Hello, my name is Chris Adams. My business partners and I recently opened a coworking space in Baton Rouge, Louisiana, and I’m looking for some advice on network setup. Any suggested companies or people that have an understanding of coworking and/or are recommended by space owners are welcome as well. A little bio: We’ve been open since July 2017, and I have tried multiple solutions found online without finding the solution that I believe is right for me. I’m hoping to get advice or information from other owners and space managers to help determine our space’s precise needs, and we are looking to hire for services and/or professional advice. However, we are a young company, and I’m trying to waste as little money as possible and avoid paying for things I do not need.
Our Current Setup:
Nexudus Software to manage users, billing, etc.
Mikrotik router with hotspot for Nexudus wifi checkin
1 Managed Ubiquiti Unifi 24-port Switch
1 Managed Ubiquiti Unifi PoE Switch
4 SIP VoIP Polycom Desktop Phones
1 SIP VoIP Polycom Soundstation 5000 Phone
Xerox WorkCentre 6515 DN MFP connected via LAN
One on-site Ubuntu server
Ezeep for printer management w/ Nexudus integration
Five VLANs (all w/ dedicated subnet & DHCP):
Our admin VLAN w/ dedicated SSID
Hotspot VLAN w/ dedicated SSID
Client1 Admin VLAN w/ dedicated SSID
Client1 Staff VLAN w/ dedicated SSID
Client 2 VLAN w/ wired ethernet access only Current Setup Notes:
I hired an IT engineering firm based in Austin to help remotely because I was having problems with the MikroTik/Ubiquiti combo (i.e. Unifi software completely stopped working after a couple of weeks, MikroTik hotspot was buggy) and they fixed those issues at a pretty hefty price. They hinted that they though my network setup was unusual, but I wanted to be sure of exactly what needs to change before hiring them (or someone else) to assist with the process.
I have a Unifi Security Gateway which was replaced by the MikroTik. USG was purchased before I chose Nexudus as my management system.
All users are running either Windows 10 (desktop & mobile), Mac OSX, and have various mobile devices.
I chose VLAN setup because my clients brought their own printers/copiers and wanted to be able to share the printers and files with each other without the risk of unauthorized access.
The MikroTik/Nexudus Hotspot is set up to block traffic between clients connected to that subnet. I could program everything EXCEPT the Polycom SoundStation to bypass hotspot authentication and connect to the internet on the hotspot network. I did this to prevent users from connecting their devices directly to outgoing ethernet ports in the phones to bypass hotspot authentication.
I have no ability to track and charge for copies or received faxes on the WorkCentre. I mistakenly thought the model I purchased supported document codes and accounting features. It does have user management with very limited permission options, a very disorganized event log, and support for common authentication protocols such as LDAP. Plans and Goals:
We’re switching from Nexudus to Proximity Space soon, which will eliminate the eZeep integration and various other features built into Nexudus. I have two old Microsoft Server boxes with decent storage, ram, and processors that I would like to use for file and print servers (with central user authentication, group policies (shared folder size limits, print limits and policies, etc.), and a CRM.
I think the server should be Linux based due to the required compatibility with Windows, Mac OSX, Linux, and mobile device clients. I don’t want anyone to lose their current local user accounts on their systems. I’m hoping there’s a possibility for my server user to match their local user and work together.
I tested JumpCloud’s Directory as a Service on my machine, and it took over my local user account which worked out great except for the fact I can no longer manage the local user account from my PC. I’m not sure members would like that. JC also offers Radius as a Service, which I thought may be beneficial to me in some way.
Is there an option other than VLANs and/or separate subnets to segregate network sharing? Do VLANs require a dedicated subnet? My server will not ping a client in another VLAN/subnet, but the client can ping my server from VLANS outside of the hotspot. I haven’t tried to ping my server from clients in the hotspot.
I would like to have a dedicated VoIP network that only allows either voice only traffic or mac address authentication.
Security is a major concern for me. I do not understand linux’s command line firewall configuration or MikroTik firewall configuration. QoS setup is a priority for me in the future as well.
It’s not a must, but I would like to be able to control the public PC in our conference room. I do not want users to have access to any settings or be able to install programs, etc. on the machine. Automatic deletion of downloaded files would be nice, too. Short version - I would like to control which clients can access certain directories and printers, have a central user management system for file/printer access control policies, have users use the same login on the printer as they would on the network and wifi, account for all pages printed, copied, and received via fax based on color or black and white ink usage, VoIP network that blocks everything but the phone/voice traffic, central control of the public PC in our conference room, and user-friendly QoS & internal and external security configuration.
