Setup Free Neighbourhood Wireless

Discussion in 'Tomato Firmware' started by maple.chick, Apr 3, 2013.

  1. maple.chick

    maple.chick Networkin' Nut Member

    a. Linksys e4200 (Main Router)
    b. Linksys WRT54G (Free Wireless Router)

    Both routers have Tomato loaded on it.

    I live in an apartment complex with many seniors / retirees so I'm planning to offer a free neighbourhood wireless which would help them save on the internet. However, I am concerned about security and safety of my own network so I have a few questions:

    1. Can I setup the WRT54G (Free Wireless Router) to connect to e4200 (Main Router) over wireless and then re-broadcast the signal under a different SSID?

    2. How can I make sure that WRT54G (Free Wireless Router) does not expose my home network to wireless clients?

    3. Is there a way I can show a time table to clients that connect? I want to turn off the wireless after mid-night.

    4. Though I am not overly worried about bandwidth, I want to have QoS for clients that connect. I am assuming it should be fairly straight forward.
  2. Marcel Tunks

    Marcel Tunks Networkin' Nut Member

    Would be easier and more reliable with a wired connection between the two. Is that not an option for you?
  3. fubdap

    fubdap LI Guru Member

  4. gfunkdave

    gfunkdave LI Guru Member

    1. No. You need to wire them together. Tomato does not support WISP mode (sucking in one wireless signal and rebroadcasting another).
    2. Use VLAN versions of Tomato on both routers and put the guest wireless on a separate VLAN from your home network.
    3. Yes, you can set either router to shut off wireless at certain times of day.
    4. It is, though QoS doesn't seem to work on VLANs aside from the main VLAN. This is a Tomato bug.

    Be aware of the legal ramifications of what you propose. If someone uses your internet connection to access illegal things - child porn, for example - you may be liable. Check your local laws.
  5. Mercjoe

    Mercjoe Network Guru Member

    As the above poster said; Beware of the legal ramifications.

    I disagree with his answer to #1; With Virtual SSID's, you CAN transmit multiple SSID's from the same router. You can create a virtual interface that is tied to the different VLAN.

    The second (remote) router does NOT need to have VLAN capable firmware. It just has to have the ability to be used as an AP The actual network configuration is handled by the main router.

    Bandwidth control is going to be your major headache. QOS only functions on br0.

    Good luck
  6. Bird333

    Bird333 Network Guru Member

    He is saying that one router can't connect its WAN side wirelessly and then retransmit the connection as a different SSID on LAN side. See repeater mode on DD-WRT.
  7. rhester72

    rhester72 Network Guru Member

    Also be aware that if this is in the US and you're planning to run with no wireless security on this guest VLAN, you'll also be breaking a new law (as of Feb 2012) making open guest wireless "retransmission" of private services (i.e. making your ISP account available to the unwashed masses) illegal under FCC guidelines. In fact, a year later (Feb 2013), use of WEP also technically became illegal (for new devices).

  8. gfunkdave

    gfunkdave LI Guru Member

    Oh, I get it. I had misunderstood what the OP wanted. If the second router is just going to be a dumb access point only broadcasting one SSID, then only the main router needs a VLAN build.
  9. jerrm

    jerrm Network Guru Member

    The way I'd probably set it up is the "public" router with QOS, connected to a bandwidth limited vlan port on the master router. Make sure they don't eat up all my bandwidth, and have QOS working with whatever bandwidth I do give them.
    Armand1234 likes this.
  10. Bird333

    Bird333 Network Guru Member

    So what if I don't want to use security, now I'm breaking the law? Do you have a link?
  11. lancethepants

    lancethepants Network Guru Member

    If you're going to use a separate router for a wifi access point anyway, you could consider having that one connect to some anonymous VPN service. That way, questionable activity won't be connected to your IP.
    I would consider just placing a password, and pass out the username/password.
    You could also consider setting up some sort of radius server, and have each user login with their credentials. Just some thoughts I had.
    Armand1234 likes this.
  12. rhester72

    rhester72 Network Guru Member

    It was all over the news about a year ago - no link handy, sorry.

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice