I'm trying to make WiFi hotspot for customers and keep our company network separated. I'm thinking of using mikrotik devices for this reason. The idea is to make every customer connect for maximum 1 hour. Other requirement is that we have to use tablet that is connected to private network as well.
Here are different ways how I think this could work:
1) The first idea was to connect mikrotik public router and private office switch to modem. Then (somehow) connect router to switch for reasons of router settings. Then make VAP for tablet with ability to connect to private network ( in case vap has some option minimal bandwith because even with 200 users connected table must work) PC in office would connect to router over switch and my app would dynamically create WiFi users.
2) Next is that I would use second router for private network but I would still need connection to mikrotik router over switch.
3) I would buy bigger mikrotik switch and connect only some cheaper WiFi access point the connect. Switch would have separated subnets.
Next question is how secure can I make private AP? Is Mac filtering and hidden ssid enough?
Also should I generate 2000 users at once and enable/disable them dynamically or generate users dynamically?
And is in mikrotik some option to limit time connection is valid? And not just actual login time?
You can use Mikrotik devices for this reason. About security, you can use isolation+WPA2/AES+MAC Filtering+Hotspot authentication together, but for Hotspots with public access, there's solutions to use short messages on mobile phone authentication i think it's more useful.
Related
I want to send data(I think I can achieve it sending http requests) between two ESP's that are connected to the same LAN. I don't want to use one as an access point! I have one esp that is acting as a homekit device, and I want to send data(for example, sensor readings) to it from another esp. I've seen many tutorials where one device is acting as an access point, but that's not what I need. I also don't really need to access the esp data directly from my laptop, so I believe I don't need the html page. I would appreciate any help, code, or any existing tutorials, because I didn't find a single one.
Configuring one ESP as an AP is only done for convenience. You can configure both of them in STA (station) mode and they will connect to, e.g. your phone hotspot or your wifi router.
Connected to the same hotspot, they are on the same network, and they will be able to communicate with each other (unless the hotspot is configured to not allow this ... ). The tricky part will most likely be for the "client" to determine the IP address of the "server" in order to create the connection.
If you have admin access to the hotspot, you can cheat and hard code the IP addresses (assuming that the hotspot will assign the same IP address to the device the next time it sees it.)
It's also not difficult to use mdns (aka bonjour), which allows a network device to assign itself a local hostname. So you can name one ESP ("myserver") which allows the ESP running the client code to connect to "http://myserver.local"
I would like to understand it is possible to switch the ESP8266 connection between the cloud and WiFi LAN.
There are two paths to control the sonoff switch, connected to a wifi router. In case the phone is connected to the router, Path 1 acts as LAN network and ESP8266 can be controlled even without internet. In case I am not at home and would like to control the switch remotely via cloud, path 2 would be followed. Thus, I could get the best of both worlds.
From all the examples that i have seen so far ESP8266 could be operated in only one mode at one point of time, either Lan or cloud (both via the WiFi router).
So kindly help me with the switching code/logic, that will wait to work upon the commands provided via LAN mode if there are none left. Now it should work upon the instructions after switching to cloud mode and finally return to LAN mode after sometime and so on.
For security reasons your Sonoff device should not be reachable from the internet directly - ever. It should only be accessible within your local (home) network. That's your path 1.
To enable path 2 - without affecting the Sonoff device at all - you need a way to build a VPN from your smartphone to your local network. For the node it will look like all traffic is coming from your local network even though you are actually connecting into it from remote.
A fairly simple and cost-effective way to achieve this is to run PiVPN on a Raspberry Pi. See e.g. this video for instructions: https://www.youtube.com/watch?v=15VjDVCISj0
Hi! Asked this question on many forums and nobody could answer me so PLEASE help!
I have Android device connected to Linux device via USB tethering.
On Android device I have front-end(html, js, css) browser app and on Linux device I have back-end(node.js).
There is a socket connection between front-end and back-end with defined IP:PORT.
Androids gateway is Linux device. Linux device is connected to local network.
When Android device is connected to Linux device, Linux device initializes new network interface called usb0 with static IP address.
Sockets are based on that network IP that is same on every instance of front-end+back-end devices.
I have more than 5 instances of same front-end+back-end devices connected to local network.
Is there a way to somehow find the back-end device IP address without setting it static?