Please let me know if I am misunderstanding something or left out something. We’re growing faster than I thought we would, and I want to ensure my members are happy and my network runs smoothly. I can’t begin to tell you how much I would appreciate any type of feedback, advice, or help. Thank you so much.
Sorry if I used any incorrect terminology and my lack of expertise on this subject. Also, sorry for the long post.
My email address is [email protected] if anyone would like to reach out.
It sounds like you need dedicated IT help and I don’t think a remote consultant will cut it. I know that’s a tall order but what you are asking for is extensive. It’s too much to expect Nexudus (or any software platform) to pick up the slack or that you can just hire someone to build it and then it will hum along without maintenance. I know most spaces do not have an IT person and run in to similar issues. The best strategy I’ve seen to operate without help is to greatly simplify things. That means giving up on a lot of the things you are asking for here even though they are pretty straight forward. But hosting a dinner for 200 people is straight forward… if you are a catering company.
When I get more settled up here in Vancouver I’d like to pull together a collective of IT professionals helping Coworking spaces. If anyone is interested, please reach out.
···
On Wed, Oct 11, 2017 at 4:02 PM, Chris Adams [email protected] wrote:
Hello, my name is Chris Adams. My business partners and I recently opened a coworking space in Baton Rouge, Louisiana, and I’m looking for some advice on network setup. Any suggested companies or people that have an understanding of coworking and/or are recommended by space owners are welcome as well. A little bio: We’ve been open since July 2017, and I have tried multiple solutions found online without finding the solution that I believe is right for me. I’m hoping to get advice or information from other owners and space managers to help determine our space’s precise needs, and we are looking to hire for services and/or professional advice. However, we are a young company, and I’m trying to waste as little money as possible and avoid paying for things I do not need.
Our Current Setup:
Nexudus Software to manage users, billing, etc.
Mikrotik router with hotspot for Nexudus wifi checkin
1 Managed Ubiquiti Unifi 24-port Switch
1 Managed Ubiquiti Unifi PoE Switch
4 SIP VoIP Polycom Desktop Phones
1 SIP VoIP Polycom Soundstation 5000 Phone
Xerox WorkCentre 6515 DN MFP connected via LAN
One on-site Ubuntu server
Ezeep for printer management w/ Nexudus integration
Five VLANs (all w/ dedicated subnet & DHCP):
Our admin VLAN w/ dedicated SSID
Hotspot VLAN w/ dedicated SSID
Client1 Admin VLAN w/ dedicated SSID
Client1 Staff VLAN w/ dedicated SSID
Client 2 VLAN w/ wired ethernet access only Current Setup Notes:
I hired an IT engineering firm based in Austin to help remotely because I was having problems with the MikroTik/Ubiquiti combo (i.e. Unifi software completely stopped working after a couple of weeks, MikroTik hotspot was buggy) and they fixed those issues at a pretty hefty price. They hinted that they though my network setup was unusual, but I wanted to be sure of exactly what needs to change before hiring them (or someone else) to assist with the process.
I have a Unifi Security Gateway which was replaced by the MikroTik. USG was purchased before I chose Nexudus as my management system.
All users are running either Windows 10 (desktop & mobile), Mac OSX, and have various mobile devices.
I chose VLAN setup because my clients brought their own printers/copiers and wanted to be able to share the printers and files with each other without the risk of unauthorized access.
The MikroTik/Nexudus Hotspot is set up to block traffic between clients connected to that subnet. I could program everything EXCEPT the Polycom SoundStation to bypass hotspot authentication and connect to the internet on the hotspot network. I did this to prevent users from connecting their devices directly to outgoing ethernet ports in the phones to bypass hotspot authentication.
I have no ability to track and charge for copies or received faxes on the WorkCentre. I mistakenly thought the model I purchased supported document codes and accounting features. It does have user management with very limited permission options, a very disorganized event log, and support for common authentication protocols such as LDAP. Plans and Goals:
We’re switching from Nexudus to Proximity Space soon, which will eliminate the eZeep integration and various other features built into Nexudus. I have two old Microsoft Server boxes with decent storage, ram, and processors that I would like to use for file and print servers (with central user authentication, group policies (shared folder size limits, print limits and policies, etc.), and a CRM.
