I've recently signed up for a Voom Gig1 business broadband service with a static IP.
I've been supplied the latest Hitron Chita modem.
This service is being used to supply free wi-fi to a number of small businesses in their own offices, plus a coworking space.
I'm very keen to discuss good/best practices regarding how best to provide and secure this service for multiple small businesses and individuals.
What I've learnt/done so far:
1. I've immediately invested in a 3-pack TP-Link Deco X50 AX3000 Whole Home Mesh WiFi 6 System. I've set this up (at speed), and it appears to be working well. I expect to be having to invest in more of these, in the Deco range, in order to reach all the parts of the premises that I need to, using both wires and wireless to connect my mesh devices together.
2. For (technical) reasons I don't fully understand, it's not possible to put the Hitron Chita into modem only mode ("RG Function") when you have a static IP (see: https://community.virginmedia.com/t5/Networking-and-WiFi/Hitron-No-option-for-modem-mode-RG-function...). I don't know if this going to cause problems or not?
3. When I setup the X50 pods using the TP-Link Deco app, it asked me to choose whether my IP is static or dynamic. I chose Static, and am 99% sure I entered all the correct (IP address, subnet, DNS, etc.), but I couldn't get an internet connection. So I ran the setup again, this time I chose the Dynamic IP option, and this time I COULD get an Internet connection. So it's great that it's all working, but I don't know if I should have persevered with the Static IP setup option.
4. I really want to be able to manage/monitor my network (i.e. the router) remotely. I was hoping that I'd be able to do it with the X50 that is plugged into the Hitron Chita modem. I can see instructions for enabling remote management with TP-Link devices here: https://www.tp-link.com/us/support/faq/1553/ - but this option is NOT available in the web dashboard settings for the X50. So it looks as if I'll have to invest in a compatible tp-link router to achieve this.
5. When all of the above is settled down, I want to ensure that the entire network is secured and optimised to (effectively) public use. In other words, on the one hand it should be a great, easy experience for our tenants to make use of it. On the other hand, it needs to be sufficiently secure, locked down, etc. so that neither internal or external actors can easily abuse the network and/or the devices attached to it.
OK, so quite a lot to process there!
I'm keen to compare notes with anyone else with the challenge of setting up a static IP Virgin business broadband service for multi-tenant usage.