The last 2 weeks or so have been a whirlwind of cat5 cabling and Linux, but I've finally gotten my head above water and decided to share my experience with everyone. This post will ramble, and I will likely swear at least once (in good taste). At the very least it will be theraputic to get it out of my system. Everything I know about computers is self-taught, trial and error, and I got a good lesson these last few weeks. All of this was spurred by a $13 ebay purchase which to date has cost me over $75 and hasn't stopped yet. I expect another $100 or so in random bric-a-brak. I had a delusion of grandeur where I had a nice professional wifi setup with proper security, i hope someone here learns from my mistakes. Please forgive any spelling and/or grammar errors, and there is a TL;DR at the bottom.

It all started 2 weeks ago when I bought this auction of Cisco 3502 access points. http://www.ebay.com/itm/361772225483 The seller was local, and I was in the neighborhood, so $13 for 3 Cisco aps was a good deal from my perspective. I was using an old netgear-g unit as an AP and it was about as stable as a skateboard in a canoe. 3 of these devices will easily cover my L-shaped house and I will no longer get complaints from my family members regarding bad wi-fi. I then turned around and bought 3 cisco power supplies for $9.99 and a serial port management cable for $1. Still a good deal in my eyes. In fact the seller still has other larger lots of these APs for sale. I debated long and hard about how to power these devices. I am familiar with POE (power over ethernet) and I was considering getting those cheap power injectors from china. Thankfully I found some legit Cisco ones. It also meant I did not need a POE gigabit switch. Which are relativly expensive. I did need a new gig switch, and I did find one, but more on that in a bit.

As for the access points, they are built like tanks. Seriously, you could drive over these things. Cisco AIR-CAP3502I-A-K9 for those playing along at home. Rather sleek units. They are made of 2/3 solid cast aluminum. If you hit someone with one of these, it will definaly give them a concussion. Anyway, I figure wifi-N at up to 300Mb/s is more than sufficent for my house. Going to be miles faster than the 54m I have now. Anyway, after getting the psu and cable, I did test them all out. All were password protected, all were not broadcasting. Annoying, but expected. At least they seemed to work. it took me a couple hours of youtube videos with people whom had very stereotypical accents to finally get the password reset and thus access. I also found out these units needed A Cisso Wirless Access Point Controller, and they were not cheap, even used. Undeterred, I looked for ways to make your own. Surely, it can't be hard. I wanted to rebuild my linux router anyway for the project, having wifi on its own protected vlan seemed like a neat idea.

It took me another day of youtube videos and "how to" guides, but it was finally revealed to me these units came in two flavors. Autonomous and lightweight. The one that I bought was the one that needed to be connected to a controller (lightweight). The end user can flash the firmware to autonomous mode at the cost of some of the cooler advanced features. Not only that, but the firmware is easily availible on the Cisco website IF YOU HAVE AN EXPENSIVE SERVICE CONTRACT. I sent Cisco an email, explaining the situtation and asking if maybe I could get an older version for free. I got a reply back in ~20 minutes. Now, if you do not agree with software piracy, or work for Cisco, please stop reading and skip to the next paragraph. Long story short, they gave me a nicely worded reply, telling me in no uncertain terms they do not release any software for free, even for the 2nd hand market, and that if I want to use their superior products, I can pony up $199 a fucking year for a small business licence. These same people wonder why software piracy is rampant. Anyway, I had the filename and sha512 from the cisco site, so off to the seedy underbelly of the internet I went. Took about 5 minutes to find the file. Checked the sha512 and it matched Cisco's. HUZZAH!

