Set up a guest WiFi login solution with an email address / Facebook login for a holiday let building
Hello all,
I'd like to set up a guest WiFi login solution with an email address and/or Facebook login for a holiday let building. there 5 floors and one 2-bedroom apartment on each floor. I'm planning to keep 2 WiFi subscriptions (one is on the 2nd floor and the other is on the 5th floor) from the internet service provider and connect two TP-Link AC1750 Wireless Access Point, Wi-Fi Dual Band with MU-MIMO devices to two current modem/routers supplied by the internet service provider.
Can I mesh these two TP-link devices and create a guest login page with this configuration to collect guest emails and also forward them to our website after they login?
Do I need any extra devices?
Please note I'd like to keep the devices and maintenance to a minimum.
Thank you very much in advance for your help.
Kind regards,
Tarki
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
When I said "two TP-Link AC1750 Wireless Access Point, Wi-Fi Dual Band with MU-MIMO devices" I meant EAP265 HD since this seems like offering "
- Secure Guest Network: Along with multiple authentication options (SMS/Facebook Wi-Fi/ Voucher, etc.) and abundant wireless security technologies."
- Copy Link
- Report Inappropriate Content
Hey
Just to clarify, all the EAP 2x range have MU-MIMO support. The 265 is for a very busy area (50+ clients) and so the 245 may also be of consideration to you and save you some $$/££
In answer to your Mesh question.. Its probably not a MESH in traditional terms you are after, rather a controlled number of access points working together. To do this you would need a Controller online (v4.2.11 recommended), this can be either the software controller if you have a server/pc to run it on. Or a better option is a OC200 controller.
If you cable the 2x EAPs and power up the OC200 you should be able to adopt the 2x EAPs into management. This will allow you to create a SSID for broadcasting however you feel... use the option for a Portal Authentication and choose FACEBOOK, you can then direct new guests to your facebook page or landing page or however you fancy. The controller will handle the rest for you. I dont believe you can use email address unless you have some RADIUS server type authetication, hopefully facebook registration might be an option for you
If you dont want to cable them up, you can indeed use MESH between them (one will need wired, other mode will wireless mesh from it), but obviously this will reduce capacity and throughput by using the WiFi backhaul. I would ideally cable these and go controller managed
What you will need is
2x EAP2xx Access Points
1x OC200 Controller (updated to v4.2.x)
The controller is pretty cheap at around £50 / $70US
Create the SSID first, then setup portal access.
Hopefully that helps??!! :)
Screenshot below, I have mine set for HOTSPOT with VOUCHER CODE ... however facebook is an option
- Copy Link
- Report Inappropriate Content
Hi, thank you so much for your reply!
First I should clarify that there is no server or PC in the building.
When I checked EAP 245's description it doesn't mention the following feature that you see for EAP 265:
- Secure Guest Network: Along with multiple authentication options (SMS/Facebook Wi-Fi/ Voucher, etc.) and abundant wireless security technologies."
Also under this sentence it says: Learn more about Omada Cloud SDN>
https://www.tp-link.com/us/business-networking/ceiling-mount-access-point/eap265-hd/
So, I wonder:
Q1) when you have EAP 265, then maybe you don't need a controller even if you've two EAP 265 access points?
Q2) If you need a controller for two EAP 265s, then would you need a controller even for one AP (one AP might be enough for this building)?
Regarding using email address for getting access to the internet, Q3) Maybe Radius service is provided by Omada?
I found the following article but I'm not sure about it: https://www.tp-link.com/us/support/faq/896/
I'm not intending to verify email addresses by the way. If guests give an invalid email address, they could still use the internet.
Q4) Regardless of the authentication type (Facebook or email address) I'd like to add a separate password for the authentication to stop people from outside of the building connecting to the internet. Is this possible?
Sorry to have many questions but it doesn't seem like I can find this information anywhere. I've been searching all the time.
Thank you very much again!
- Copy Link
- Report Inappropriate Content
Hey
Q1) when you have EAP 265, then maybe you don't need a controller even if you've two EAP 265 access points?
Thats not the case sadly, yes it mentioned as a feature of the 265 because its likely one of its main use cases (high capacity public access) but it will require a controller in place and that is verified by the "learn more about Omada SDN" basically controller.. If you have 2x of these APs they will work as 2x seperate APs unless there is a controller involved. You need a controller for Roaming and Guest / Portal Autheniticaion, those are features no AP can do alone.. sorry!
Q2) If you need a controller for two EAP 265s, then would you need a controller even for one AP (one AP might be enough for this building)?
Depends on what you want to do.. basic WPA2/3 shared key WiFi is likely ok.. if you want management or portal authetication you will need a controller.
In all honesty, these EAPs are designed to be controlled by a controller.. Ubiquiti, Meraki and Rucus etc are all the same, majority of features require a controller.
To clarify, the EAP245 does support Portal Authentication, again with controller (so does the 225). As said portal is a controller feature, not an EAP feature.
Regarding using email address for getting access to the internet, Q3) Maybe Radius service is provided by Omada?
Radius would require a server in place and a controller to allow authentication to to the radius. You can pre-load the email addresses to the Radius server upon customers arriving / checkin but this is not something that can be done dynamically..
Q4) Regardless of the authentication type (Facebook or email address) I'd like to add a separate password for the authentication to stop people from outside of the building connecting to the internet. Is this possible?
Yes when you are creating the SSID you can just set a standard WPA2/3 pre shared key, then add the facebook portal on as a 2nd authentication. However this is quite combersome having the users to authenticate twice (Key and Portal), usually most just leave the WiFi open and use portal authentication. If you have appropiate QOS / rate limits in place then it shouldnt be an issue and the controller will tell you anyone constantly autheticating.. just kick them! Might also be better to consider the voucher code, give them one at check in that last xxx hours. Its up to yourself however..
I would take a look at the OC200 / SDN v4 emulator and have a play with it to get an idea of what you are doing.. that article you posted is a bit old, it was v3 now we are on v4.. Just google the emulator page and fire one up for the V4 SDN controller..
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 5858
Replies: 4
Voters 0
No one has voted for it yet.