Setting up secure network using a shared wifi?

CommuniCat

Active Member
Joined
Feb 9, 2004
Messages
50
#1
I'm hoping someone with better networking experience can confirm that I buy the right gadget to set up a secure (separate) internal network at our new offices.

We are moving into shared offices and included in our rent is access to their wifi.
But I don't want an open network for obvious reasons from a security perspective. Also, we run a file server that is basically open on the network (NasLite).
I'm making the assumption that if I buy this TP-LINK TL-WA855RE 300Mbps Wi-Fi Range Extender (https://www.takealot.com/tp-link-tl-wa855re-300mbps-wi-fi-range-extender/PLID41663443) I'll be able to connect to the existing wifi and then share it to our machines using the "Supports AP mode which creates a new Wi-Fi Access point" function?

Or, I can connect a switch with a network cable to the bottom of this device in this AP mode and create a wired network that will use the TL-WA855RE for internet access but everything else will run wired over a gigabit network. Is my reasoning correct or is there a better way to accomplish what I need?
 

Treschen

Well-Known Member
Joined
Apr 29, 2009
Messages
239
#2
My Advise get and Ubiquiti Access Point, install the controller software on a windows PC. Create secured WiFi network with a pre shared key. Give access to PC and users who needs it.

You pay a bit more but better bang for your buck and more option to control and configure various aspects!!
 

Treschen

Well-Known Member
Joined
Apr 29, 2009
Messages
239
#4
Thanks Treschen. Is this the tech you are talking about: https://www.takealot.com/ubiquiti-u...uUIDXfkfJIuJ4GvDgTAaAlj2EALw_wcB&gclsrc=aw.ds

We are an all Mac office (aside from that Linux server) but I see the controller software runs on Mac just fine. As an aside though, this won't allow us to run a gigabit network between the machines? We move video files around quite a lot.
Similar yes. I would go for Product Code: UB-UAP-AC-LR or similar AP the one in the link seems to be old tech.

If you are using WiFi on machines with 5GHz wifi cards you will get good speed with the above AP (not gigabit), unless you running on cable?.

Perfect the controller software will run on mac as well. They also have a dedicated controller which retails under R2000. You can try dbg.co.za or scoop for this gear.

If you don't come right let me know I will check our stock.
 

SauRoNZA

Honorary Master
Joined
Jul 6, 2010
Messages
32,609
#5
My Advise get and Ubiquiti Access Point, install the controller software on a windows PC. Create secured WiFi network with a pre shared key. Give access to PC and users who needs it.

You pay a bit more but better bang for your buck and more option to control and configure various aspects!!
You would still need something else to connect to their shared network as a client.

OP surely they offer a LAN plug point somewhere so just use that and do your normal network behind it.

However bear in mind you won’t be able to host anything on this kind of setup and will more than likely run into plenty of port conflicts at some point with some things.
 

SauRoNZA

Honorary Master
Joined
Jul 6, 2010
Messages
32,609
#6
Thanks Treschen. Is this the tech you are talking about: https://www.takealot.com/ubiquiti-u...uUIDXfkfJIuJ4GvDgTAaAlj2EALw_wcB&gclsrc=aw.ds

We are an all Mac office (aside from that Linux server) but I see the controller software runs on Mac just fine. As an aside though, this won't allow us to run a gigabit network between the machines? We move video files around quite a lot.
You’ll never have a gigabit network over WiFi.

So you’ll still need a cable network for that.

Or rather rubbing a cable network would be cheaper than upgrading all your client devices to ninja levels of 802.11ac that would be near gigabit.
 

Treschen

Well-Known Member
Joined
Apr 29, 2009
Messages
239
#7
You would still need something else to connect to their shared network as a client.

OP surely they offer a LAN plug point somewhere so just use that and do your normal network behind it.

However bear in mind you won’t be able to host anything on this kind of setup and will more than likely run into plenty of port conflicts at some point with some things.
He should have a seperate network for this requirement. or do some clever routing. Either way there a many ways to skin a cat
 

SauRoNZA

Honorary Master
Joined
Jul 6, 2010
Messages
32,609
#8
He should have a seperate network for this requirement. or do some clever routing. Either way there a many ways to skin a cat
Absolutely.

I just meant you can’t get away with using Ubiquiti only to solve the problem.

Or rather Ubiquiti would be an expensive waste just to be a client.

I would bridge the network with something else and then also roll UBNT behind it.
 

irBosOtter

Expert Member
Joined
Feb 14, 2014
Messages
2,032
#9
Shared wifi and secure network does not exist with this scenario, does that wifi authentication support 802.1x?

Seeing that you all have Mac's, I take it their must be some money to throw around, maybe don't be cheapskate and get your own internet line, not sharing anything with others....
Will be easier to manage.

If you can't then at least see if you could run a cable from your Router/AP to their router at least, bridging a wifi connection should really be your last resort
 

CommuniCat

Active Member
Joined
Feb 9, 2004
Messages
50
#10
Thanks for all of your responses. I've checked the offices and the shared router is behind a dry wall next to our office. That router also has open network ports. So the possibility exists to set up my own device on that side of the dry wall, or bring a cable across from their router. But then I'd still essentially be on "their" network. What I'm trying to figure out is if that TP Link wireless extender I linked to in the original post with this published feature "Supports AP mode which creates a new Wi-Fi Access point" would solve my problem. In my head, what this means is that the wireless extender can be set up to use the existing client wireless network, but that it creates it's own internal network for internal connected devices. Think a separate SSID with it's own IP range and DHCP allocation. Well, that's what I think it does when it is configured in this way. Take this logic one step forwards, then connecting a network cable into the bottom of this device and connecting it to a switch does exactly the same thing, only my connected devices on this will run at full network speed between each other through the switch but at the slower speed for the net connection it's borrowing from the main shared wifi. I'm not sure if I'm explaining myself very well, but essentially I think that TP Link extender has the ability to set up it's own network while still using a separate wifi for net connectivity.
 

DWPTA

Expert Member
Joined
Jul 28, 2006
Messages
3,786
#11
Urg no

As Sauronza has said in his first post. I would get a Mikrotik, lan cable from the shared router to the Mikrotik, either let the MIkrotik get a DHCP from that router or assign a static IP to it and then build your network from there as to trying to connect to their network with the wifi extender and trying to separate it.

But as what Sauronza also said you won't get much out from hosting anything, unless the other company has static IP's and is willing to give one and then do some clever port mapping.

But personally I would put a Mikrotik, or whatever you prefer, between you network and the shared router.
 
Top