Open source cloud managed enterprise WiFi
This project explores a new approach for providing secured managed enterprise WiFi based on low cost hardware combined with both new and existing (but modified) open source software. The solution provides a cloud based management interface which allows organizations to aggregate the configuration and management of small, medium and large WiFi solutions. It utilizes a novel approach for user authentication, giving each user a unique passphrase. It provides unlimited SSID’s across an unlimited number of WiFI zones, and the ability to place each user (and all their devices) on their own VLAN. With proper configuration it can even provide user local services. It also allows for users’ usage and quality of service to be monitored, and for users to be added, enabled, and disabled at will.
Summer Research 2024
Working document – link
Activity Form – Please fill this in for ALL work done.
Please fill this out everytime you work on the project.
| Date | Activities | Comments | Complete |
| Feb 2 | Use Linux Setting up Ruby on Rails | ||
| Feb 6 | Start Ruby on Rails activity | ||
| Feb 8 | Learn Ruby What Rails video | ||
| ?? | Get Pi’s Running for each team member | Blog on Rails Blog Notes | |
| ?? | OpenWRT: build enviornment | ||
| May 9: 1:30-4:00 | Final presentations (Ruberic). Moodle Link |
Repositories:
Cloudwifi Website: link
Notes
Development and Test Servers
| Server | IP Address |
| cloudwifi.org | 34.201.126.229 |
| http://cloudwifi.org:3000/ http://cloudwifi.org/phpmyadmin/ | |
| CloudWiFiDev1 | 138.28.162.212 |
| CloudWiFiTest | 138.28.162.213 |
| LinuxLearn | 138.28.162.215 |
| LinuxRoR – Local test wifi cloud server http://138.28.162.211:3000/ | 138.28.162.211 |
| OpenWRTDev | 138.28.162.216 |
| ProxMox VM server | https://138.28.162.5:8006/ |
Spring 2024 Assignments
| Activity | Port/Mac/IP/branch/ account | Team | Status |
| FixStatus Fix Status on Access Points and WLANs page to reflect the actual current status – Currently it shows sites online that are not. – Need to look at date/time – For Admin page, show if unit is on or off line (currently only show “not owned” – Notes Page – keep working notes here | 3001 d8:3a:dd:2b:22:06 138.28.162.226 FixStatus shrestha1@kenyon.edu fixstatus177 | Samyak Harshal | |
| FixUsers Fix Active Users to reflect the actual current status and improve: – show device type? – Make sure data throughput is correct. – this option can be followed by UserEnable – Notes Page – keep working notes here | 3002 d8:3a:dd:2c:08:c9 138.28.162.61 FixUsers zaneb1@kenyon.edu kenyon123 | Advaitha Rida | |
| AddHash Change action to update AP configuration to be based on Hash – For each AP, on the portal re-compute the current hash of the state everytime it gets a request from the AP. – The Hash is over the configuration that it will send. This is a combination of the configuration plus the WPA Keys. – Use MD5 for the hash. – The hash is sent to the AP with the configuration when configuring. Then, it is send with every request from the AP (such as an alive). If it changes, the AP will go from the Alive state to the Config state, and request a new configuration. Can be followed up by Manager Portal – Notes Page – keep working notes here | 3003 dc:a6:32:a8:7d:a4 138.28.162.45 AddHash lee11@kenyon.edu addhash | Abhigya Fatma Christopher | |
| UserEnable – Completed by Skon Get User Enable to work – User can only use the system when “Enabled” is checked. – If they are currently logged in, they much be kicked off. – Note: This will integrate with the hash above. The WPAs will change when a user is enabled or disabled, also changing the Hash, so the AP will request a new configuration. | |||
| ManagerPortal Make System Manager portal work. – Can see all the connect Hardware, and who Manages it (if anyone) – Can filter for unassigned hardware – Can See and manage list of Managers – Can look at any account by organization (Manager) – What else? | Fatma Christopher | ||
| RebootRestart Completed by Skon. Also added a update option. Enable two buttons on the Access Point line: 1. To reboot the AP 2. To restart the statemachine on the AP 3. Upgrade AP to the latest code (on github) | Skon | ||
| AddVLAN Add a VLAN id to the Zone. – This will be passed to the AP with the configuration. The professor will add the VLAN support to the AP (it’s mostly already there). – After we get it working, I will need to get a VLANing switch so we can test it. | |||
| SSL Get SSL runing with letsencrypt | |||
| OpenWRT setup Document |
Spring 2024 Task Groups
| Longer Term activities | Members | Branch | |
| Test User interface. (Test as currently functions) 1. Spend time working through all possible options many times. 2. Create a test plan. 3. Fully execute the tet plan (updating as needed) 4. Create a list of Issues a. Station data use seems incorrect b. Active users breaks if AP deleted 5. Work toward fixing the issues. 6. Improve code (format and organization) while fixing problems | |||
| Improve User Experience 1. Spend time working through all possible options many times. 2. Note all user experience issues (tasks overly complex, hard to understand, etc) 3. Propose new interface plan 4. Update interface with new features, organization | |||
| Aggregated Management Features 1. Consider process of setting up an operating a system with 100+ APs 2. Propose ways of organizing groups of APs, users, zones (perhaps a hierarchy) for viewing, monitoring, updating 3. Propose operation for aggregating management as groups. 4. Implement the proposals | |||
| VLAN operation 1. Test Zone and user VLAN operations 2. Modify server and client as needed | |||
| User Operations 1. Get enable/disable user to work 2. Add feature to limit data used in a 24 hour period or hours connected per day. |
Possible Areas of Focus:
- Cloud Portal
– User interface
– System Manager Portal. View all Manager. Delete organization. Remove HW. - Client Discovery
– Create a better way of discovering clients based on beingon the same network. - User experience
– infrastrstucture management
– aggragation of operations across devices, zones and users
– advanced monitoring - System security
– Cloud portal security
– API security
– WiFi Device Security - Raspberry Pi implementation
– feature enhancement
– reliability - Allow for NAT rather then Bridge
– This would allow the system to work on networks with limited IP’s per port. - System testing
– throughput testing
– user scalability testing
– roaming testing - Improve Auto Channel Selection
- OpenWRT Port
– Port system to off-the-self WiFi Routers (Like Archer A7)
Resources
Students:
| Student | Port | Project | Link | |
| Harshal Rukhaiyar | rukhaiyar1@kenyon.edu | 3001 | ||
| Rida Zaneb | zaneb1@kenyon.edu | 3002 | ||
| Abhigya Koirala | koirala1@kenyon.edu | 3003 | ||
| Fatma Mahmoud | mahmoud1@kenyon.edu | 3004 | ||
| Samyak Shrestha | shrestha1@kenyon.edu | 3005 | ||
| Christopher Lee | lee11@kenyon.edu | 3006 | ||
Advaitha Maniganda | manigandan1@kenyon.edu | 3007 |
skonjp@kenyon.edu,rukhaiyar1@kenyon.edu,zaneb1@kenyon.edu,koirala1@kenyon.edu,mahmoud1@kenyon.edu,shrestha1@kenyon.edu,lee11@kenyon.edu,manigandan1@kenyon.edu
Courses to prepare for the study:
1. Watch this course: https://www.youtube.com/watch?v=t_ispmWmdjY
2. Learn Ruby on Rails: https://gorails.com/start
3. Learn Wifi: https://www.udemy.com/course/the-ultimate-wlan-and-wifi-training-course/