theres a few more like meraki/cisco but they charge $$ after a while


  • Advertisement
  • Registered Users, Registered Users 2 Posts: 10,209 ✭✭✭✭JohnCleary


    gctest50 wrote: »
    http://www.openmesh-uk.com/index.php?cPath=21&osCsid=43989fd6c7baf19d6e90347b03612781

    managed from anywhere through this yoke :

    https://www.cloudtrax.com/dashboard.php


    theres a few more like meraki/cisco but they charge $$ after a while

    These look good, may give them a try some time. Not too worried about cloud config. I'm installing them in offices for friends starting off, so just need an initial config and then leave it be.


  • Closed Accounts Posts: 3,072 ✭✭✭mass_debater


    JohnCleary wrote: »
    Pretty sure I did all of that, but i'll test it with the other one next week.

    Curious as to them setting the hotspot on ether2 as opposed to wlan1 - was this for testing purposes? I'm guessing it's wlan1 i'd be setting the hotpot on?

    The default config will have a default bridge configured, both ether2 and wlan1 will be interfaces on this bridge so any of the three, but go with the default bridge


Advertisement