In the corporate environment, WiFi performs an increasingly noticeable function and plays an ever-increasing role. A smartphone or tablet can be connected to WiFi, but it is much more important, a corporate phone, a mobile data collection terminal or an online cashier for receiving payments and print checks. Well, if the scope of the WiFi network is small, and you can do an ordinary inexpensive point of access, but you can do how to be if a wireless connection needs to cover thousands of square meters on several floors? Options definitely have.
Firstly, You can "apply" a set of WiFi networks on a set of autonomous access points. The option is bad because such economy is difficult and inconvenient to manageWhen moving through the territory of the enterprise, some mobile devices will have to switch between these networks manually, and, most importantly, all this will have to explain to users who are not always well understood in IT, and simply unable to absorb these wisdom. Plus, such a decision has only one: it is cheap.
Secondly, can to broadcast one WiFi network using the same type of stand-alone access points with WDS technology. The main minus of such a solution is that the overwhelming, absolute and unconditional majority of more or less affordable (up to 300 USD) access points of popular vendors work ugly in WDS mode. Broadcasting may disappear and restored, connectivity between the main and dependent access points will be disturbed, and mobile devices will lose touch and, together with it, their functional characteristics. So it is better to leave this option for real samurai.
An ideologically and technologically correct option is considered to use the controller and dependent access points. It is this option that is called "seamless WiFi". Its essence is that one centralized controller device can be the point of access points. Controller:
- monitors the state of the subordinate access points, the load on them;
- adjusts the signal power and bandwidth depending on the number of customers and the nature of their work;
- independently restores maintenance-free due to the failures of the region's equipment by increasing the coverage area from near access points;
- provides web authentication and dynamic accounts for realization of the so-called. "Guest Access" (for some controllers, options like printers to generate and print temporary user accounting data);
- provides quick roaming, with which you can freely move, for example, with a wifi-phone between the coverage zones of different access points, without interrupting the conversation and without watching any connection interruptions. The controller at the same time "rams" to your device signal from the closest access point.
Modern controllers allow you to connect WiFi access points in repeater mode (so-called MESH technology) without a cable connection to the network, and also provide integration with adjacent IT systems (for example, Active Directory, geolocation services, etc.).
What to build seamless Wi-Fi
In our catalog of solutions, options for household, corporate and sectoral WiFi solutions are already scrupulously selected and described :. And if you go "by top", then the most successful options for seamless Wi-Fi on the market are represented by the following vendors:
2. In the Middle-End segment, another American manufacturer reigns. Relatively inexpensive, Cambium is also distinguished by reliability and high performance.
Like Ruckus Unleashed, Cambium can also work in the network control mode without a controller. At Cambium, this ecosystem is called AutoPilot, it supports up to 32 network access points and up to 1000 wireless customers. It is functionally almost not inferior to the version with the controller, besides, it does not require any investment, in addition to the purchase of access point themselves, you do not need to buy licenses, service contracts and their updates.
Is it necessary faster, higher, stronger? You are welcome! Free cloud cNMAESTRO controller supports up to 4,000 access points and up to 25,000 wireless customers. The software can be completely installed at your own server, if the beliefs do not allow you to use cloud solutions. With the functionality of Cambium, too, everything is in order: there are also centralized management of the ecosystem, and geolocation services, analytics, radio analysis, integration with adjacent systems ... In general, everything that the soul wants.
The disadvantage of Cambium can be considered a relatively poor line of access points :. Although everything you need in it is present: there are access points with sectoral antennas, with support for 802.11ac Wave 2, MU-MIMO 4x4: 4, street and for premises. In general, a complete gentleman set to your service!
3. In the budget segment, competition is significantly higher, but we allocate TP-LINK among other audacious Chinese. This is the main and most interesting Ubiquiti competitor (which will be below), although this comparison in 2019 is not flattering for TP-LINK.
To begin with, let's figure it out with the TP-LINK label itself: actually two of them. There is a TP-LINK that makes cheap home routers and plastic switches, and there is a TP-LINK that makes the products of the Enterprise line - WiFi systems, SMART series switches, accessories to them. This, in fact, 2 different companies, because between these two directions no intersection points Neither in the field of scientific research, nor in production lines. And, objectivity for the sake of Enterprise TP-LINK is much higher than the quality than his younger fellow, specializing in products for Soho.
