Setup WLAN internet in big building with access control

[ObeyTheDiode]

I am investigating the options to supply access controlled internet access over WIFI to users in a big building (3 floors of ~30 m in length).

1. Hardware
What would be the best way to go here? A 'standard' router with a repeater on each floor?
Are there more beefy routers dedicated for this type of applications?

2. Access control
The internet will be installed in a hostel with access reserved for employees of my company staying there. Apart from simple password protection and MAC filtering (not ideal) are there access control mechanisms that exist as part of router firmware?
I don't really want to install an external server for this purpose but it would be desirable to have some sort of login for users to be able to trace who did what (this setup would be in Germany and they actually fine the pirates (eventually)). Controlling access just by a network password would eventually lead to it being leaked...It would be best to have a setup that just needs to be installed properly once and left to work (since physical access to the building is not always given).

I would appreciate input from people with experience with this.

Thanks.

 

[agentrfr]

Have multiple Wireless Access points all hooked to a central cabled network with one [1] DHCP host. The APs don't really matter, they all do the same job. Nothing fancy. Have a password protected network, make sure all APs have the same SSID and password. Next, set up a small always on PC to act as a proxy different to the assigned gateway by the DHCP (have the assigned gateway be fake). This will throw off 95% of the people you don't want connecting. Now set up an additional username and pass to authenticate users on the proxy. Any old PC running windows or linux can do it. Heck, an old laptop could do it.

Something like this: http://www.cyberciti.biz/tips/linux-unix-squid-proxy-server-authentication.html

Or you could hire out a network specialist. It wont take him/her more than an hour to set up.

Job done

 

[ObeyTheDiode]

I just had a look at this: http://www.linuxplanet.com/linuxplanet/tutorials/6701/1/

There are also some services like worldspot.net that seem promising for my application because it would provide a means for me to cover the costs without hassling people (don't ask why the company can't just pay this...).

Any opinion on the above?

 

[koeksGHT]

I agree with what agentrfr said above.

Make sure you connect all the different wifi routers together with a cable and not repeating as this will drastically decrease the overall throughput and ping of the network. Also select the correct channels(1 to 11 or depending) so the routers don't create dead spots with the signals.

Best bet would to be to have a linux server acting as a gateway and controlling access to the internet.