Setting up an ISP

warwickw said:
Nope install the line where you want, you actually dont want to use the line as it is firstly too slow, and secondly you have no redundancy. But you need the line to be able to sell SAIX's wholesale services, which is what you want.

Get yourself a server and host it in a good data centre, thats all you need. SAIX will then be able to authorise ADSL users against your radius server, once setup, and the the users will be using SAIX's bandwidth, you just authenticate them and bill them, SAIX provide the bandwidth.

If however you want to provide your own bandwidth as well, then its a much bigger issue, as you will also need an IP Connect, plus good upstream bandwidth, plus mail servers, possibly news server, and all of this will need to be redundant. Basically this is very very expensive.
Click to expand...

Tx for the explanation... so the authentication is done by SAIX... I create a username and pwd of an account on my radius, the end user enters it in his dsl router, and it comes straight to me......i dont need the mcrotikOS to do the authentication...am i correct?

Say I connect this radius server to IS DC..and they give me an account and an IP address, I plug that into the radius server.. is that it?

what do you mean about me providing my own bandwidth? I can just buy it off IS at wholesale rate and resell it by programming my Radius server, isnt it?

This is the scenario: I have half a rack at IS DC, i have my file server in there. I plug in my Radius server just below it with the next IP in range. I want my clients to pay me a fixed monthly fee, and they can get access to my File server via my radius server. once he pays he gets a username and pwd, enters it in his dsl router and voila, he connects..
He is NOT paying for the bandwidth, but only the rights to access my file server, therefore My radius server will only allow him to access the IP on my file server, nowhere else..it's local bandwidth, only.. there is no breaking out to the internet..

Am I going about setting this up the correct way?
 
Tinuva said:
And you probably don't want to use Mikrotik on an ISP level. Its all good and well on wireless towers ect, and maybe at home, but for an ISP you wan't to run something more stable like Cisco routers.
Click to expand...

On the contrary...MicrotikOS on a decent server works just as well, although I do agree with your suggestion that a Cisco router is the obvious choice.. will look into it..
 
Tinuva said:
And you probably don't want to use Mikrotik on an ISP level. Its all good and well on wireless towers ect, and maybe at home, but for an ISP you wan't to run something more stable like Cisco routers.
Click to expand...

Hahahahahahahahahahahahahahahahahahaha!

You don't really understand what RouterOS is do you?
 
hilton said:
Hahahahahahahahahahahahahahahahahahaha!

You don't really understand what RouterOS is do you?
Click to expand...

I don't think he understands the term ISP either! What do you want to do mo_to? Do you want to provide internet access to a group of clients, or provide them with a service hosted on your server. Two very different things.
 
provide a group of our clients (not public) a service hosted on my server via a dedicated ADSL connectivity. They do not pay for the (local) bandwidth to connect to the file server....they pay monthly for the service to access the server..

One company will have say 10 branches. Each branch will have an ADSL line, and an ADSL router, and all of them must use the same username and password to connect to the internet (concurrent connections). The internet access they have is limited to only connect to the static IP which the file server is at. They cannot connect anywhere else.

Hence my reasoning for 'authentication' first on the DSL line, then move it to the Radius Server which will do the controlling of where the client can access, and then it links to my file server.

Why I said ISP, is because I am providing the clients an Internet Service..yet I am limiting them to where they can access..Like some ISP limit some accounts to only local sites only......

Got it now?? Sorry if I did not make myslef clear from the beginning of this thread.
 
Last edited:
mo_to said:
Do please explain Mr Hilton..
Click to expand...

I wasn't suggesting that you don't go the Cisco route as this is by far the tried and tested route. Whether you choose Cisco or RouterOS, neither will be a walk in the park and by stating that it implies that neither are suitable for home use.

RouterOS will get you started quicker with more change in your pocket.
 
hilton said:
I wasn't suggesting that you don't go the Cisco route as this is by far the tried and tested route. Whether you choose Cisco or RouterOS, neither will be a walk in the park and by stating that it implies that neither are suitable for home use.

RouterOS will get you started quicker with more change in your pocket.
Click to expand...

that is exactly the reason why I have chosen to go the RouterOS router as $250 unlimited licence fee + a decent 2u mounted rack PC is considerably cheaper..and I feel more comfortable with PC's than routers.

I just got very confused when your comment was preceded by a roaring laugh, which made me think that maybe I'm overlooking something..
 
mo_to said:
I just got very confused when your comment was preceded by a roaring laugh, which made me think that maybe I'm overlooking something..
Click to expand...

It was directed at the other poster who thought that Mikrotiks were fine for home use..........

Most home users don't know how to set-up a netgear router so I shudder at the thought of explaining masquerade rules to little johnny over the phone.
 
VPN's

mo_to said:
Hence my reasoning for 'authentication' first on the DSL line, then move it to the Radius Server which will do the controlling of where the client can access, and then it links to my file server.

Why I said ISP, is because I am providing the clients an Internet Service..yet I am limiting them to where they can access..Like some ISP limit some accounts to only local sites only......

Got it now?? Sorry if I did not make myslef clear from the beginning of this thread.
Click to expand...

Maybe I am confused -- but this looks like a scenario for VPN's :confused:

Maybe have a look at TELKOMS VPN offerings

Far as I understand this will do what you want without any need for ALL the ISP stuff.

MW
 
lol, tell me about it, we face it everyday..so much so that we've had to have firmware designed to flash on all the routers sold by us, to work on our network..
 
yes, it is a similar thing to VPN, but I need to go the ISP router, as I am not offering to the public now, as it the service will be in BETA, however, after a few tweaks, the service will be available to the public too.. If I piggyback onto another ISP, like many proposed I speak to Axxess, Webafrica, etc, I will be bound by their rules, and it will not look professional (due the the type of service being offered) for my clients to know that I do not have my own backbone...hope u understand the marketing strategy side of it..
 
Marketing

mo_to said:
I will be bound by their rules, and it will not look professional (due the the type of service being offered) for my clients to know that I do not have my own backbone...hope u understand the marketing strategy side of it..
Click to expand...

Yup -- Old Trek OX dressed up as Prime Lamb :D

You can restrict what can be accessed via an ACL on the router -- down to a single IP.

IF you want to do all this --"spoof your own backbone" ie act as an ISP with your OWN rules then I guess you will have to go the BIG BUCK route.

This is a distributed application you are offering -- ie not something that can just be accessed via a "Browser" ????


MW
 
no, it cannot be acces via a browser. I put a device in each clients place which connects to the file server, downloads the info and updates their device. The unit has a LAN port, so they can easily plug is a PC or switch and give everyone internet for free, hence my need to restrict to only my servers IP.

Big bucks route is ok, really, i just need it up at reasonable costs.
 
ACL

mo_to said:
The unit has a LAN port, so they can easily plug is a PC or switch and give everyone internet for free, hence my need to restrict to only my servers IP.
Click to expand...

Like I said -- on a Cisco you can restrict access to an individual IP or MAC address

NO reason why anyone else would be able to get Internet access.


MW
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X