Right, the history behind it all.
3.5 Years ago, I started working for a hotel in Sandton.
When I started working there, the place was in a dire situation. The local LAN was in a state where everyone would hope by arriving for work the next day, everything would still be working. The AD/DC and file storage server was a entry level blade with 2 x 250Gb RAID 1 setup, one drive dead and a lost admin password. Took us several months to basically rebuild the entire setup, new HP DL380 servers and brand new domain.
Part of this dire situation was a mess of 2 somewhat functional Wifi networks. One was ran over 3 x 4Gb ADSL lines bonded(very reputable IT Company is SA), the other one was sitting on a 10Mb Fiber line(small 5 people home office type setup). Both places utilize configurations of large outdoor antennas placed on edges of 50m buildings. 2 Problems here. Rooms in the center of the wall has little to no signal because of distance/tonnes of concrete in the way, secondly 2 antennas covering 50 odd rooms per wall creates huge congestion issues. Our complaints lists was massive. So to the drawing board we go and decide it's time to part ways with both. BTW, 10Mb Fiber is our own, which at the time we upped to 30Mb.
I suggest a setup of strategically placed switches hardwired to oodles of AP's, placed in such a manner that no matter which direction you go, 8m from one AP is the next one. Coverage sorted. Signed off, I am ready. Through other daily tasks 6 months later I laid 4.5km of CAT5 cable, mounted 110 PoE AP's, 6 x 9U cabinets with switches, patch and brush panels & UPSed for Loadshedding/Generator on time cover. We pull in a suggested company to handle the routing/billing side for us. Things go well, until this company's abilities fail dismally and our complaints start to rise. At this point i have resigned at the company, started my own business and they now become my client. Someone clever decides best way forward is to buy a Mirkotik router and have that programmed with the 5 people home office guys to handle the routing etc. I arrive one day at the client, get the router stuffed in my hands to make due. What a nightmare. I don't doubt Mikrotik's abilities, but damn their software is difficult to get your head around.
Last year our 30Mb starts hitting fair usage policies around the 14th of each month. December 2014 we pull out the stops and go 100Mb 1:1. Things go well for a while, until we start hitting fair usage policies again around 20th each month now.
Several weeks ago I'm tasked to look into the problem and fix it. Ever since I worked for them my plans were to bring all sides of IT in house. So I set my mind to it and go. Lots of reading and research. I learn in the meanwhile the Mikrotik is not able to handle the load it receives. This explains many issues. Over the years I've had meeting on meeting with all kinds of people, options are expensive. So I look into free ways. Some research brings me onto this list.
Captive Portal Software
With my experience in the matter, I'm sifting through and looking for easy options, skipping anything command line and looking difficult. I work into many of the options and for a while get stuck into Zeroshell. Now Zeroshell seems to have some features, but lacks one thing we really need, customization of the landing page where the guest would authenticate. Keeping in mind, I know nothing about web design either, so I'm really drowning here. Struggling with ZS for a while and on the side running 2-3 other options, I was looking for an image of something and I stroll across one of the options I skipped, pfsense. For some reason, everytime I come across pfsense I skip it because it looks pure command line. Until I actually start looking into it.
Just WoW. I figure out the little FreeBSD derivative uses the same interface and pretty much everything else Mweb uses for their Managed Internet Gateway, plus boat loads of other features. I download the 99mb package, grab a 4 NIC HP Blade server, drop in an SSD and install. 2 minutes later it boots from the SSD and I'm ready to go.
4 x 20 hour days later, lots of reading up, homework, testing, breaking it FUBAR and starting fresh I switch the Mikrotik off and pfsense on. 1 hour in I have 421 people online, user control and limitations in place all user browse happily with minimal input required to log on and best part of it all, my 100Mb is not abused any more, most traffic concurrently was pushing 11mb on the 100Mb line. Piggy's in cow poop can not be this happy.
During all this, I have learned much about routing, some bits about designing a webpage and putting it all together to make my previous work shine even more.
I urge you, you got an old PC sitting around doing nothing, drop an extra nic and pfsense in it and just start playing with it. Seriously powerful stuff even if you just use it to better maintain your home connections. on a side note, here is what I used, all software free entirely.
HP DL160 server(Xeon 5405 2.0GHz, 4Gb RAM), 60Gb SSD
pfsense
For the web page design, both packages a few years old, but did the job for me and should be good for any beginner, just like me.
NVu and Kompozer
Quite a bit of reading over the last 3 days gave me more options and ideas. Fluid web design, plug-inn's for pfsense to give it more functionality, heaps of more tips and tricks.
After I've had some sleep, I'll add another post with links and notes for anyone who would like to work on or try out a similar project.
