Whether you're in the process of setting up a Wi-Fi hotspot or already offer wireless Internet, this article is for you. You'll discover a few different hotspot solutions, most of which are free.
I'll also show you how you can make your public and private network more secure and how to save time and money.
Secure Your Private Network
You need to make sure that you properly secure your private network, if you have one. Never let any visitors use your network. Your private network should be secured with WPA or WPA2 encryption, either the easy-to-set up personal (PSK) mode or the enterprise mode that requires a RADIUS server.
You also want to make sure that the hotspot solution keeps the private and public traffic segregated. Some hotspot gateways that support private networks, for example, offer a port that has a direct connection to the Internet and is separated from the hotspot. That way, hotspot users can't sniff your network traffic or access network shares.
If putting together your own gateway, such as with replacement firmware, you should look into using VLANs.
Protect Your Hotspot Users
On normal networks, such as your private one, you'd want the ability to share files among other users. However, on a hotspot you probably don't want to be offering access to your files and computer to strangers. Therefore, you should block user communication on your hotspot.
If you're buying a hotspot gateway, the user-to-user traffic is probably already blocked. However, if you are configuring your own gateway, such as with a firmware replacement, you need to make sure to enable the AP or layer-2 isolation feature.
To Cover Large or Busy Areas, Consider Creating a Wi-Fi Mesh Network
If you want to offer wireless Internet in an area that will require more than a few access points (APs), you might consider installing a wireless mesh network.
The APs are called mesh nodes and, unlike a traditional Wi-Fi network, don't have to be wired back to the network router or switch.
At least one mesh node must be connected to the network/Internet; they are called gateway nodes. The other nodes then get their connection via the air waves, the traffic hops from one node to another until it reaches the gateway or destination node. The route to or from a gateway can change; it automatically chooses the best path.
Setting up a mesh network can require less time and money because you don't have to run all the cables. It's great for locations where changes can affect the radio environment because mesh nodes have redundancy features. For low-cost mesh solutions, look into Open-Mesh.
Place the Hotspot Gateway in a Central Spot
Remember, Wi-Fi doesn't travel long distances and the signals are lessened quite a bit by walls. So try to place the hotspot gateway or router as close as possible to the desired coverage area, preferably right in the middle.
Don't just hook it up in a back room or office. If needed, have a new cable or phone jack installed in a better location.
Use an Identifying Network Name (SSID)
Unlike with your private network, you want people to know where the Wi-Fi signal is coming from. So make sure you change the default network name (SSID) to something people will recognize (for example, Free Internet at Sunset Hotel or Sunset Public Internet Access).
Discover the Hotspot-Specific Firmware Replacement: CoovaAP
If you have a supported wireless router, you can turn it into a hotspot gateway by uploading the free CoovaAP firmware to it. It offers easy hotspot configuration with a built-in captive portal so you can require login, show a disclaimer or usage agreement, and/or require payment.
It also offers bandwidth controls so you can control how much Internet power guests use. Plus you can use their free or paid hosted network management services.
Possibly Use a General Firmware Replacement
General-use, after-market firmware projects, such as DD-WRT and Sveasoft, also have hotspot features. For example, DD-WRT supports Chillispot, NoCatSplash, and Sputnik. These replacement firmwares also provide numerous other advanced features that can come in handy, such as a site survey tool to see details on nearby networks, QoS settings to manage traffic, and virtual LANs and multiple SSIDs to segregate the private and public access.
Look into Using the Sputnik Service
The SputnikNet service is great if you have multiple hotspot locations and SputnikNet Express for more basic applications. Both services let you customize the welcome/splash page, run local ADs, and review basic usage reports and graphs.
Plus they offer device authentication, so non-browser devices (such as Wi-Fi phones and PSPs) can access it, and private network blocking to segregate the traffic. The premium service offers much more control, management, and deployment options.
Look into 802.1X Authentication and WPA/WPA2 Enterprise Encryption
If you are a security freak or if you have users who are, you might want to check into using the enterprise mode of WPA/WPA2 encryption.
Unlike the pre-shared key mode of WPA/WPA2, users don't know the actual encryption key. They'd log onto the network with a username and password, as required by the 802.1X/PEAP authentication.
If interested, check out the free CoovaAAA service.
Consider ZoneCD if You Have an Old PC Lying Around
If you have a spare computer, you can turn it into a hotspot gateway. ZoneCD is a Linux-based live CD that runs on generic computers and works with any wireless router or AP to provide public and private access.
Your Intel-compatible PC needs only 128 MB of RAM, a bootable CD-ROM drive, a floppy or USB drive, and two Ethernet network adapters.