How to quickly deploy HotSpot with the requirements of the laws of the Russian Federation?
UPD: Telegram chat to discuss equipment Zyxel @zyxelru tg.guru/zyxelru
Imagine that you are the owner of a network of small coffee houses. You need to release clients on the Internet, taking into account the requirements of the law on identification.
And since your business is a public catering, you probably do not have extensive knowledge of IT. Yes, and time to deploy, as always, no. The sooner we open a cafe - the greater the profit.
The fastest way to bring up public Wi-Fi that I found.
We deploy Wi-Fi for customers in our coffee shop.
Minimum settings are made. The remaining various settings are already to your taste and needs.
1. We buy a Wi-Fi point Zyxel with support for Nebula
2. We mount the point on the ceiling / wall.
3. Connect to an existing router
The new point will receive the previously created config.
Well, where is it even easier?
For comparison, an hour-long recording of a Roman Kozlov webinar how to raise a hotspot on Mikrotik .
Today it is fashionable to call technologies “Cloudy” even if they have nothing to do with clouds (“stone” towards Mikrotik CCR) , devaluing the real technology that the concept of “cloud” hides.
Nebula pure water SDN network controller, which is provided to you as a service ( SaaS ).
Zyxel has developed a controller that provides you with a logical and understandable interface for setting up and monitoring equipment. At the same time, the devices themselves receive a clean config with already calculated data. That is, with the same hardware inside the network device is more effective, since it itself does not recount the parameters (the same routes).
Typically, this approach is implemented in large data centers and the solutions they implement do not cost a lot of money. But for medium and small businesses, such a model can be just as useful and not so expensive.
In Mikrotik, to configure the controller, you need to go through seven circles of hell . Moreover, none of the existing standards for seamless roaming (802.11 k / v / r) Mikrotik does not support ... At least neither in wiki.mikrotik.com, nor in the Winbox interface found such settings.
In Zyxel, these protocols are enabled at the click of a button.
More about roaming protocols is well described in this article.
In our context, eternal free is enough . When registering my points, the PRO license also flew until 2022.
It’s not uncommon to hear that someone is afraid to use the Nebula cloud: “And fpruh will spy sweeps.”
But no one complains about AWS cloud services. Entire companies keep mail on gmail and yandex. Modern mobile phones lose their functionality without being tied to the cloud ...
Therefore, to be afraid that someone will block something with Nebula, given that only the configs of your network are stored there, is somehow silly.
Nebula is constantly evolving.
In fact, part of the work that the network administrator must configure and maintain the equipment was performed by Zyxel and provides it as a service. In our case, we paid only the cost of the equipment.
Setting up glands in conjunction with Nebula is very simple. You do not need to score 100500 parameters to enable real seamless roaming.
With growing needs, this infrastructure can be easily developed. For example, if you have a need to filter traffic, then Nebula for Wi-Fi can always be replaced with Zyxel ZyWALL \ USG series .
I ask you to ask questions on the article and discuss this and other hardware from Zyxel on the channel in Telegram @zyxelru. By the way, after the release of my previous articleofficial representatives of Zyxel Russia appeared on the channel.
If you know other quick and cheap methods for deploying HotSpot - share in the comments.
Imagine that you are the owner of a network of small coffee houses. You need to release clients on the Internet, taking into account the requirements of the law on identification.
And since your business is a public catering, you probably do not have extensive knowledge of IT. Yes, and time to deploy, as always, no. The sooner we open a cafe - the greater the profit.
The fastest way to bring up public Wi-Fi that I found.
We deploy Wi-Fi for customers in our coffee shop.
In the first institution:
1. We buy Wi-Fi point Zyxel with support for Nebula
on Yandex.Market from 5000 rubles .
For 20 seats, I would take the NWA1123-AC .
If your cafe is in the city center with dense buildings and a huge number of Wi-Fi routers around, then you should pay attention to the WAC6303D-S model with a smart antenna.
Do not forget to choose a power supply, or PoE injector
For 20 seats, I would take the NWA1123-AC .
If your cafe is in the city center with dense buildings and a huge number of Wi-Fi routers around, then you should pay attention to the WAC6303D-S model with a smart antenna.
Do not forget to choose a power supply, or PoE injector
2. Mount the point on the ceiling / wall.
Or just throw on the table, as I watched at IL Patio in Novosibirsk
3. Connect to an existing router
which automatically distributes addresses (DHCP). The vendor of the router does not matter.
4. Register at https://nebula.zyxel.com/
5. Using the wizard, we create an organization.
6. We bind the device by entering only its serial number and poppy. You can have several at once.
7. Set up Wi-Fi for the main network.
8. Authorization of clients so far by clicking I agree, we will complete the full setup later
9. Go to the control panel
10. We register on a service that provides identification of your customers by phone number.
By search gives them dofiga. I tried the service global-hotspot.ru. They give 10 days to test, which is enough for me to write an article. According to the instructions, I received a link that will come in handy later.
A feature of this service is a non-standard way of identifying an incoming call.