Now to WiFi. TP-LINK has a lineup auranet cap - Currently in some forgotten (but it is temporary). Ceiling solution - 500 access points, 10,000 wireless clients. Controllers are only hardware, 50 or 500 access points. Access points - in a fairly old, "Topoon" design, but with support for honest seamless roaming in accordance with 802.11k / V standards, Beamforming, Band Steering, AirTime Fairness - In general, the set is completely complete. High Density on TP-LINK, of course, not to provide, but the activities of 200-300 users in one hall were already served, and the customers did not cause any complaints.
The second ecosystem at TP-LINK is called OmadaIt presents the access points of the EAP series. The controller - Omada Controller - is available in hardware version (with a limit of 50 access points in the 1st network), but there is also a software that can be installed on a Windows or Linux server. Access points EAP look modern, and, by itself, you can know everything that you need to be able in 2019 by self-respecting access point.
4. Our next patient - Ubiquiti Unifi series. This is when I want to be beautiful and cheap. And "beautifully" with ubiquiti will be constantly, because They all have been subordinate to design: from packaging before design interface design. And the design is really hardly the best in the industry. In general, the products of ubiquiti are characterized by an extremely low price with a fairly high quality product as a whole.
The main minus ubiquiti is that the WiFi is truly seamless roaming in accordance with IEEE standards, he still does not support, offering in return to its proprietary implementation. Which works, well, let's say so so. Therefore, if you need to organize impeccable WiFi client roaming with voice or video applies, then ubiquiti, as it is sad, you will not work. The same applies to High Density - this is not about ubiquiti. In general, the radio frequencies of Ubiquiti are far from the ideal, but thanks to a powerful component base, a very wide range of equipment and proper marketing policies, they are still one of the most popular WiFi-solutions manufacturers. In Russia, Ubiquiti has another 2 significant disadvantages: the lack of official service and representation. The first means that the warranty on the territory of the Russian Federation works a little better than in any way, and the second is that you will not have technical support, nor certificates for equipment (which closes him the road to state enterprises and to telecom operators).
The advantage of Ubiquiti - in their UNIFI ecosystem, which is now not only WiFi equipment, but also switches, routers, video surveillance, telephony, and recently even some of the components of the smart home. Moreover, the management of all this economy is available through very beautiful and convenient applications (including mobile), integrated with the "cloud" ubiquiti, i.e. "Challenge" Unifi Ecosystem You can from anywhere in the planet, and this is without any dancing with ports of ports, static IP addresses and other leaps. In general, it is really convenient.
5. MIKROTIK, EDIMAX, WISNETWORKS, TG-NET, etc.The 5th point in this list we will be adding only because the number 5 is more beautiful than 4. Well, or the reputation is better. The objectively listed here, the vendors are not yet reaching even to the level of ubiquiti (they may not be worse, but by the aggregate of the factors of their perception by the market are not so significant), but they still take some kind of niche in the market and are some popular.
We boast bold: we have accumulated extensive experience in the deployment of large Wi-Fi networks, we have time to "touch" the most diverse solutions of most profile vendors, and we know their strengths and pitfalls. We are ready to apply your experience for designing and installing wireless networks at your enterprise. - Save your time and money!
What is seamless roaming in WiFi networks?
Seamless roaming is when access points on your network are monitored by a special controller. Wireless network. The controller in the seamless network can be both one of the routers or access points and a separate device following the common state of the ether, the load on each of the wireless access points and the signal level between clients and so on. With a worsening of the signal between the client and the access point, the controller "forcibly moves" the client to a more suitable TD. The fact is that in the usual network, the client (telephone, laptop, tablet) will be "cling to the max address of TD (the address of the WLAN interface), and not to its SSID (title), which leads to negative consequences when moving on the building. The controller will continuously - a hundred times per second to monitor the loading of access points and the quality of the signal between the base station and the client. In such networks, when you move from one end of the room to another, the point of access will work, which is closer and not loaded. It is very useful for business and shopping centers, large shops, government agencies, hospitals and educational institutions. The load distribution technology will be necessary with a large number of people in places such as conference rooms or recreation parks.
Do you need an economical solution with automatic client switching between them for home for 150 bucks?