3.5 Years ago, I started working for a hotel in Sandton.
When I started working there, the place was in a dire situation. The local LAN was in a state where everyone would hope by arriving for work the next day, everything would still be working. The AD/DC and file storage server was a entry level blade with 2 x 250Gb RAID 1 setup, one drive dead and a lost admin password. Took us several months to basically rebuild the entire setup, new HP DL380 servers and brand new domain.
Part of this dire situation was a mess of 2 somewhat functional Wifi networks. One was ran over 3 x 4Gb ADSL lines bonded(very reputable IT Company is SA), the other one was sitting on a 10Mb Fiber line(small 5 people home office type setup). Both places utilize configurations of large outdoor antennas placed on edges of 50m buildings. 2 Problems here. Rooms in the center of the wall has little to no signal because of distance/tonnes of concrete in the way, secondly 2 antennas covering 50 odd rooms per wall creates huge congestion issues. Our complaints lists was massive. So to the drawing board we go and decide it's time to part ways with both. BTW, 10Mb Fiber is our own, which at the time we upped to 30Mb.
I suggest a setup of strategically placed switches hardwired to oodles of AP's, placed in such a manner that no matter which direction you go, 8m from one AP is the next one. Coverage sorted. Signed off, I am ready. Through other daily tasks 6 months later I laid 4.5km of CAT5 cable, mounted 110 PoE AP's, 6 x 9U cabinets with switches, patch and brush panels & UPSed for Loadshedding/Generator on time cover. We pull in a suggested company to handle the routing/billing side for us. Things go well, until this company's abilities fail dismally and our complaints start to rise. At this point i have resigned at the company, started my own business and they now become my client. Someone clever decides best way forward is to buy a Mirkotik router and have that programmed with the 5 people home office guys to handle the routing etc. I arrive one day at the client, get the router stuffed in my hands to make due. What a nightmare. I don't doubt Mikrotik's abilities, but damn their software is difficult to get your head around.
Last year our 30Mb starts hitting fair usage policies around the 14th of each month. December 2014 we pull out the stops and go 100Mb 1:1. Things go well for a while, until we start hitting fair usage policies again around 20th each month now.
Several weeks ago I'm tasked to look into the problem and fix it. Ever since I worked for them my plans were to bring all sides of IT in house. So I set my mind to it and go. Lots of reading and research. I learn in the meanwhile the Mikrotik is not able to handle the load it receives. This explains many issues. Over the years I've had meeting on meeting with all kinds of people, options are expensive. So I look into free ways. Some research brings me onto this list.
Captive Portal Software
With my experience in the matter, I'm sifting through and looking for easy options, skipping anything command line and looking difficult. I work into many of the options and for a while get stuck into Zeroshell. Now Zeroshell seems to have some features, but lacks one thing we really need, customization of the landing page where the guest would authenticate. Keeping in mind, I know nothing about web design either, so I'm really drowning here. Struggling with ZS for a while and on the side running 2-3 other options, I was looking for an image of something and I stroll across one of the options I skipped, pfsense. For some reason, everytime I come across pfsense I skip it because it looks pure command line. Until I actually start looking into it.
Just WoW. I figure out the little FreeBSD derivative uses the same interface and pretty much everything else Mweb uses for their Managed Internet Gateway, plus boat loads of other features. I download the 99mb package, grab a 4 NIC HP Blade server, drop in an SSD and install. 2 minutes later it boots from the SSD and I'm ready to go.
4 x 20 hour days later, lots of reading up, homework, testing, breaking it FUBAR and starting fresh I switch the Mikrotik off and pfsense on. 1 hour in I have 421 people online, user control and limitations in place all user browse happily with minimal input required to log on and best part of it all, my 100Mb is not abused any more, most traffic concurrently was pushing 11mb on the 100Mb line. Piggy's in cow poop can not be this happy.
During all this, I have learned much about routing, some bits about designing a webpage and putting it all together to make my previous work shine even more.
I urge you, you got an old PC sitting around doing nothing, drop an extra nic and pfsense in it and just start playing with it. Seriously powerful stuff even if you just use it to better maintain your home connections. on a side note, here is what I used, all software free entirely.
HP DL160 server(Xeon 5405 2.0GHz, 4Gb RAM), 60Gb SSD
pfsense
For the web page design, both packages a few years old, but did the job for me and should be good for any beginner, just like me.
NVu and Kompozer
Quite a bit of reading over the last 3 days gave me more options and ideas. Fluid web design, plug-inn's for pfsense to give it more functionality, heaps of more tips and tricks.
After I've had some sleep, I'll add another post with links and notes for anyone who would like to work on or try out a similar project.
Last edited:
