Wi-Fi for customer use

How many operators offer wi-fi access to your customers? And has there ever been a breach
in your back office computer i.e. credit card processing or getting into your files?

We have it, on a fully separate router. I’m no techie but it seemed like the only logical way to assure there was no way to worm their way into my data.

Last time I set up public wifi in a restaurant I used a netgear WNDR3400 router. It has a guest wireless feature that when turned on and properly set up, allows for people to connect to it and use the internet. when set up properly, it will also prevent those wireless users from accessing your network, and can even be setup to prevent those users from being able to communicate with other users on the guest wireless. Since the “guest wireless” is a separate wireless ssid name, you could still have wireless devices on your network that you allow, such as an ipad.

Before that, I used 3 routers to achieve a public wifi. Since I only had 1 IP address from the internet company I had to use 1 router to split the signal to the other two routers, one was the public wifi and the other was the store network. This caused excess clutter in the office as well as made it difficult to manage, as I ended up running separate IP scopes on each to be able to log into each of them without doing a rewiring job everytime I needed to check a setting, etc.

Switching from the 3 routers to the 1 netgear router eliminated a lot of clutter in the office and reduced the amount of outlets I needed for power, and was a lot easier to manage as well.

I have free wifi in my shop. Never had any problems with security. I set up my internal network just like Stebby. One router, one secure network for internal stuff, one open for my customers.

I, too, use 2 wireless routers…and I also took off the anteanas for the secure/store router, just for further security redundancy…lol

Thanks guys i will have to check out that netgear router

As I understand it, having two routers alone won’t help much for security UNLESS those routers are set up as different domains (sorry if that nomenclature is wrong). So our POS Lan router is 192.168.1.xxx and our public wifi router is 192.168.2.xxx

I don’t know the technical details of this, but someone smarter than me told me it was true :slight_smile:

My 2nd router is plugged into the 1st, & it is the one with the antennae removed…i believe that is the only way 2 routers work, if the 1st one directs the 2nd…

If it goes internet - store router - public router, then you might as well only have one router since you wont be secure.

If it goes Internet - public router - store router, then you’ll be more secure but still not secure enough for my comfort since all the store traffic with credit card data etc will be going through the public router.

I used to use 3 routers, one to split the internet to the 2 other routers, one public and one private. The netgear router I mentioned takes the place of the 3 routers and keeps both store traffic and public traffic separate when configured properly.

This stuff gives me the heebie-jeebies. I know wifi helps bring in lunch customers, but you need to block certain “ports”. Like the ones that people use to pirate stuff like movies and music. I think its a necessary evil, especially for fast-casual.

Tho its not rocket science, you are stressing far too much, IMHBCO…

Few, if any, are able or willing to hack into a pizza joint, especially with the security that is built into modern routers…

Your store data is worthless, since there isn’t any credit card info stored (at least there shouldnt be)…

They’d have to bypass two routers, and for what?

Yes, some might pirate movies and the like, but few will come to your store for that…

I also believe you can use software, like baracuda.com, to block/filter…

Patrick is correct… if you are using two routers, each router must be on it’s own IP range.

The way to set this up is Modem -> First Router - > Second Router. You’ll plug the WAN port of the Second Router into one of the LAN ports on the First Router (in the old days you needed a crossover cable for this, but I think modern routers will auto-sense) and configure your IP ranges. The First Router serves the WiFi.

The above is very important - if you connect your two routers together by using LAN ports on both routers your entire network is visible from connections on both routers.

Set the First Router range to 192.168.1.x, and the Second Router to 192.168.2.x.

With all of that said, and I’m going from memory here, I don’t believe the above configuration will pass PCI compliance because both public traffic and credit card transactions will pass through the First Router.

Whether a hacker with nefarious purposes could compromise your network with the above setup is beyond my scope of knowledge, but if it isn’t PCI compliant it wouldn’t fly in my restaurant… not worth the risk.

While your store data may be (mostly) worthless, I disagree that some hacker looking to steal credit card information wouldn’t be interested in the local pizza shop with an incorrectly configured public WiFi network - that’s called an easy target. Sure you won’t be storing credit card data, but the ability to get access to one computer and install a keylogger on a machine with a keyboard wedge credit card swiper… that could be dangerous.

And if you are still unsecure with credit cards, use Square with an iphone or android, over the air, not wifi…