At 2020, available Mesh networks appear, which are no longer ashamed to establish and be confident in the resulting result. It is a pity that it is about several manufacturers, but still there is a light at the end of the tunnel. In the budget niche are present:
Asus, TP-Link, Tenda, Ubiquiuty, Mikrotik, Zyxel and Xiaomi. Almost every of these manufacturers have several types of access points for the street and at home, for walls or ceilings, for a separate WiFi network controller or controller is one of the access points.
And now specifically and with the tsyfras. Drove.
Seamless Wi-Fi system from ASUS.
The easiest option of the wireless network without a controller, but the serve can consist of several of the most ordinary Asus routers. For these purposes, models are suitable: RT-N11P, RT-N66U, RT-AC55U,RT-AC66U and newer Routers "P" series. They must be connected with each other with a wisted pair of category 5e and above, as shown in the picture below. On these models, there is only the ability to configure Roaming Assist, which is the only way on this type of devices. The following will occur: with a low signal level after a certain time, the router will turn off it from the network and the client itself reconnects to the point with the best signal. It is necessary to understand this type of wireless network setting is not seamless, but rather a voluntary-forced, with a short-term, but complete loss of the Conct. At the right installation, it will make it decent to save, compared to even the simplest networks with the access point controller, but in practice it works with the difficulties for the user especially when it is in the zone of unsure reception from both points, which in turn can start "footballery" of our A poor user and the Internet will not really work. Remember, please talk about it. RT-AC68U routers and older there are already a prolovers of Mesh networks from such access points, but I don't like the price relative to the result, it is better to take the Lira Access Point of Access. This will be discussed below.
And now let's look at the most optimal option. Mesh network from Asus. It is called this set of LYRA and let's see what he can give us, and it can give us much more than our OGA, joke, 350 - 450 megabits he can give us all over the area and you can move anywhere without breaking.
Your goal is to make a high-quality wireless WiFi network with roaming?
For our customers, we have professional WIFI network solutions with the highest possible reliability, speed, speed and level of protection. In such cases, the network consists of a certain number of access points interconnected by a twisted pair through switches and controllers of access points. The Wi-Fi feature features include:
- tracking the load on each separate access point and its distribution.
- track quality and signal level between access point and client.
- centralized management of all network access points.
- providing multiple client switching from one point of access to another, without loss of connection with the Internet.
Such a network can be scalable and gradually expand.
For a hotel, a large office, cottage settlements can not do with one point of access, even the most productive and long-range. The distribution of access point gives a much better result and has the ability to scaling. The figure above shows the zone of the seven access points and one controller configured to work in seamless roaming mode.
If your goal is to do so that, when moving from one point of access to another connection with the Internet, it did not disappear, then we can help you with search and buying equipment for WiFi network with roaming.
To organize a fast and loaded wireless network as a whole, the functional function of ordinary WiFi routers is not enough due to TAG, that the solution to "fall off" from the access point takes the final device itself and the router does not help here. It turns out that the same smartphone or tablet will be cling to the point to the point of access, taking into account the fact that in the list of networks known to it, there will be an access point with one hundred percentage.
There are two good ways to make such a grid. And there is a lot of bad :) Consider good, and I would not advise you with bad things.
1) WiFi network with a certain number of accession points connected by the switch and controlled by a special wireless access controller in the local network. This option is the most reliable, unpretentious and of course dear. A network of this type on the example of ZyXEL equipment will cost in the area of \u200b\u200b2000-3000 $ to the area of \u200b\u200b10000m 2 (100x100m). For country houses, seamless roaming will cost cheaper; 1000-1500 $ to a large house and a household plot. Such networks are capable of withstanding heavy loads and evenly to rope users at access points depending on the loading of each of them. Such networks are easily administered and well suited for commercial real estate, hotels, restaurants, parking facilities, and such public places.
2) The proven method is well - using the roaming asist function. This method is the most budget. With four ASUS RT-AC66U routers, it is possible to obtain an analogue of the seamless roaming WiFi and the speed of the wireless network throughout the house and the local area of \u200b\u200b300-500 megabit per second on the 802.11As standard. With automatic switching between access points. In both cases, WiFi routers are connected to a wire.
Budget and professional solutions in our store with installation and configuration.
Introduction
As I already said, I have on the topic of Capsman settings in Mikrotik. Nowadays, in connection with the rate of development of information technology, the information is very quickly obsolete. And although the article is still relevant, they regularly read and use, now there is something to add to it.
