"dar7yl" <no_reply@accepted.org> hath wroth:
>We intend to install commercial wireless access points for transient
>visitors to our community (ie, boaters).
The reason that boaters have money is that they don't like to spend
it.
>What we are researching now is methods of access.
You might want to look at what commercial marina wireless operators
are currently doing and using.
>We want to set it up so
>each customer can purchase online time (usually daily), provide payment,
>and connect with a minimum of fuss. Some of our sites are permanantly
>monitored (Wharfinger) while others are isolated and unmanned, working on
>the honour system.
Huh? Sounds like the chicken and egg problem. Boater drifts into a
new harbor and wants to connect via wireless. Just one problem. They
have to register and pay online and they can't connect quite yet. You
might want to look into a captive portal, where an unregistered user
can only connect to the registration and payment page, and nothing
else. The problem is security. You can't use encryption yet, because
they don't have an account or encryption key. So, you have to use SSL
or other form of web based security, which is potentially subject to
man in the middle attacks and spoofed access points.
>Right now, the technical issues are minor compared with the business model.
Exactly. The real problem is how much effort are you (and your
accomplises) going to put into the system on behalf of the customers.
When someone can't connect, or arrives with a laptop full of viruses
and worms, what are *YOU* going to do.
>We are delaying selection of hardware until most of the issues are resolved.
>(: and by that time, maybe wireless-N will be finalized :)
802.11n will be finalized when hell freezes over and possibly later.
The current guess is (insert drum roll):
<http://grouper.ieee.org/groups/802/11/Reports/802.11_Timelines.htm>
October 2008. Don't hold your breath. Anyway, as John says, it's not
part of your business plan or problem. You'll probably be dealing
mostly with 802.11b and possibly 802.11g speeds.
>I have seen a number of access point setup alternatives, but usually they
>are tied to a particular router.
Usually, they're INSIDE a particular router. All in one box is
exceedingly popular because it's cheap. I'm partial to seperate
access points, central router (i.e. wireless switch), offsite RADIUS
server, and some redundancy.
I suggest you look at an overpriced, overkill, and overly complex
solution first. That will give you an idea of what can be done if you
had infinite resources. The idea is to not overlook anything. Then,
decide how much of those features you really need and are willing to
pay for. Then, find something within your budget that will do what
you need. (Translation: figure out your requirements first, then
pick your vendor and hardware). If you start at the bottom, you
usually run into some missing part of the puzzle such as multiple
SSID's, RADIUS authentication, logging, SNMP, monitoring, remote
admin, ad nausium. The SNMP and monitoring aren't very useful for
normal operation, but are invaluable for troubleshooting.
>Bear in mind that we aren't creating an open system, but one which we want
>to control access and also provide a reasonable level of security. When
>necessary, we can hook up to NetTeller or Visa processing.
See my comments on the initial connection. You don't have any local
security (i.e. encryption) before the user can signup and authorize.
You'll probably need to do the payments with an unencrypted wireless
link. That means you had better have your browser security in place.
That works, but is subject to key loggers, man in the middle, spoofed
access points, and the exploit de jour.
>In essence, we would like to find out what options are available for access
>point management, and how they are tied to particular hardare solutions.
One access point or dozens? There's a difference. There are numerous
products that offer wireless system management software. I know
something about a few of these. The ones I deal with are SNMP based,
but there are other methods. I think you need to nail down a few
specifics before any sane recommendations for management systems can
be made.
Meanwhile, I suggest you look at the following:
<http://www.mikrotik.com>
which might be close.
--
Jeff Liebermann
jeffl@comix.santa-cruz.ca.us
150 Felker St #D
http://www.LearnByDestroying.com
Santa Cruz CA 95060
http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
Wireless Access Point options 
Linear Mode