My problem starts when starting all devices at the same time. Sometimes Android device in instance 1 connects to Linux device from other instance and I want to prevent that by not connection to usb0 with Android but to eth0 DHCP of Linux device. I can never know which IP address will be on Linux device but front-end app needs a IP:PORT to connect.
PORT is defined so the string for connecting is {IP + ":3000"}
I know I can see all the IP addresses on network with arp or similar but I need to do that automatic in front-end app on app start up.
I want to find first device IP address that android device is connected to. That is always a front-ends pair Linux device.
Or if it is not possible to prevent Android device to be able to connect another instance with IP tables on Linux device.
P.S I know that Android is also Linux but someone who wants to answer will know what I'm talking about.
Here is a solution describing how to listen for tethering state changes:
First you need to be familiar with BroadcastReceiver. You can find a lot of tutorials describing in great detail how this works (try googling how to listen for connectivity changes in Android).
In order to get the Tethering state update, you need to use a hidden filter action of Android (see ConnectivityManager) and in your BroadcastReceiver class:
IntentFilter filter = new IntentFilter("android.net.conn.TETHER_STATE_CHANGED");
then register the filter to your BroadcastReceiver:
myApplicationContext.registerReceiver(this, filter);
In your onReceive(final Context context, final Intent intent) method, the Intent.extras information contains 3 arrays filled with the corresponding tethered network interface:
erroredArray / availableArray / activeArray
It's a little bit tricky but you can get the tethering status information.
In addition, you can do some reflexion on a hidden function of Android code:
Search for getTetherableIfaces() in the Connectivity Manager.
Here is a link: https://github.com/android/platform_frameworks_base/blob/master/core/java/android/net/ConnectivityManager.java#L1604
Well the situation may seem to be complex but here it is.
I have a computer X. It is connected to gateway 1. Another computer Y is connected to gateway 2. Gateway 1 and 2 are themselves connected to a super gateway G which is connected to Internet.
This is actually the setup of my college network. The college uses a gateway (G) to distribute IPs to hostel rooms (Each room gets one IP). Since I have 2 computer (My PC and my Raspberry Pi (X)), I need to use a network switch (gateway 1) to connect to internet. Similarly my friend in the adjacent room has a network switch which connects his laptop (Y). The Raspberry Pi (X) has LAMP server and the laptop Y wants to access its content. How is this possible? What address should be entered in the web browser? How will the browser know which address does it points to?
Another question is : If I directly connect my laptop to Gateway G, then I have to login first to access the Internet. Can I setup my network switch in such a way that it automatically logs into the Gateway G so that I don't have to login when my computers are connected? My network switch is D-Link model AES-1005A.
First, a switch is not a gateway (router). There is a big difference. Each device you connect to your switch is getting its own IP address from DHCP, else it wouldn't work.
You don't get one IP address per room since that is not how DHCP works, There may be a switch between Router G and your rooms that limits the number of MAC addresses per port. If that is the case, you are out of luck, otherwise your friend should try to connect to the address assigned to your Pi by DHCP.
Network switches only operate at layer-2, so any upper-layer protocols like the login are completely transparent to it, and you cannot have it log in for you. Your Pi may actually need to log in, too, to get an IP address from DHCP.
You seem to be trying to bypass the network policies or security of a network that doesn't belong to you. In many jurisdictions, this is a crime (usually, a felony), so you should tread very carefully.
Also, since this doesn't involve programming, it is actually off-topic here, and you should really ask on Super User.
im wondering if it's possible to create p2p chat application without server(so there is no need in external static ip.Is it true?)?
EddieC is right if the computers are located inside the same sub-network (LAN) or if the computers'ip is their interface to the Internet (WAN public ip). In that case, you can just use the ip's and ports directly.
However, usually, knowing the computers ip is not enough because the machines are located behind routers inside sub-networks. Thus, because the computers are hidden behind the routers, you will have to configure the routers to foward the packets to the right computers as function of the ports used.
Have a look at : http://wiki.vuze.com/w/Port_forwarding
If you do not want to use ip's because they are dynamic, you can configure urls with Dynamic DNS services.
Good luck
It is possible. But you must have someway for one computer to tell the other computer what their IP number is. You could email it to your friend or call them on the phone or post it on a message board.
If this program only has to work on a local network (LAN), there is something called broadcasting which might be of interest to you. It allows a packet to be sent out to every device on the network without having to know their IPs (then other instances of your program could reply with the IP of their machines so you could set up proper connections).
This won't work over the internet, though (imagine being able to broadcast to every computer connected to the internet!).