I think the server should be Linux based due to the required compatibility with Windows, Mac OSX, Linux, and mobile device clients. I don’t want anyone to lose their current local user accounts on their systems. I’m hoping there’s a possibility for my server user to match their local user and work together.
I tested JumpCloud’s Directory as a Service on my machine, and it took over my local user account which worked out great except for the fact I can no longer manage the local user account from my PC. I’m not sure members would like that. JC also offers Radius as a Service, which I thought may be beneficial to me in some way.
Is there an option other than VLANs and/or separate subnets to segregate network sharing? Do VLANs require a dedicated subnet? My server will not ping a client in another VLAN/subnet, but the client can ping my server from VLANS outside of the hotspot. I haven’t tried to ping my server from clients in the hotspot.
I would like to have a dedicated VoIP network that only allows either voice only traffic or mac address authentication.
Security is a major concern for me. I do not understand linux’s command line firewall configuration or MikroTik firewall configuration. QoS setup is a priority for me in the future as well.
It’s not a must, but I would like to be able to control the public PC in our conference room. I do not want users to have access to any settings or be able to install programs, etc. on the machine. Automatic deletion of downloaded files would be nice, too. Short version - I would like to control which clients can access certain directories and printers, have a central user management system for file/printer access control policies, have users use the same login on the printer as they would on the network and wifi, account for all pages printed, copied, and received via fax based on color or black and white ink usage, VoIP network that blocks everything but the phone/voice traffic, central control of the public PC in our conference room, and user-friendly QoS & internal and external security configuration.
Please let me know if I am misunderstanding something or left out something. We’re growing faster than I thought we would, and I want to ensure my members are happy and my network runs smoothly. I can’t begin to tell you how much I would appreciate any type of feedback, advice, or help. Thank you so much.
Sorry if I used any incorrect terminology and my lack of expertise on this subject. Also, sorry for the long post.
My email address is [email protected] if anyone would like to reach out.
–
You received this message because you are subscribed to the Google Groups “Coworking” group.
To unsubscribe from this group and stop receiving emails from it, send an email to [email protected].
I’m not tech savvy, but I sent a link to this to our tech company–
We use Nexudus and love it. However we do not use the Wifi Access that links to it.
For public PC i would just set up an admin and then a guest log in that way it keeps people from changing things.
Best wishes,
Jana
···
On Sunday, October 15, 2017 at 10:07:16 AM UTC-4, Chris Adams wrote:
Hello, my name is Chris Adams. My business partners and I recently opened a coworking space in Baton Rouge, Louisiana, and I’m looking for some advice on network setup. Any suggested companies or people that have an understanding of coworking and/or are recommended by space owners are welcome as well. A little bio: We’ve been open since July 2017, and I have tried multiple solutions found online without finding the solution that I believe is right for me. I’m hoping to get advice or information from other owners and space managers to help determine our space’s precise needs, and we are looking to hire for services and/or professional advice. However, we are a young company, and I’m trying to waste as little money as possible and avoid paying for things I do not need.
Our Current Setup:
Nexudus Software to manage users, billing, etc.
Mikrotik router with hotspot for Nexudus wifi checkin
1 Managed Ubiquiti Unifi 24-port Switch
1 Managed Ubiquiti Unifi PoE Switch
4 SIP VoIP Polycom Desktop Phones
1 SIP VoIP Polycom Soundstation 5000 Phone
Xerox WorkCentre 6515 DN MFP connected via LAN
One on-site Ubuntu server
Ezeep for printer management w/ Nexudus integration
Five VLANs (all w/ dedicated subnet & DHCP):
Our admin VLAN w/ dedicated SSID
Hotspot VLAN w/ dedicated SSID
Client1 Admin VLAN w/ dedicated SSID
Client1 Staff VLAN w/ dedicated SSID
Client 2 VLAN w/ wired ethernet access only Current Setup Notes:
I hired an IT engineering firm based in Austin to help remotely because I was having problems with the MikroTik/Ubiquiti combo (i.e. Unifi software completely stopped working after a couple of weeks, MikroTik hotspot was buggy) and they fixed those issues at a pretty hefty price. They hinted that they though my network setup was unusual, but I wanted to be sure of exactly what needs to change before hiring them (or someone else) to assist with the process.