A new version of Controlled Access Point System Manager (Capsman) V2 has been released. I will tell a little about her. In my work I will rely on the experience of the previous article and on the official Manual: Capsman from the manufacturer of micro producer.
In my disposal there will be 2 RB951G-2HND router, which, in accordance with my recommendations on this topic. I recommend to familiarize yourself with them just in case, to have a general idea of \u200b\u200bthe basic settings of routers. On one of these routers, I will configure the access point controller, another plug to this controller. Both points form a single seamless WiFi network with automatic client switching to the nearest point.
An example of two access points will be enough for the general idea of \u200b\u200bthe work of the technology. Further, this setting is linearly scaled to the required number of access points.
What is Capsman V2
To begin with, I will tell you what Capsman V2 is and what it differs from the first version. Immediately it is worth saying that there is no compatibility between the two versions. If you have a V2 controller, only access points with the same version can be connected to it. And on the contrary - if you have points V2, it will not work off to the controller of the first version.
Capsman V2 has a different packet name in the system - wireless-CM2.. It appeared in the system from the version of Routeros V6.22RC7. In the previous version, the name - Wireless-FP, it appeared in version V6.11. If you do not have a new package, until the latter.
List of innovations Capsman V2:
- Ability to automatically update managed access points.
- Improved information exchange protocol between the controller and access points.
- Added "Name Format" and "Name Prefix" fields in the Provision Rules settings.
- Improved logging of the client switching process from point to point.
- Added L2 Path MTU Discovery.
If your network is already configured by Capsman, the developers offer the following way to update your entire network to v2:
- Configure the Capsman V2 temporary controller in the original network.
- Starts to gradually update the managed access points to install the Wireless-CM2 package. All updated access points will be connected to a temporary controller.
- After all managed access points are updated to the latest version, update the CAPSMAN main controller. After it happens, turn off the temporary controller.
There is a simpler way if you are not critical of a simple network for a while. At the same time, run the update on all routers - and on the controller and points. As soon as they are updated, everything will work on the new version.
Immediately warning if questions arise on this topic. I personally did not check the update to version V2, there was no need.
Setting up a WiFi network controller
Go from the theory to practice. The first thing is to configure the Capsman controller before connecting access points to it. As I said, we update the system before this. We need to install and activated the package. wireless-CM2..
To activate the function of the wireless network controller, go to the section Capsman., Press the Manager and put the jack of Enabled.
Before continuing the setting, I will tell a little about the principle of system operation. The network is configured to control the access point controller. Separate WiFi points are connected to it and the settings are obtained from it. Each connected access point forms a virtual WiFi interface on the controller. This allows standard tools to control traffic on the controller.
Settings for the controller can be combined into named configurations. This allows you to flexibly manage and assign different configurations with different points. For example, you can create a group with global settings for all access points, but at the same time separate points you can set additional settings that will overwrite global.
After connecting the controlled point to the network wizard, all local Wireless settings on the client stop acting. They are replaced with CAPSMAN V2 settings.
Continue configuring the controller. Create a new radio channel and specify its parameters. We go to the tab Channels., We click on the plus and specify the parameters.
There is no drop-down list in the settings and it is inconvenient. Sewing the settings can be in current WiFi parameters if it is already configured.
We continue the settings on the tab Datapaths.. We click Plusik and set the parameters.
Slightly stay on the parameter local-Forwarding. If it is activated, then the entire traffic point of the access point is controlled by the point itself. And most DataPath settings are not used, since the controller does not control the traffic. If this parameter is not set, then all traffic from customers enters the network controller and is managed there depending on the settings. If you need traffic between clients, then specify the Client to Client Forwarding parameter.
Go to security settings. Open the tab Security CFG. and click plus.
It is time to combine the previously created settings in a single configuration. There may be several such configurations with different settings. For example, just one. We go to the tab Configurations. and click plus.
On the first tab of the Wireless, specify the configuration name, the AP mode and the SSID name of the future seamless WiFi network. On the other tabs simply select the settings created earlier.
The main settings of the Mikrotik controller Capsman V2 are completed. Now you need to create rules for the distribution of these settings. As I have already written, different configurations can be betrayed different points. The controller can identify access points to the following parameters:
- If certificates are used, then by the COMMON NAME certificate field.
