Building a Networking Business

by

I’m thrilled to announce that as of September 2025, I have joined SALCS Installations as their Network Architect! This role gives me the incredible opportunity to leverage my extensive background in the ISP and networking sectors, alongside all the diverse experience I’ve gained over my career, to build a new Network Department from the ground up. My focus will be designing, implementing, and supporting robust, full-service business connectivity and networking solutions.

I’m eager to engage with partners and clients in this new capacity. If you’re interested in working together on a professional level, please visit our website to connect:.

www.salcs.uk

The Importance of Hotel Guest Wi-Fi

by
No Wi-fi Logo for Guest

I’m writing this because after getting back on the road, I’ve spent a fair few nights away over the last 6 months and whilst out “in digs” you need a few basic things.

For me, Wi-Fi is a neccessity wherever I am. Home and Work are the two key places I am at so great Wi-Fi and fast internet is non-negotiable. My travelling entourage of devices usually consists of my iPhone, iPad, Macbook and work laptop. It’s a lot of devices but they all have their uses (for me anyway). I’m not one to go out for a drink, I’ll go for a wander to appreciate where I am but my ideal evening these days is a night on my laptop, learning or doing.

This isn’t a moan…

There are some very good establishments that offer an unlimited Wi-Fi capability, you get into your room, dump your gear down, and search and it’s there. XXX Free Wi-Fi and you connect and you’re away. For me, they’re the locations I will always prioritise staying at (yes I keep a list) as it allows me to be more me when I’m away.

The Real Pain Points

  • The first has got to be no Wi-Fi at all. I just don’t feel that should be a thing in 2026.
  • Charged Wi-Fi – A certain (larger) establishment offer a 30 minutes free period logged by MAC and email address, after that you pay an amount for 24 hours usage for 2 devices. This model is hideous for me as I have multiple devices and 30 mins is barely enough to get my email open and go through the first 5 unread messages.

Ugly – But not world ending

  • Tiered Wi-Fi – I don’t see the need for this any more but I’d love to see some statistics on who actually makes money off Premium Wi-Fi. Free Wi-Fi is a poor advert for Premium as usually it is intentionally slower, uses lower tech or has limited amounts of something, not a great advert as you never get to test what you’d actually experience with Premium.
  • Poor experience – This is quite broad spanning, from old or poorly implemented networks where you struggle to keep a connection or you have a good connection but it is massively limited by the tech to a system that is deployed well but has a portal that doesn’t come up or takes an age to get through.

The Solution (Not a sales pitch)

The solution is simple. Give away your Wi-Fi!

Connectivity and internet access are wrapped around virtually everything we do now and that goes for the hotels, ordering, telephony, bookings. There is a very strong chance they already have connectivity in place.

Where Wi-Fi access used to be seen as a cash cow on paid for systems, it’s now wide spread enough that it really should be included, whilst giving Wi-Fi away can be an expensive outlay initially, it’s the kind of outlay that in time will pay itself back because you DO offer Free Guest Wi-Fi services that are fast enough, easy enough to access and have a good enough connection for people to use.

There are some considerations to “giving it away” and those are all alleviated by a good deployment, things like “next doors Xbox” can be blocked, “everyone is streaming using all my internet” can be managed and “what if they do something they shouldn’t” can be both controlled and disclaimed.

Ending…

These are just my thoughts driven from some nights whilst out on the road and having yet to be massively impressed by what I’ve experienced. Hotels and B&B’s all want to welcome you and for you to stay with them yet I feel this is a really simple and overlooked point. In general it falls into my “forgettable Wi-Fi” addage but that’s how good it should be as it’s so easy to get right.

How Fast?

by

Looking back through my posts. I started reading and remembering about my struggles with an FTTC connection, trying to eek the best I could from a 55/10 connection.

How times have changed, just this last week I’ve resigned a deal for a 2Gb symmetric connection for home. I am under no illusion that I need that kind of speed but as my contract for 1Gb was ending and the cost would have gone above the great deal I got on 2Gb, I re-signed for another 18 months.

Good job I found a link on how to unlock the Intel SFP+ card so I could run my MikroTik S&RJ10 in the Intel X520 card.

So far I’ve only had 1900/1450 out of it but I can settle at that.

Let’s get you a cheap cloud hosted MikroTik CHR

by

But Why?

Indeed. Well if you’re a tinkerer….because.
If you require more substance, anything you can do on your home MikroTik (and more) done in the cloud, it can solve CGNAT problems if you sit behind one at home and double in use as a remote gateway to set up for your own VPN server. Data collection through honeypot configurations, a secure gateway into a cloud infrastructure, a http(s) proxy and as a general learning tool if you don’t have the capabilities locally.

