Gargoyle router in front of UniFi Controller
Posted: Mon Apr 14, 2014 11:05 pm
I've inherited responsibility for a service providing free wifi to a businesses customers.
It's using UniFi Controller on a WinXP PC connected via a MicroTik router over PoE to six PicoStation M2s. Clients just need the WPA/WPA2 passkey - no captive portal or guest settings. So the network isn't secure - guests can theoretically access both the businesses office PCs and each others. They can also torrent and do whatever they want and stuff isn't properly logged so the business may be on the hook for customers activities.
The MicroTik is virtually unconfigured at the moment. I'm certain the MicroTik can be configured to filter out torrenting and add a download quota but I'm also certain I don't have the knowledge to configure it.
I'm thinking of replacing the MicroTik with a Gargoyle Router mostly because I can configure one and letting it implement a daily download quota and filter content by using the force clients to use router DNS option and setting up OpenDNS with filtered resolvers. I know it's not going to kill all torrenting but it'll stop the laymen. Then using UniFi to enable guest policies and a captive portal that just lets people know they have a download limit and torrenting is blocked.
Questions:
- Will there be any compatibility issues?
- Is there a chance someone will be assigned a used up IP address and be limited unfairly and if so how could it be resolved?
- Are there better/smarter options that don't require me having to learn a buttload about routers/firewalls?
It's using UniFi Controller on a WinXP PC connected via a MicroTik router over PoE to six PicoStation M2s. Clients just need the WPA/WPA2 passkey - no captive portal or guest settings. So the network isn't secure - guests can theoretically access both the businesses office PCs and each others. They can also torrent and do whatever they want and stuff isn't properly logged so the business may be on the hook for customers activities.
The MicroTik is virtually unconfigured at the moment. I'm certain the MicroTik can be configured to filter out torrenting and add a download quota but I'm also certain I don't have the knowledge to configure it.
I'm thinking of replacing the MicroTik with a Gargoyle Router mostly because I can configure one and letting it implement a daily download quota and filter content by using the force clients to use router DNS option and setting up OpenDNS with filtered resolvers. I know it's not going to kill all torrenting but it'll stop the laymen. Then using UniFi to enable guest policies and a captive portal that just lets people know they have a download limit and torrenting is blocked.
Questions:
- Will there be any compatibility issues?
- Is there a chance someone will be assigned a used up IP address and be limited unfairly and if so how could it be resolved?
- Are there better/smarter options that don't require me having to learn a buttload about routers/firewalls?