- In other cases, MAC addresses are used in xx: xx: xx: xx: xx: xx: xx: xx: xx: xx
Since in your case I do not use certificates, create the rule of distribution of settings based on the MAC address. And since I have a single configuration for all points, then the propagation rule will be the simplest. Make it. Go to the tab Provisioning and click plus.
| Radio Mac. | Mac access point address |
| HW. Supported Modes. | i did not understand what it was, in the documentation empty |
| IDENTITY REGEXP. | there is nothing in the documentation |
| Commom Name Regexp. | and about it is not |
| IP Address Ranges. | and about it too |
| Action. | selecting an action with radio interface after connecting |
| Master Configuration. | selection of emergency configuration, which will be applied to the received radio interface |
| Slave Configuration. | second configuration, you can connect another config to customers |
| Name Format. | defines titles syntax for CAP interfaces created |
| Name Prefix. | prefix for the names of the CAP interfaces created |
This configuration of the Capsman V2 controller is completed, you can connect a WiFi access point to it.
Connecting access points
In my narration, two access points are involved in the addresses. 192.168.1.1 (Mikrotik) and 192.168.1.3 (CAP-1)interconnected by Ethernet cable. The first controller is the second simple point. Both dots see each other on the local network. WiFi controller interface as well as a conventional point connects to Capsman and takes the settings. That is, the controller is both a controller and an ordinary access point. Even a combination of two points organizes a full-fledged seamless WiFi network on the entire area, which is covered by their radio modules.
Connecting CAP access points to the Capsman controller is possible by two different protocols - Layer 2 or Layer 3. In the first case, the access point should be physically in one network segment (physical or virtual, if it is L2 tunnel). They do not need to configure the IP addressing, they will find a controller on the MAC address.
In the second case, the connection will be by IP (UDP) protocol. You need to configure the IP addressing and organize the availability of access points and controllers by IP addresses.
To begin with, connect a separate WiFi point. Connecting it through Winbox and go to the section Wireless.. There click on the CAP and specify the settings.
In my case, I specified a specific IP controller, as the IP addressing is configured. If you want to connect points to the controller on L2, then the field with the capsman address is left blank, and in Discovery interfaces. Choose an interface that is connected to the controller. If they are in one physical network segment, the point will automatically find a master.
Save the settings and check. If the access point is correctly connected to the controller, then at the point itself there will be such a picture:
And on the controller in the list Interfaces.the newly created radio interface of the connected access point will appear:
If you have a hard to do with the access point, you cannot understand the controller and you can not understand what is the problem, then check that you are activated on all devices Wireless-CM2 packages. I did it so that after the update, the Wireless-FP package was turned on on one point, instead of the necessary one. The access point in no way wanted to connect to the controller, which I just did not try. I did her controller, the other did not want to connect to it. I dropped all the settings, but it did not help. When it was completely desperate to solve the problem, I checked the package version and found that she was not that.
We now do the same on the Mikrotik controller itself - connect its WiFi interface to Capsman V2. This is done absolutely the same as you just followed on a separate WiFi point. After connecting, we look at the picture on the controller. It should be something like this:
All, basic settings are completed. Now this configuration can be deployed further on new access points and cover the large area of \u200b\u200ba single seamless WiFi network. All connected clients will be displayed on the tab. Registration Table With an indication of the point to which they are connected.
Checking seamless WiFi roaming
Now you can take the phone on android, put a program on it WiFi Analyzer And to like the territory covered by WiFi, test the power of the signal, switching from the point to the point. Switching does not immediately, as soon as the new point signal is stronger than the previous one. If the difference is not very big, the switching to the new will not happen. But as soon as the difference begins to be essential, the client jumps. This information can be observed on the controller.
After analyzing the coating zone, you can correct the power of access points. Sometimes it can be useful to customize different power at different points, depending on the room scheme. But in general, even even in the basic setting, everything works quite stably and efficiently. This microtic models (RB951G-2HND) can be connected and comfortably to work for 10-15 people. Then there may be nuances depending on the load. I brought these numbers from my examples of real work.
2 networks in Capsman on the example of the guest WiFi
Consider for example one common situation that can be implemented using Capsman technology. We have a configured WiFi seamless network with password authorization. We need to add another guest network for the same access point. In single mikrotik this is done using Virtual AP.. Let's do the same in Capsman.
To do this, add a new security setting. We go B. Security CFG. And create a setting for access without password. Call it Open.