I have a Unifi Security Gateway which was replaced by the MikroTik. USG was purchased before I chose Nexudus as my management system.
All users are running either Windows 10 (desktop & mobile), Mac OSX, and have various mobile devices.
I chose VLAN setup because my clients brought their own printers/copiers and wanted to be able to share the printers and files with each other without the risk of unauthorized access.
The MikroTik/Nexudus Hotspot is set up to block traffic between clients connected to that subnet. I could program everything EXCEPT the Polycom SoundStation to bypass hotspot authentication and connect to the internet on the hotspot network. I did this to prevent users from connecting their devices directly to outgoing ethernet ports in the phones to bypass hotspot authentication.
I have no ability to track and charge for copies or received faxes on the WorkCentre. I mistakenly thought the model I purchased supported document codes and accounting features. It does have user management with very limited permission options, a very disorganized event log, and support for common authentication protocols such as LDAP. Plans and Goals:
We’re switching from Nexudus to Proximity Space soon, which will eliminate the eZeep integration and various other features built into Nexudus. I have two old Microsoft Server boxes with decent storage, ram, and processors that I would like to use for file and print servers (with central user authentication, group policies (shared folder size limits, print limits and policies, etc.), and a CRM.
I think the server should be Linux based due to the required compatibility with Windows, Mac OSX, Linux, and mobile device clients. I don’t want anyone to lose their current local user accounts on their systems. I’m hoping there’s a possibility for my server user to match their local user and work together.
I tested JumpCloud’s Directory as a Service on my machine, and it took over my local user account which worked out great except for the fact I can no longer manage the local user account from my PC. I’m not sure members would like that. JC also offers Radius as a Service, which I thought may be beneficial to me in some way.
Is there an option other than VLANs and/or separate subnets to segregate network sharing? Do VLANs require a dedicated subnet? My server will not ping a client in another VLAN/subnet, but the client can ping my server from VLANS outside of the hotspot. I haven’t tried to ping my server from clients in the hotspot.
I would like to have a dedicated VoIP network that only allows either voice only traffic or mac address authentication.
Security is a major concern for me. I do not understand linux’s command line firewall configuration or MikroTik firewall configuration. QoS setup is a priority for me in the future as well.
It’s not a must, but I would like to be able to control the public PC in our conference room. I do not want users to have access to any settings or be able to install programs, etc. on the machine. Automatic deletion of downloaded files would be nice, too. Short version - I would like to control which clients can access certain directories and printers, have a central user management system for file/printer access control policies, have users use the same login on the printer as they would on the network and wifi, account for all pages printed, copied, and received via fax based on color or black and white ink usage, VoIP network that blocks everything but the phone/voice traffic, central control of the public PC in our conference room, and user-friendly QoS & internal and external security configuration.
Please let me know if I am misunderstanding something or left out something. We’re growing faster than I thought we would, and I want to ensure my members are happy and my network runs smoothly. I can’t begin to tell you how much I would appreciate any type of feedback, advice, or help. Thank you so much.
Sorry if I used any incorrect terminology and my lack of expertise on this subject. Also, sorry for the long post.
My email address is [email protected] if anyone would like to reach out.
Chris - if you wanted to setup a call or shoot me an email I’d be happy to help. We have experience with Co-Working spaces and conquering many of the problems you face, but I’m not sure all. Regardless, shoot me an email if you wish and happy to help with what I can. Email address is Bradd at gamma.tech. Br…@gamma.tech
···
On Sunday, October 15, 2017 at 10:07:16 AM UTC-4, Chris Adams wrote:
Hello, my name is Chris Adams. My business partners and I recently opened a coworking space in Baton Rouge, Louisiana, and I’m looking for some advice on network setup. Any suggested companies or people that have an understanding of coworking and/or are recommended by space owners are welcome as well. A little bio: We’ve been open since July 2017, and I have tried multiple solutions found online without finding the solution that I believe is right for me. I’m hoping to get advice or information from other owners and space managers to help determine our space’s precise needs, and we are looking to hire for services and/or professional advice. However, we are a young company, and I’m trying to waste as little money as possible and avoid paying for things I do not need.
Our Current Setup:
Nexudus Software to manage users, billing, etc.