That is, after entering the number in a special form, the client is offered to call from his number to the free number 8-800. The system sees the subscriber number and resets the call.
Subscription fee from 700 rubles per month. Limitations on the number of points I did not see.
A feature of this service is a non-standard way of identifying an incoming call.
That is, after entering the number in a special form, the client is offered to call from his number to the free number 8-800. The system sees the subscriber number and resets the call.
Subscription fee from 700 rubles per month. Limitations on the number of points I did not see.
11. Set up guest Wi-Fi
Go to Nebula in AP -> Configuration -> SSIDs -> Edit on the selected network.
Choose Click-to-continue and enable seamless roaming. Assisted roaming.
By the way, here you can limit the speed of each specific client so that one person does not occupy the entire channel.
Choose Click-to-continue and enable seamless roaming. Assisted roaming.
By the way, here you can limit the speed of each specific client so that one person does not occupy the entire channel.
12. Set up a captive portal.
Now the point will absorb the generated config and in a few minutes it will be possible to use Wi-Fi. We go to the authorization portal setting.
We enable the use of an external portal and insert the previously received link.
In the “To promotion URL” field, you can specify the page that will be opened to the client after successful identification, for example, the institution menu.
We enable the use of an external portal and insert the previously received link.
In the “To promotion URL” field, you can specify the page that will be opened to the client after successful identification, for example, the institution menu.
Minimum settings are made. The remaining various settings are already to your taste and needs.
In other institutions:
1. We buy a Wi-Fi point Zyxel with support for Nebula
2. We mount the point on the ceiling / wall.
3. Connect to an existing router
4. Add new points to Nebula
Either through the site
or from a mobile application
or from a mobile application
The new point will receive the previously created config.
Well, where is it even easier?
For comparison, an hour-long recording of a Roman Kozlov webinar how to raise a hotspot on Mikrotik .
How is this magic possible?
Today it is fashionable to call technologies “Cloudy” even if they have nothing to do with clouds (“stone” towards Mikrotik CCR) , devaluing the real technology that the concept of “cloud” hides.
Nebula pure water SDN network controller, which is provided to you as a service ( SaaS ).
A software-defined network or software-defined networking (SDN) is a data network in which the network control layer is separated from data transmission devices and is implemented programmatically. One form of network virtualization. © Wikipedia
Zyxel has developed a controller that provides you with a logical and understandable interface for setting up and monitoring equipment. At the same time, the devices themselves receive a clean config with already calculated data. That is, with the same hardware inside the network device is more effective, since it itself does not recount the parameters (the same routes).
Typically, this approach is implemented in large data centers and the solutions they implement do not cost a lot of money. But for medium and small businesses, such a model can be just as useful and not so expensive.
Seamless roaming
In Mikrotik, to configure the controller, you need to go through seven circles of hell . Moreover, none of the existing standards for seamless roaming (802.11 k / v / r) Mikrotik does not support ... At least neither in wiki.mikrotik.com, nor in the Winbox interface found such settings.
Unfortunately, but Mikrotik is still far behind Wi-Fi from other vendors.
TapuNet - Mikrotik hap ac2; Zyxel-5G - NWA5123-AC HD. Physically stand in one place.
Mikrotik hap ac2 - 2.5 dBi 2x2 MIMO
Zyxel NWA5123-AC HD - 3 dBi 3x3 MIMO
Mikrotik hap ac2 - 2.5 dBi 2x2 MIMO
Zyxel NWA5123-AC HD - 3 dBi 3x3 MIMO
In Zyxel, these protocols are enabled at the click of a button.
More about roaming protocols is well described in this article.
License for Nebula
In our context, eternal free is enough . When registering my points, the PRO license also flew until 2022.
Cloud security
It’s not uncommon to hear that someone is afraid to use the Nebula cloud: “And fpruh will spy sweeps.”
But no one complains about AWS cloud services. Entire companies keep mail on gmail and yandex. Modern mobile phones lose their functionality without being tied to the cloud ...
Therefore, to be afraid that someone will block something with Nebula, given that only the configs of your network are stored there, is somehow silly.
Nebula is constantly evolving.
While I was writing this article, control of device firmware appeared in nebula. which allows you to quickly eliminate the detected vulnerabilities.
Do not forget that Zyxel is a world-class company that monitors its reputation.Conclusion
In fact, part of the work that the network administrator must configure and maintain the equipment was performed by Zyxel and provides it as a service. In our case, we paid only the cost of the equipment.
Setting up glands in conjunction with Nebula is very simple. You do not need to score 100500 parameters to enable real seamless roaming.
With growing needs, this infrastructure can be easily developed. For example, if you have a need to filter traffic, then Nebula for Wi-Fi can always be replaced with Zyxel ZyWALL \ USG series .
I ask you to ask questions on the article and discuss this and other hardware from Zyxel on the channel in Telegram @zyxelru. By the way, after the release of my previous articleofficial representatives of Zyxel Russia appeared on the channel.
If you know other quick and cheap methods for deploying HotSpot - share in the comments.