Create another configuration in which all other settings leave the same, only changing SSID and security setting.
We go to the tab Provisioningopen the previously created configuration and add there in the parameter Slave Configuration. Our second configuration, which we just did.
We save changes. Here I waited a few seconds, the new setting did not spread to the point. I did not wait, went to each point and reconciled it to the controller. Perhaps this was not necessary to do, but it was necessary to wait. I do not know, did it. New setting spread and a new network type appeared at each access point Virtual AP. With an open WiFi network.
Checked just in case, everything is in order. Connects clients to both networks simultaneously and allows you to work.
I reviewed the current situation for an example of the work of Virtual AP in Capsman. Here the guest network clients connect to the same bridge and address space as the users of the closed network. For good, you need to make additional settings:
- Create a separate Bridge on an open network controller, assign it your subnet and address in it, add to this bridge the second WLAN interface that will appear after connecting to Capsman with two configurations.
- Configure a separate DHCP server in this subnet with addresses only from this subnet.
- In the Capsman settings in DataPath, create a separate configuration for an open network. In it, specify the new Bridge and do not choose the Local Forwarding parameter.
- In the configuration for an open network, select the new DataPath.
After that, all the network connected to the open WiFi will be sent to a separate bridge, where its DHCP server and address space, different from the main network. Do not forget to check the gateway and DNS server settings that you will transmit to customers.
Video settings Capsman.
Conclusion
Let's summarize the work done. Using the example of two points of access Mikrotik RB951G-2HND, we set up seamless WiFi roaming on the area covered by these points. This area is easily expanding with additional WiFi points of any microtic model. They do not have to be the same as it, for example, is implemented in some ZyXell configurations that I have configured.
In this example, I considered almost the most simple configuration, but at the same time he painted all the settings and the principle of operation. Based on this data it is easy to make up more complex configurations. There is no principled complication here. If you understand how it works, then it is already possible to work and make your configurations.
Traffic from access points can be controlled in the same way as with conventional interfaces. The entire basic functionality of the system is Firewall, routing, NAT, etc. You can make bridges, divide the address space and much more. But it is worth considering that the traffic will be all going through the controller. It is necessary to understand this and correctly calculate the performance and bandwidth of the network.
I remind you that this article is part of a single cycle of article pro.
Useful reviews about the work of Capsman
Some useful information from reviews to the article from real users of Capsman technology:
Vladimir, good article! Many letters useful! :) When setting up Capsman at the enterprise, referred to your article - I learned a lot, but I changed a little. Changes touched the "Channels" tab - removed the position of Frequency because The use of one frequency at all points would not recommend, because nearby standing points begin to "rock" and respectively, the connections are arisen ... My users complained to a low level of the signal when it is located next to the access point (and in fact were connected to a point with a bad level Signal) ... In order for users "jumped" from a point to a point, which has a better signal, I decided to make a limit on the signal level threshold by making an entry in the AccessList tab. Values \u200b\u200bat Signalrange \u003d\u003e -71..120 interface \u003d\u003e -71..120 interface \u003d\u003e all Action \u003d\u003e Accept, this achieved that when the signal is reached below -71, the subscriber "leaves" the point :) The value -71 is not taken accidental (the minimum signal level at a speed of 54MBIT ) Also in the Provisioning tab has changed the value of nameformat, instead of CAP put Identity (when connected to the control, it shows the title of the point that is spelled out to the System-\u003e IDENTITY device), who has a realization in household devices, may not have it, and scattered around the large area and there are many of them - it will be useful :) In general, thank you very much and mercies for many letters :)
And one more review:
The article is very good, but I would add it / redid in a part of the guest WiFi network:
1) divided 2 WiFi networks in different radio channels.
2) For security, I would separate the guest network from the main. Given that you have a guest network without a password to break you down every student with a smartphone. Bridge (Bridge_Open) is created, it is assigned to Bridge IP address from another network (192.168.200.1/24), DHCP-POOL (192.168.200.10-192.168.200.100) is created, rises at the DHCP server created by Bridge, create another DataPaths (DataPaths_Open) in which is specified by the created Bridge (Bridge_Open), use DataPaths_open to configure the CFG2 guest network. Next, configure NAT and Firewall so that the guest network (192.168.22/24) was on the Internet access was, and the local work was blocked (Drop Forward from 192.168.200.0/24 to the local network).
