# Help with wifi router options



## drhowarddrfine (Dec 6, 2015)

I have a restaurant that just bought a home router, Linksys WRT1900ACS, and it's really great for what it's for; routing the cash register/computer and security cameras and seperate wifi for managers and customers. However, just weeks after buying it, my wife used a competitor's wifi where, when you connect to theirs and open your browser, your first page opens one of their web sites that contains ads and coupons. From that point on, you're free to surf as you please; no login required.

Now she wants that.

I'm pretty sure home routers don't have the ability to redirect and this one, specifically, has no way of password-less logins for guests.

One option I have is to install openwrt on this device but I've never done that. I'm not beyond tinkering, and would love to do that, but there's that fear of bricking it along with having more important things to do.

My second option is to get a commercial router but which one? The Linksys was $240 and that's high. I'm aware a commercial one is going to cost at least a hundred dollars more but I'm sensitive on price. I'm also aware I don't know what's out there so I'm looking for suggestions. If all my requirements, listed below, are met in a wifi router, this is probably the best option if the price is right.

My third option would be to get a wifi card, usb device, or other external device and plug it into a computer or laptop, run FreeBSD on that, and have ultimate control and flexibility. I love this idea overall but the problem with that is, again, cost. I could set all this up at home and tinker at my leisure but I don't want to buy stuff and find it doesn't have the wifi reach of an 1800 sq ft restaurant and lots of metal studs and enclosures.

I love doing networking but I never get to so my knowledge in this area is lacking and forgotten. I'm looking for recommendations and opinions and links.

My requirements again are these, remember this is for a router connected to our ISP supplied modem:


We have cable 100Mb down/4Mb up
Secure wired ethernet connection for a cash register (with built in credit card reader)
A wired ethernet port for our security camera system.
Password-less guest wifi access that can't access the other systems.
Initial guest wifi access connects them with an external web site (I have the site) but then they are free to surf wherever they want.
Preferably separate, secure wifi access for management to access the cash register and camera system.
Prefer remote access to settings.
Prefer ability to limit guest connections, such as rate, number of guests, priority, etc.


----------



## protocelt (Dec 6, 2015)

After reading through your post twice, IMHO, PFSense with a captive portal would be a good fit for this. It's FreeBSD based and would be a little easier to setup and manage for someone who doesn't have the time or a whole lot of networking knowledge. The original router can then just be used as a WiFi access point for customer WiFi access.


----------



## drhowarddrfine (Dec 6, 2015)

Now, see, for the first time I heard "captive portal" just last week. But you brought up something I thought of, too; just plug the router into a FreeBSD box. But would PFSense give me control over initial guest wifi access? (I guess I could look that up myself.)

EDIT: Even sadder. All these years I thought pfSense was networking software, not a product.

EDIT2: Now I see I was half right. They sell hardware but the software is free, though you can buy support.


----------



## protocelt (Dec 7, 2015)

drhowarddrfine said:


> But would PFSense give me control over initial guest wifi access? (I guess I could look that up myself.)


Yes. You would manage all connections, routing, and security completely with pfSense or whatever solution you decide to go with instead and configure the wireless router you have already as a wireless access point only. 

As you probably noticed already pfSense does have units available to buy with WiFi integrated/included if interested, but from what I understand, it's better to use a separate access point for wireless access.


----------



## SirDice (Dec 7, 2015)

I have a Linksys LAPAC1750PRO wireless accesspoint, it has a basic captive portal built-in. It also allows you to create multiple wireless networks and each network can be assigned to it's own VLAN.


----------



## drhowarddrfine (Dec 7, 2015)

SirDice That looks real good but it's $500US and I'd still have to buy another router, or use the $230 one I just bought, bringing the total to $730.