Mikrotik router with hotspot for Nexudus wifi checkin
1 Managed Ubiquiti Unifi 24-port Switch
1 Managed Ubiquiti Unifi PoE Switch
4 SIP VoIP Polycom Desktop Phones
1 SIP VoIP Polycom Soundstation 5000 Phone
Xerox WorkCentre 6515 DN MFP connected via LAN
One on-site Ubuntu server
Ezeep for printer management w/ Nexudus integration
Five VLANs (all w/ dedicated subnet & DHCP):
Our admin VLAN w/ dedicated SSID
Hotspot VLAN w/ dedicated SSID
Client1 Admin VLAN w/ dedicated SSID
Client1 Staff VLAN w/ dedicated SSID
Client 2 VLAN w/ wired ethernet access only Current Setup Notes:
I hired an IT engineering firm based in Austin to help remotely because I was having problems with the MikroTik/Ubiquiti combo (i.e. Unifi software completely stopped working after a couple of weeks, MikroTik hotspot was buggy) and they fixed those issues at a pretty hefty price. They hinted that they though my network setup was unusual, but I wanted to be sure of exactly what needs to change before hiring them (or someone else) to assist with the process.
I have a Unifi Security Gateway which was replaced by the MikroTik. USG was purchased before I chose Nexudus as my management system.
All users are running either Windows 10 (desktop & mobile), Mac OSX, and have various mobile devices.
I chose VLAN setup because my clients brought their own printers/copiers and wanted to be able to share the printers and files with each other without the risk of unauthorized access.
The MikroTik/Nexudus Hotspot is set up to block traffic between clients connected to that subnet. I could program everything EXCEPT the Polycom SoundStation to bypass hotspot authentication and connect to the internet on the hotspot network. I did this to prevent users from connecting their devices directly to outgoing ethernet ports in the phones to bypass hotspot authentication.
I have no ability to track and charge for copies or received faxes on the WorkCentre. I mistakenly thought the model I purchased supported document codes and accounting features. It does have user management with very limited permission options, a very disorganized event log, and support for common authentication protocols such as LDAP. Plans and Goals:
We’re switching from Nexudus to Proximity Space soon, which will eliminate the eZeep integration and various other features built into Nexudus. I have two old Microsoft Server boxes with decent storage, ram, and processors that I would like to use for file and print servers (with central user authentication, group policies (shared folder size limits, print limits and policies, etc.), and a CRM.
I think the server should be Linux based due to the required compatibility with Windows, Mac OSX, Linux, and mobile device clients. I don’t want anyone to lose their current local user accounts on their systems. I’m hoping there’s a possibility for my server user to match their local user and work together.
I tested JumpCloud’s Directory as a Service on my machine, and it took over my local user account which worked out great except for the fact I can no longer manage the local user account from my PC. I’m not sure members would like that. JC also offers Radius as a Service, which I thought may be beneficial to me in some way.
Is there an option other than VLANs and/or separate subnets to segregate network sharing? Do VLANs require a dedicated subnet? My server will not ping a client in another VLAN/subnet, but the client can ping my server from VLANS outside of the hotspot. I haven’t tried to ping my server from clients in the hotspot.
I would like to have a dedicated VoIP network that only allows either voice only traffic or mac address authentication.
Security is a major concern for me. I do not understand linux’s command line firewall configuration or MikroTik firewall configuration. QoS setup is a priority for me in the future as well.
It’s not a must, but I would like to be able to control the public PC in our conference room. I do not want users to have access to any settings or be able to install programs, etc. on the machine. Automatic deletion of downloaded files would be nice, too. Short version - I would like to control which clients can access certain directories and printers, have a central user management system for file/printer access control policies, have users use the same login on the printer as they would on the network and wifi, account for all pages printed, copied, and received via fax based on color or black and white ink usage, VoIP network that blocks everything but the phone/voice traffic, central control of the public PC in our conference room, and user-friendly QoS & internal and external security configuration.
Please let me know if I am misunderstanding something or left out something. We’re growing faster than I thought we would, and I want to ensure my members are happy and my network runs smoothly. I can’t begin to tell you how much I would appreciate any type of feedback, advice, or help. Thank you so much.
Sorry if I used any incorrect terminology and my lack of expertise on this subject. Also, sorry for the long post.
My email address is [email protected] if anyone would like to reach out.