Online courses on Mikrotik
If you have a desire to learn how to work with microtic routers and become a specialist in this area, I recommend going through the courses on the program based on information from the official course MIKROTIK CERTIFIED NETWORK ASSOCIATE. In addition to the official program, there will be laboratory work in the courses in which you in practice will be able to check and consolidate the knowledge gained. All details on the site. The cost of learning is very democratic, the good opportunity to get new knowledge is currently relevant to the subject area. Course Features:- Practice-oriented knowledge;
- Real situations and tasks;
- The best of international programs.
- How with Mikrotik.
- Simple and fast.
- Setup and on a separate server.
- To reserve the channel on the Internet.
In a modern business environment, almost any enterprise is difficult to overestimate the role of information technologies, and recently especially WiFi networks. Wireless communication becomes an excellent helper when you need to connect the Internet smartphone or tablet, a corporate telephone manager, a data acquisition terminal for a warehouse employee or for example, a device for receiving payments in the restaurant's hall. If the territory of your office or enterprise is small, and the load on the number of connected devices does not exceed one dozen - everything is extremely simple, you need to install and configure the WiFi router.
But what should I do if you need to cover a wireless connection with a whole building of a multi-storey hotel, a plant shop, a few rooms of a large restaurant, a large office or a seating area, a few hectares?
What are the ways to solve such a task?
Company Website offers the most advanced solution for large corporate and private WiFi networks - seamless WiFi
With the help of our equipment you can build a modern seamless wireless network at home, in the enterprise, inside or outside the room.
How it works?
In fact, you have a single WiFi network running one controller and dependent access points. This is called "seamless WiFi". The meaning is that the access points can be from several pieces to several hundred, one centralized controller device or specialized software is engaged in the control and broadcasting of traffic.What does the controller need:
- continuous monitoring of access points status, load on them;
- controls the power of the signal and throughput depending on the number of clients and the nature of their work;
- independently restores maintenance-free due to the failures of the region's equipment by increasing the coverage area from near access points;
- provides web authentication and dynamic accounts for realization of the so-called. "Guest Access" (for some controllers, options like printers to generate and print temporary user accounting data);
- provides a continuous WiFi signal, with which you can freely move, for example, with a wifi-phone between the coverage areas of different points of access, without interrupting the conversation and without observing any connection interruptions. The controller at the same time "rams" to your device signal from the closest access point.
- give access to the Internet to the end client (for example, a mobile phone or tablet)
- under the control of the controller remove the peak load from one point to another
Comfortable and beautiful graphical interface
If you have a plan of premises / terrain, where the wireless network is deployed, it can be used useful for maintenance of the network. In the Wireless Controller Settings menu, you can create or download the room map.
Map of radio frequency. Monitor and analyze the surrounding radio.
The instrument panel gives a visual presentation of your network status and displays basic information about each segment. 
Large functionality settings. You can select WiFi channels, frequency spectrum and transmitter power, etc. 
You can purchase two types of equipment sets to create seamless WiFi networks
Networks in the WiFi 2.4 + 5 GHz range with support for up to 50 users per 1 point access
These kits are presented on ubiquity equipment and are fully compatible with routers and brand switches Mikrotik. As a controller, it is, firstly convenient in terms of management, secondly removes the load from the main router and is fully responsible for the wireless network on the object. The number of access points is programmatically limited by a value of 20. Wireless points of the Ubiquity Unifi AP series are presented in two versions - to place indoors - indoors and on the street. Recommended number of users - up to 50 clients per 1 access point. Depending on the scale of the task, we offer on sale such options:
| Number of users (MAX) | WiFi Square Coatings M2 | User mode | Placing WiFi equipment | Composition kit |
| 100 | up to 200. | Internet surfing social networks IP telephony |
Indoors indoors | Controller - 1 pc. Access point / - 2 pcs. |
| 100 | up to 200. | Internet surfing social networks IP telephony View video online |
On the street | Controller - 1 pc. Access point - 2 pcs. |
| 200+ | up to 400. | Internet surfing social networks IP telephony View video online |
Indoors indoors | Controller - support for WiFi 802.11ac protocol with maximum speed up to 1200 MBS - Modern and intuitive graphical interface of access controller controller - Sets with Ubiquity Unifi AP Mesh hardware support Wireless Uplink technology, which allows you not to connect access points directly to the wire controller
|