Firmware update was a bit new to me. Took me a whole evening to get it done. For those that don't know, Cisco uses TFTP to update firmware on devices. A simple process, heck, I already had a regular ftp, or so I thought. However several hours later, I was still banging my head against the wall. The AP and server would not even see each other. In the end, I had to get out a laptop with XP to run a special tftp server program. That finally worked and all 3 AP's were now born again virgins in autonomous mode. I come to find out my Comcast home router decided it didn't like compatiton and was interfearing somehow with the tfpt broadcast protocol. That was the last straw. I ripped out satan's black box that night. (side note: if you google image search 'satan's black box', you get several images of that one islamic shrine with the meteor in it) Thus began my 2 night self imposed internet blackout and the adventure of rebuilding my own router.

For several years, I ran my dual-cpu 900mhz p3 xeon system as my home router. However I decided to shut it down, just to save the setup. There was a severe storm one night and lightning destroyed the cable modem, but spared the router. The power supply for my xg-dls was also suffering from bulging caps, so the risk/reward was just not there for me anymore. I was using the default one you get from Cocmast. It works fine, I have no complaints about the service in general. What really burned my ass, was an email I got from Concast. For the uninformed, comcrap has decided to enforce 1tb internet use limits. Go over, and you get overages. Basically its a fuck you to anyone who streams. This rant isn't about the cap, but I will likely drone on about it. I went as far as calling Century link, who was going to offer me 12m if I signed a 3 year deal with them and direct tv. They promiced fiber to the home, tech came out, said he can't do it and to have a nice day. Turns out my choice is to remain a customer of Comcaptive, or no internet.

Building my new router would be easy. I had the perfect canidate all picked out. A long time ago, I purchased a Tyan Thunder HEsl-T S2688. I filled it with 1400mhz tualatins and 6gb of ram and waited. I actually posted about this on a Facebook post: https://www.facebook.com/groups/RetroMachines … 33491263344701/ No idea if anyone here goes to that page, but still. I was proud to see the machine fire up and run. I decided to open two of my new-old-stock Alpha heatsinks. They were designed for high-end AMD setups, but with a bit of creative engineering I crammed them onto the thick Tualatin chips. The fan had to be moved from the side to the top, and I got a quiet 92mm fan and rubber banded it to the pile of ram. The northbridge did get a bit warm. I dropped in 3 gigabit nics (66mhz capable), and immediatly decended into the hell that is Linux.

I suppose Linux is fine, but it is painfully obvious it was not for me. Every time I try to include it in my life, it always seems to be an excersize in pain. It is always some mundane thing I want to do, but for some reason, doing it in Linux almost always ends up horribly. This case was no exception. In my initial design, I wanted to use a 320gb sata drive. I literally have a pile of 20 of them. They are also quiet, fast, low power, and finally designed for 24/7 use. (google seagate pipeline) I dropped in a drive, popped on a sata/ide converter and went to install Smoothwall. I blew an entire day working on this thing. It all started like the hard drive was faulty. Drive swap did not help. swapped cables, changed sata converter, reburned cd, changed cd drive, changed cd cable, used basic ide drive, tried PFsense. (different linux rotuer distro), tried add-on sata card, add-on ide card. All had the same problem, it would hard lock during the install. So I tried XP. Worked PERFECTLY. Xp installed quick, and ran like a raped ape. 24 hours memtest and multi-pi had no errors. I concluded the hardware was fine, it was Linux that was the problem. I googled the one error I was getting during grub, and disabled APIC. No dice. Downloaded IpCop, Vyos, zeroshell, smoothwall AGAIN, and untangle. I made a post about this on this site, but initally got no replies. I was ready to give up. I tore the machine down, and rebuilt the old one on the xg-dls. Worked perfect. So there was something on my tyan board, Linux did not like. I did get a reply on VCF, and there was a suggestion to use the onboard scsi. I was all set to dismiss it out of hand, but I figured "f-it" I might as well try it. I was limited in my hard drive selection. Most of my scsi drives are <2gb and the few larger ones are already inside other systems or 10/15k rpm. I decided on a 15k 18gb drive.