----------



## tingo (Dec 8, 2015)

Have you looked at what your router can do? According to this Linksys press release, that router has  support for OpenWRT, which gets you captive portal.
Wiki page with descriptions on how to flash etc: http://wiki.openwrt.org/toh/linksys/wrt1900acs


----------



## drhowarddrfine (Dec 8, 2015)

Yes, I'm aware of that but the version that comes with the device is not the same as in that link so you have to install that firmware. With so many people worried about bricking their device, I just don't want to have to deal with that, especially when I see 9000 posts in one thread on the subject of settings for this. 

That said, Linksys does provide the original firmware along with methods to get back to the default setup. If I can manage to do this without screwing up those two capabilities, I should be OK trying that. In fact, last night I made the decision that this weekend, or perhaps over Christmas holiday, I'm going to install that openwrt firmware and see how it goes. 

After looking at all the options, and being in somewhat of a rush to get this done, it's the easiest and least expensive option to try. Honestly, I have a feeling that it will take me an hour or two to set it up and I'll be done and happy. It's just that fear of the unkown.


----------



## tingo (Dec 8, 2015)

If you have another router (preferably not in use now) with OpenWrt support, you could use that for practice. I'm using Tomato on my wireless routers, so I can't say how easy OpenWrt is.


----------



## drhowarddrfine (Dec 8, 2015)

Yeah, I have a Linksys WRT54G but, from what I've read, that's a totally different animal so the settings and features won't be the same.


----------



## SirDice (Dec 9, 2015)

If you can restore the original firmware then I'd definitely try OpenWRT. Nowadays manufactures usually add some sort of fail-safe option to use in case a firmware update get botched up.  It may require you to set up tftpd(8) but it's not that difficult.


----------



## Deleted member 9563 (Dec 10, 2015)

drhowarddrfine said:


> With so many people worried about bricking their device . . .



Some people worry too much. I've installed Tomato, another open source router distro, on a number of different routers and it's very easy. The last two routers I did this to were bought new and I didn't even bother to look at whatever crap was installed from the factory. I think that most of the "fear of bricking" posts you see are inspired by some of the legacy experiences that people have had in the past. It's not like that these days.

PS: also, don't forget that you can backup the original firmware before you install new.


----------



## protocelt (Dec 10, 2015)

The probability of bricking the router installing open firmware like OpenWrt is quite low these days but it *is* still a possibility. Given this is for business use I can completely understand a bit of caution. As they say in business, "time is money". 

That said, until recently I used OpenWrt for a few years on a few consumer routers and never had a problem. I never set up or used a captive portal on them though so not sure how that works.


----------



## drhowarddrfine (Dec 16, 2015)

Well that didn't go well.

I tried nodogsplash and wifidog. Couldn't get them to do exactly what I needed so I tried going back to the original factory image. I got there but downloads were one-third what they should be: 36Mb versus 100Mb. I wondered if I didn't wait long enough when I reinstalled the image so I went back to openwrt and reuploaded the factory image once again. Then I was only able to access it via wifi but I can't get to the linksys set up page. I can get to the wifi set up but I don't need to set that up. I can no longer get to the lan set up page.

What's sad is, I was looking around and saw how this is just a Linux system and I could have done far better just coming here and asking networking questions. Asking questions on any openwrt forum only brings crickets chirping.


----------



## ondra_knezour (Dec 16, 2015)

You would probably be able to recover your Linsys router, but in case you don`t want to spend much time tinkering there, there are Unifi APs from Ubiquiti, support for multiple VLANs and captive portal is there, controller run on the FreeBSD and are cheap. I am using them on several places (without captive portal, I don`t have such use case) and for given price they excel.


----------



## drhowarddrfine (Dec 16, 2015)

I saw the Ubiquiti stuff and considered it but, since I already bought this router, I didn't feel like buying more hardware. 

This whole thing has gotten me down and thrown me in a tizzy. I finally got the router working again but now I'm back to square one. I'll install this back at the business for now but my wife wants me to buy one for home cause she has all kinds of problems accessing the 'net from her phone and office that went away when I had the linksys router at home. At the same time, I remembered her old computer had a wifi adapter on it so maybe I should load pfsense on that. Not sure if it meets the hardware requirements for pfsense, though. 

