Authentication

We are a fairly new WISP, and we are about to start deploying Canopy equipment. We want our customers to be able to have a public IP; but the way it’s set up now, there’s nothing to prevent them from hooking the SM into a switch and then giving 10 or 15 computers all their own public IP. I need a way to only allow 1 public IP on the other side of each SM. Any ideas?

Any help is greatly appreciated.

You could do what I have done and put a router on my end with a DHCP server supplying private addresses to the customers and hand out public ip’s to the customers that really need them. or don’t use a DHCP server at all and just assign ip,s statically.

attitude0330 wrote:
You could do what I have done and put a router on my end with a DHCP server supplying private addresses to the customers and hand out public ip's to the customers that really need them. or don't use a DHCP server at all and just assign ip,s statically.

1) I want customers to have a public IP.
2) How does that prevent them from plugging their SM into a switch along with 2 computers?

If you assign static ip’s no two computers on the same network can have the same address Without a DHCP server what is going to assign the second computer it’s address?

attitude0330 wrote:
If you assign static ip's no two computers on the same network can have the same address Without a DHCP server what is going to assign the second computer it's address?


DHCP <---> AP <--> SM <--> Switch
Two computers plugged into the switch, both will get an IP from the DHCP server. I don't want this. Besides, they wouldn't have to hit the DHCP server at all...they could just type in the IP static so long as they picked one nobody currently had.

What are you using for your DHCP server? I use a router not the kind you buy at walmart a real router. I can assign a specific ip address to a certain mac address so that only that mac address can use that ip address. Does that help?

There is a box I am currently looking at called a Bandwidth Control Unit (BCU). It is made by Terrabeam Wireless (formerly YDI). I’ve seen a couple of different ways of doing this, via a box or software on a server. It will allow you to do MAC address filtering for the computers or routers at your clients locations.

Basically if the clients MAC address is not in your database, then it would not get through to your DHCP server, or your ISP’s server to get a public IP. With these boxes or software suites, you can also manage the through-put to the internet.

This would also be handy for any clients who are not paying their bills, as you can just disable the MAC of their equipment put still have access to the radio for any maintance.

Now nothing is stopping the client of putting in a “Wal-Mart” router and getting multiple computers across the connection, but it would only be one public IP they would get.