I’m planning to run a Wisp / Hotspot system. I currently have everything set up to allow users to connect where they are presented with a hotspot login page. If they log in, they can then access the internet.
However as this is only under standard WiFi i presume it is not very secure and customers data could be read. While the infrastructure of my network is secure, client connections are not. I presume the best way to do this would be VPN from what i’ve seen? Looking into the various options i think if i use VPN it would have to be PPTP as it is the easiest to implement on Windows which is what the majority of people will use. However i’m a bit stumped on what to do? How should I set PPTP up to allow users to use it? Can i have it as an alternative login to the splash page? or should I have it as a secondary system that users can connect with once they are signed in throught HTTP to secure their connection? And how do i implement this?
Ok so I can now succesfully connect with either PPPoE or PPTP (i’d prefer to use PPTP as it is more secure afaik). However, while I can get on the internet fine normally through hotspot, as soon as I create a VPN / PPP connection I am unable to connect. I can ping as far as the router but no further. I’ve included a screenshot of my routes in cas the issue is there.
I just run 2 SSIDs … one is unsecured, lets them see the hotspot page, and it tells them about the WEP/WPA key on the secured one. Both are bridged to the hotspot so they are indentical, just one is encrypted and one is not.
Hmmm but wouldn’t that mean that an attacker could easily arm himself with the security key and intercept all traffic? I thought the network was only safe as long as the key is?
i am not an expert on this - i assume WEP would be totally compromised in that case. With WPA and dynamic keys that might not be an issue. Someone else might know for sure if you had a WPA-PSK2 key if you were able to sniff / decode others using the same key.
Just bumping to see if anyone has any ideas. I can connect fine through PPTP but when I do the internet cuts out (and I’m unable to ping past the router I’m connecting to). I’d have thought it would be a routes problem but they seem to be set up fine. It works when i uncheck “Use default gateway on Remote Network” on the client end, but then traffic is being sent over the Wireless rather than PPTP leaving it unencrypted (and making the VPN pointless). So any ideas?
[admin@Wisp] > ip firewall filter print
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough
1 chain=forward action=accept protocol=gre
2 chain=hs-input action=accept protocol=tcp src-port=1700 dst-port=1700
3 ;;; tcp logger
chain=forward action=log protocol=tcp src-address=192.168.1.0/24 log-prefix=""
4 ;;; udp logger
chain=forward action=log protocol=udp src-address=192.168.1.0/24 log-prefix=""
Interestingly, if the PC connects by PPTP, the MT router shows itself receiving packets on this interface but not transmiting, or transmiting very few. The PC has no firewall etc.
I’m also planning the same and haven’t found anything to this in the manual.
So, is there anyone who can help us as the question hasn’t been answered the last time?!