**NOTICE TO READER**

I had the want but not the immediate skillset to achieve this, I lean on the MikroTik community to fill the gaps in my knowledge – Massive thanks to the forum member wrkq for his work and spoon feeding this one. Forum link is at the end of the post.

The Setup

Here’s your pre-requisite, you need an OVH account and to have purchased/rented one of the VPS servers. At time of writing this I am using their most basic starter 1/2/20 server which as a new user, I am getting for just 83 pence pe rmonth for the first 12 months.
The OS doesn’t particularly matter but I went for the most up to date Debian.

Let’s do it!

Log into your OVH account and navigate your way to managing your shiny new VPS.

Click the three dots under “Boot” heading, “Reboot in rescue mode”. This will take a minute or two to reboot into rescue mode.

Click the three dots under “Name” heading, Choose”KVM” to pop an in browser console.
Use the IP/password displayed on the rescue console to connect in via SSH. The WAN IP can be found in your machine details.

I’m going to skip a middle explanation and checks here – OVH utilises /dev/sda for rescue and your VPS resides on /dev/sdb

Zero the partition by passing this command (note you don’t sudo as you’re already logged in as root)
dd if=/dev/zero of=/dev/sdb bs=1M count=1024

Quickly add in the ability to unzip – This does not mean your CHR will be able to unzip, it means your rescue shell can unzip and this is a non-persistent addition as sda will be destroyed once finished with.
apt install unzip

Let’s download a CHR image
wget https://download.mikrotik.com/routeros/7.16.1/chr-7.16.1.img.zip

And let’s unzip it
unzip chr-7.16.1.img.zip

Now we want to write this across onto our persistent (VM) disk
dd if=chr-7.16.1.img of=/dev/sdb bs=1M

Confirm this is done well, properly and correctly
sync
And again for good luck
sync

We are nearly done but from the SSH shell or KVM issue the below command (try not to get ahead of yourself here)
reboot

Your VM will now reboot itself back into rescue mode, this is fine and we want this (for now).

Get your skates on – We’re bringing it up

We’re in the final stage now, CHR is copied over and you’re ready to leave rescue mode and go public but your problem now is that when OVH assigns it’s public IP via DHCP, your CHR is open to the world by default with a login of admin and no password. You need to move quickly now.

Let’s leave rescue mode and hammer the KVM so you can get in and get safe
On the VPS control panel, “Boot” header and “Reboot my VPS”and this action will leave rescue mode.

“Three dots next to the machine name -> KVM” Keep trying, click, no connect, close, retry until it works. When it does, username admin, no password and change the password to something you’re going to remember. Don’t go full blown mega complex instantly – this is a race to change it initially not to make it unbreakable (that comes once you’re safe).

Quick check to make sure you’re alone

One final command to issue once you are logged in with a non-standard password.
/user/active/print
This checks for any other users, there should only be an admin login via console. If there are ANY other users via shell, ssh, winbox, web or other means, sadly you’re compromised and need to start again.

For the successful – Well done – Get this baby locked down properly now, put a more complex admin password on, start hardening the setup, remove any ip services and access mechanisms you won’t use and put a couple of input rules into your Firewall filters.

We’re Done Here!

That’s it, we are all done. If you’re still at a loss of how to start hardening please read on into my other posts about firewalling, password changes and generally tightening up. My YouTube videos are still available (cheeky link) if you prefer visuals.

Forum Link

https://forum.mikrotik.com/viewtopic.php?t=120413
Again a huge thanks to the MT community and wrkq for steering me right on this one.

The final move… Back to MikroTik

by

My mind is set.

I’ve moved back to MikroTik for my border router (again) only this time I’m sticking with it. I really enjoyed using pfsense but then when I upgraded to the R230 I messed up a very good installation and subsequently tried to push into opnsense which I just didn’t get along with. Then I re-debated going for a virtual host and running the firewall as a VM as opposed to bare metal. I like the flexibility of virtual but also love having a dedicated “thing” as a hardware firewall.

I opted to go virtual host and run MikroTik as I could achieve quickly what I wanted and I know it’s got the legs to go the distance as the configuration matures and evolves. I will admit I’d love to have some pretty graphs but what’ more important? A system I am comfortable with or graphs I will look at a couple of times?

The final problem was connection speed, my CHR license is a P1 and I am running a 10Gb home core network, this means the unit will only upload at 1Gb per interface if I wish to license it for updates or I run it un-licensed and risk not getting updates, not the wisest of choices currently being as RouterOS 7 is only on version 7.16 at time of writing. The easy answer – invest – shortly to take ownership of a P10 license, I don’t need it right this moment but it will be available for when I upgrade the WAN (which I could do tomorrow to 8Gb) and will appease my mind that I have now made good on my internal network.

Now to find a use for my P1…