Aloha Networking Problem.

[justinhaynes]

A local coffee shop uses Aloha and offers free wireless access to its customers. Currently, The two Aloha machines (The POS, and the other one, which I guess is the file server), have their own Public Static IP addresses. The wireless router also has its own Public Static IP address.

This setup is functional but not secure.

I set up a second router with VLANs configured so that only one Public Static IP was being used. In this setup, the router had the public IP and then did NAT on vlan0 for free wireless access. A second vlan, vlan2 was set aside for the two Aloha machines. The vlans were configured so that neither vlan could route to the other, but both could route to outside addresses.

When we tested this setup with the new router, the networking worked flawlessly as we had intended. However the POS failed to find the File Server, or so it said. We had to revert to the old router so they could continue to operate their business.

I know next to nothing about Aloha. I can use any answers, help, documentation or other resources anyone might be able to offer.

In the original setup, both Aloha machines are configured with static IP addresses.

In my setup with the new router, I have them set to DHCP and they get IP addresses from the router in a narrow range: 192.168.1.2-14. They ended up with 192.168.1.3, and 192.168.1.4. they could ping each other and the outside world.

What other changes should I have to make for the applications on the two machines to work together? I'll provide any additional information necessary to make this work. Thanks!

 

[coorsman]

Did you turn on any firewall?

 

[DTSMAN]

I am not sure on the VLAN part, I know it can be done.
The most secure and prefered way is 2 network cards in the Aloha server. One on static IP scheme for Aloha to use, and the second to obtain from the internet router and access the internet that way. Now the patrons are on a different IP scheme and the security measures can be controlled more easily and independently. There will be an additional network setting for the Aloha NIC ID that sets it to 0, I can't remember what the parameter is called, but there are other people here that do.

Bo

Remember,
If the women don't find you handsome,
they should at least find you handy.
(Red Green)

http://www.redgreen.com

 

[DTSMAN]

Lanacfg.exe

That is what you use to set the Aloha NIC to 0.
Been a while.

Bo

Remember,
If the women don't find you handsome,
they should at least find you handy.
(Red Green)

http://www.redgreen.com

 

[justinhaynes]

coorsman: no changes were made on the POS or the Aloha server machines other than changing the IPs from Static IPs to DHCP. However, instead of being plugged into the switch on the DSL modem, they were plugged into a linksys WRT54G. So in that sense, they were placed behind a physical router/firewall. No software firewalls are involved on the machines themselves.

DTSMAN: I will check the next time I'm at the coffee shop to see if it does have more than one nic, though I believe it only has one. Which machine would need to have two NICS configured, the POS or the Server? I don't understand the function of the server. Thanks.

 

[Circle9]

The server would need the two NICs configured, and if you need lanacfg.exe, I have attached a link where you can download it.

 

[RosemarysBaby]

Justin
I have only 1 large restaurant (no chain with IT staff) and I set out last year to offer free wireless to patrons. Of course with the file server connected to the internet for credit card processing I was paranoid about letting the public use my same internet modem and I didn't want to pay for a 2nd broadband line.

After lots of wasted hours and money with network guys using multiple Linksys routers, subnets and whatever the solution came down to 1 simple correct appliance. I got rid of my WRT54G's and got a Zywall 2 Plus router, a little over a hundred bucks. It's like a Sonic Wall without the price.

You configure 1 of the ethernet ports on the Zywall to your wireless access point, run the cat 5 from that port to the dining room where your wireless access point will be and you're done. You could then use your WRT54G as the AP plugged into the configured Zywall port.

Best thing is Zywall support can help you setup your configuration for free (it's a bit tricky) and they speak "real" English.

Security Metrics audits my internet connection for credit card integrity and it passes flawlessly.

 

[coorsman]

lanacfg is a dos program that sets the lana number on the nic card. Aloha ctrlsrv.exe will only start in the services if the aloha nic card is set to lana 0. Check that ctrlsvr.exe has started in services if not it's probably the lana number. You can alway's check the debout.svr in the aloha\tmp directory. Try swapping the ip addresses nd connections on the nic cards if there are two or set the lana number on each one.

to use lanacfg.

lanacfg showlanapaths
this will show each nic card and it's lana number

lanacfg setlalanumber 0 3
will set the nic card 0 to 3

make sure the boodcrv is shared between the server and terminal and you can ping and read and write between both.

 

[justinhaynes]

Thanks coorsman and MitchellW0214, I'll take a look.

Rosemarysbaby - With your configuration now and your configuration before all the network mess, did your Aloha POSs and server live behind NAT with Private IP addresses like 192.168.x.x, 172.16-31.x.x, or 10.x.x.x? Or are they now and were they then on Public IPs?

If I could just get the Aloha Servers working behind NAT, that would probably solve everything. I'll try the suggestions I have so far before asking anything else.

I don't know what Security Metrics criteria are, but they look reputable enough.

 

[RosemarysBaby]

Justin
Sorry it a bit, I don't check in too often.
I run a pretty vanilla setup but i works great. I find the field split on the subject of 1 nic vs. 2 nic's. I've had both but I like the 1 nic and this is how I do it.

Static IP, 192.168.1.xxx. File server IP=.101 all terminal = term number (except term 1, that I call .11

I setup the DHCP at around 30. I configure port 1,2, &3 on the Zywall to the above LAN and I make port 4 the WLAN with 192.168.2.1. Another AP is plugged into this port 4 and run out to the dining room. Done.

As far as before this setup, everything was exactly the same except I had a WRT54G 192.168.1.x, no WiFi.

I don't believe you're having router issues though, it's probably a Lana problem as suggested above. My post is only about the best and easiest way I found to add WiFi safely.

Suggest you setup a simple static IP scheme, confirm your Lana is "0" in the server nic, then report back any errors.