RUTX50 and X10s in Mesh with Hotspot and local radius

smoe · June 15, 2024, 10:22pm

Hello Community,

I’m planning a project for a camping side association. They want to share a 4G/5G Connection via WIFI to their customers. Arriving customers should have the possibility to buy WIFI Access. Because of the small budget of the association, an external radius / service isn’t possible at the moment. My idea is to use local radius with users, which are created by the staff of the camping side and also is noted in a list / book. After the paid time is over, the staff deletes the user from local radius. I’m sure, this will work, but correct me if not.

We want to buy a RUTX50 as central unit with internet connection. The staff’s pc is connected via LAN and he will have a dedicated user with access only to the user management and monitoring. Admin management will be remote by ssh or ipsec tunnel. Maybe RMS, but this ist also a question of money…

To extend the WIFI over the whole camping side, we plan to buy 2 or 3 RUTX10. My plan is to connect them via mesh in 5Ghz WIFI and fixed channel (to avoid DFS in my country).

Clients shall connect via 2,4Ghz WIFI. Maybe I configure it vice versa, I have to test, which variant perfoms better.

But now to my questions:

is it possible to use both, 5Ghz and 2,4Ghz WIFI for the mesh? Mainly to set it up more failure tolerant
do I have to set all wifi settings on all mesh nodes manually equal to the mesh gateway (except wan interface as stated in the manual)? Or do the nodes atomatically receive basic wifi configurations when they join the mesh?
when I add a new hotspot instance on the main RUTX50 and set it up for local radius, will this be available on all mesh nodes?
if not, I assume, I have to set up a hotspot instance on every mesh node manually, right? I it possible to refer to the “local” radius of the main RUTX50?

this is important for us, because it is not reasonable to let the staff create equal hotspot users on all nodes in the mesh. I’m new to this specific theme, despite I had open-WRT routers in the past and set up mesh on propietary systems, I never had such a combination of requirements.

but I’m confident, this is possible with Teltonika routers. Please confirm and provide some informations and answers to my questions.

If this project is successful, I will share my solution with Teltonika and recommend you to friends and at work.

regards,
Stefan

PS: yes, I used the search function and read the manuals. But I don’t have hardware at the moment, to test my ideas and perform trial an error. I will get hardware, when my solution is confirmed possible and stable. This is a lot of money for the camping side association and I don’t want to risk my head while helping out, you know?

pwsh · June 17, 2024, 8:15pm

There is no such thing as “Local Radius”. It does not use Radius at all if “Local Users” is selected in Hotspot. Credentials for users are stored on the router in SQLite database file so there is no way to use the same users on another router. You would need to use “Radius” mode with some sort of Radius server, might be able to setup radius server on the router itself by using openwrt freeradius package - [OpenWrt Wiki] package: freeradius3 (not sure if it works on RUTX, haven’t tested). All in all im not really sure if Hotspot is possible with mesh networks, maybe someone more experienced will answer these questions.

smoe · June 17, 2024, 9:04pm

Ok, thanks for your reply.

I thought, I can span one big subnet over all nodes and the gateway node acts as hotpot server.

What about mesh functionality? Isn’t it the case that I have one mesh subnet, e.g. 192.168.1.0/24, with dhcp and dns on mesh gateway ip .1
All mesh nodes and clients get IPs in a set range, e.g.192.168.1.100 to .200
Let’s say all on 5 Ghz interface.

Now I could create on all nodes a second WIFI interface on 2.4 Ghz, which are not meshed but bridged to the same lan interface, without a password. I would create a hotspot instance on the gateway router in the same subnet. All new clients on thos WIFI interface get their ip and dns from the gateway router, because it is bridged to lan, right?

What about creating a hotspot instance on a meshed network, will this work? The hotspot functionality is driven bei the dhcp / gateway instance, isn’t it? But how would meshed routers react?

Maybe I have to trial and error this. But it would be cool, to understand it beforehand

pwsh · June 17, 2024, 9:13pm

@smoe Well yes in theory it would be possible but Hotspot instance configures its own dhcp, it also requires a subnet that is not used by any other interfaces (should differ from lan). That’s what could be the problem, but as you said best to try it out and see. In that case would only need a single router with Hotspot instance configured and would be possible to use “Local Users” mode.

smoe · June 17, 2024, 9:35pm

Ok, interesting. I’m not sure how the hotspot handles and sorts dhcp for clients in hotspot and all other clients, because it’s bridget to LAN. Maybe this really works only on one device and not across more devices.

Maybe it’s possible if I create the same hotspot subnet on all devices and set the hotspot server to the same adress… it is confusing. Maybe I have to create a second LAN interface for the hotspot an bridge the 2.4Ghz wifi to that interface… hmm

If I had a separate radius server, I could create normal APs on all devices, bridge all to the same network and set the router IPs or MACs as allowed. But I want to hold complexity on a low level in case some other guy has to administrate this thing later.

pwsh · June 17, 2024, 10:09pm

@smoe Hotspot is not bridged to LAN. Basically when choosing a Wifi SSID to use for hotspot there need to be no “Network” selected to not have LAN bound to it (it might also be ignored if left selected, not sure right now). Hotspot will then add its own dhcp server to that interface. Clients will get IP address of Hotspot network. The firewall will forward some LAN services to it (like Hotspot landing page) and forward other traffic to WAN (when the user is autheticated).

Hotspot can also be created on any LAN interface. When creating it on LAN most of the settings of that interface will be ignored in favor of Hotspot settings. Meaning you can lock yourself from accessing router WebUI if you create it on the default LAN interface

Might be possible to create Hotspot on the mesh gateway? Or a seperate LAN interface? Trial and error will probably be the way if no one else tried to setup mesh networks with Hotspot

smoe · June 17, 2024, 10:30pm

@pwsh

Thank you very much, this is really helpful for understanding! I will try the variant with a separate LAN interface bridged to a meshed WIFI or, if that doesn’t work, to APs on nodes.

I will report my results here

system · June 30, 2024, 10:23pm

This topic was automatically closed after 15 days. New replies are no longer allowed.