Yea. 🙁 That said, it worked great. Suddenly every version of linux I tried was fat and happy. At least the installers were. Thankfully Linux was tame after this point. I spent a night trying to get Smoothwall to work. It had no problem talking to the internet, but REFUSED to enable dhcp. I gave up, and tried all the linux distros again. All all had similar problems. In the end, every single one, even smoothwall (after a re-install). absolutly refused to route anything. For the record, some of these distros I tried are NOT user friendly. IpCop is the worst. I could not make heads or tails of that waste of a cd-r. Untangle failed at the end of the install, because the cpu did not have SSE2. I went to their site to complain, I wasn't the first aparently. Thankfully I'm not a tool, and I can use the search feature. Turns out SSE2 is for the config gui. Just shoot a browser to the green interface and you can complete setup there. NEAT! And it was for a short time. It also would not do basic NAT.

I check my modem again. Its in bridge mode. I can connect it directly to my garage pc and it works just fine, but it won't let me connect to any DNS server. I'm literally out of things to try, save for actually calling someone. In a combination of impotent rage and general loathing of the whole situation, I begin to reasearch getting a new modem. I call Comshaft at 2am, and by 3am everything was fixed and working. The whole conversation went as such:

me: I cant get online, modem is conencted, I can ping google, but no sites work.
ComCrap: *warble warble warble* unplug it and plug it back in.
me: ok it back and same issue
Comcrap: The modem is in bridged mode, thats your problem, I can't change it from here, you have to change it back.
me: no, i want it that way.
comcrap: I can't help you if its bridged. I can only reset the modem, the router and wifi wont work.
me: Exactly what I want, I'm only connecting one computer anyway.
comcrap: 10 fracking minutes telling me how wonderful the wifi is, and other things.
me: I dont want that, i just want it to be bridged. wifi is actually harmful to humans. Read up about how NFC is slowly poisoning you and is the sign of the coming rapture. It is the mark of the beast. (I laid it on thick)
Comcrap: *CRICKETS*
Comcrap: Ok I need to enable bridged mode on my end, the device will restart and it will work. But I wont be able to help you in the future over the phone, because I won't be able to MONITOR AND CONTROL your modem.
me:
Comcrap: Oh yea. I can restart your modem and get line condition data, but in bridge mode, nothing else works. None of our excellent features... (I stop listening)

Yea. To be fair, I was polite and coridal to the rep. I've done phone CSR work and it *SUCKS*. Double so if you work for 2 time winner (and 4 time runner up) of The Consummerist's Worst Company in America Award.

That call was the golden ticket, I refreshed the connections and everything sprang to life. I'm paying for 150/10. I goto bed triumphant and with speeds like this:

I get up the next morning, and have a look at Untangle:

And all I could think about:

That speedtest result I got a few minutes ago, during peak. If I allow myself to forget I'm going to pay an additional $50 a month for unlimited service. I can't help but seethe with anger at the thought. You can do your own reasearch, but I used 3.8TB last month. I watch a lot of video with 2 others. http://www.consumerreports.org/telecom-servic … h-1TB-data-cap/

Anyway, my future plans are turn to the wifi part. bought this ebay auction: http://www.ebay.com/itm/232125899734
I love finding things that are misspelled and subsequently cheap. Shipping was good, the damn thing could crush a small animal. I did find out very quickly one of the fans is going bad. This is my first managed switch! If possible, I want to setup a vlan with just the wifi, make it public, and setup some kind of paywall for anyone who comes by. I've scanned my nearby wifi spots. I'm the only one with crapcast on the block. I'm thinking a few $ an hour would help offset the $50 rate hike I got. My city voted last election to have the option of municiple broadband. A nearby city has almost completed giving 100% coverage to its citizens, and it isnt a small town: http://www.longmontcolorado.gov/departments/d … about-broadband

TODO:
WIFI on vlan
bitch about comcast
new fan on switch
beat dead horse about comcast
new cable runs (groan)
make everything pretty
sell soul for gig fiber

TL;DR
I don't know what i'm doing with cisco equipment and linux router, also comcast sucks