And it's one more thing I have to come up to speed on. I enjoyed tinkering with networking a while back but I already have too much to do.


----------



## aragats (Dec 18, 2015)

Another easy and quick option is installing an old (not powerful) computer for (almost) free with PFSense. In such case you'll have your wifi AP, and the routing will be done by PFSense. I have such configuration in 3 places for many years.


----------



## Deleted member 9563 (Dec 18, 2015)

aragats said:


> Another easy and quick option is installing an old (not powerful) computer for (almost) free with PFSense.



Except that's not really "almost" free. The hardware may be, but you'll find that the power consumption of an old computer amounts to roughly $50 per year. A small device will be closer to 10 or 20% of that.


----------



## drhowarddrfine (Dec 18, 2015)

I have old hardware and a wifi card so I intend to put pfsense on that but I'm going to see if I can get it to work on virtualbox on my workstation first just to set things up and learn. 

I tried installing openwrt on a wrt54g router but it doesn't have enough flash ram and kept failing.


----------



## Phishfry (Dec 19, 2015)

The Atheros drivers work well but there are devices that don't work. I try and help in the pfSense wireless forum and I see that AR9287 is acting up. I feel the best devices are generic laptop modules that use the Atheros reference design(Without bluetooth onboard). I see many TPLink and Netgear Atheros desktop adapters not working. The best bargain Mini PCIe module is AR5BXB112. Apple uses this in their Airport Extreme AP product. It is a 3T3R device and can be had used for around $12US on ebay.

While the Ubiquiti stuff is nice, Is there not questions on their commitment to opensource? If built on the backs of others then shame on them.
http://libertybsd.net/ubiquiti/

Also make sure your device is supported by net/hostapd. The list is limited.


----------



## Phishfry (Dec 19, 2015)

I also can't stress enough how important good pigtails and Antennas are in a DIY rig.
I buy RG178 cables or better and prefer branded antennas.


----------



## aragats (Dec 19, 2015)

Well, you can always buy a good stand-alone wifi router and use it as a hub/switch to your pfSense computer. I prefer (and do) that way since I don't need to worry about the drivers. Also it gives you flexibility in the physical location selection.


----------



## drhowarddrfine (Dec 19, 2015)

So I have pfsense running, both in virtualbox and on my old box and it's time to call it a night. This looks comfortable, cause it's FreeBSD, so I'm good to go.


----------



## Deleted member 9563 (Dec 19, 2015)

drhowarddrfine said:


> I tried installing openwrt on a wrt54g router but it doesn't have enough flash ram and kept failing.



I didn't go and check what OpenWRT needs, but you do know that wrt45g refers to a lot of different routers, right? Ignore version 1 and v1.1, but v2 to 4 all have twice as much memory as v5 and up. (See here.)


----------



## Phishfry (Dec 19, 2015)

I missed that you are talking about an commercial install. You might be pushing it. What is the square footage you want to cover.
You still have not wasted your time as pfSense does Captive Portal well. Can't hurt to try out equipment you already own. If it don't work buy an fancy commercial Access Point.

I agree with OJ in that in the end run the energy savings of an embedded install will probably pay for itself in 3-5 years.


I also enjoy OpenWRT. The Chaos Calmer series has native Intel gigabit LAN support.
They do very respectable things with a 64mb target size
Feels like it was made for a 14 year old router(oh wait it was).


----------



## drhowarddrfine (Dec 19, 2015)

OJ I have v8 and the memory is half of the previous versions and it was pointed out on a thread on the openwrt board that is the reason I can't get it installed.

Phishfry Chaos Calmer doesn't work on wrt54g. I had it working on the wrt1900acs but couldn't get captive portal software to work the way I wanted it. I could get the portal to work for both wifi and lan connections but I didn't want lan connections to be captured. There may have been a way to do that but I didn't have time to mess with it and the openwrt people are no help whatsoever.


----------

