Go | New | Find | Notify | Tools | Reply |
Nullus Anxietas |
One of my best friends passed away several years ago. I loved him dearly, but he had a tendency to over-complicate things. (Never learned "Just because you can, doesn't mean...") I won't bore you with the details. Suffice it to say he left his wife with unmaintainable alarm and surveillance systems, and a thoroughly-locked-down, unmaintainable network. I've helped her out as much as I can, incl. helping her choose a legitimate local company to replace her alarm system and the NVR on her surveillance system. She's hit a roadblock. Her husband had locked the network down so tightly the installers can't get the NVR to the Internet--or even to her own WiFi network. (He'd put LAN and WLAN on separate netblocks, routed between them, and firewalled them from one another.) Her WiFi network doesn't cover the house adequately, anyway, so I propose to:
I'm going to give her a flat LAN/WLAN. I've helped her out for free, so far, because widow of one of my best friends. But this is going to be Real Work. Real Work I really don't wish to do. So it's going to be chargeable. She's ok with that. I'll charge her my friends and family hourly rate. Same rate I charged another of my best friends to do some software on contract for his business. I will not charge her travel time. The question is: For the installation and configuration of the router, two APs, and what little will be needed for the two switches: What seems like a reasonable estimate for time--thus a Not To Exceed number? I want to let her know what she's in for. Mind you: The router config will not be trivial. I'm not going to lock it down like he did, but there will be minimum reasonable ingress and egress rules, as well as port-forwarding for the NVR. Plus I'll configure DHCP to put the NVR and network infrastructure (APs, managed switches) on fixed IP addresses so they can be found. I won't be doing any grunt work. Her alarm system installers will run the cabling necessary for the ceiling-mounted APs. I may or may not be physically installing the APs, themselves. (That's trivial.) "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | ||
|
The Unmanned Writer |
Remove everything and replace anew? Life moves pretty fast. If you don't stop and look around once in a while, you could miss it. "If dogs don't go to Heaven, I want to go where they go" Will Rogers The definition of the words we used, carry a meaning of their own... | |||
|
quarter MOA visionary |
From what you indicated I would most likely charge for three to four hours, more if there is much physical installation needed. Additionally, come of the work in the configuration could be done prior/offsite at your own facility if you have the IP data or a plan for fixed IP's. Or you could look for the guys documentation. | |||
|
Nullus Anxietas |
Yes. I didn't want to make the OP any longer than it was already, but... Replace the router because it would be less expensive than it would be to charge her for the time it would take me to get up-to-speed on the router she has. Plus I'm going to have to provide post-install support. With the router I'm using I know I can do that remotely, safely. Replace her existing WiFi router because it's very poorly sited and, for a flat network, shouldn't be a router. Plus: Somewhat the same thing as the Internet border router with me having to spend time getting up-to-speed on what she has. Remember: Since they're locked-down she has no access to these devices. That means they'd have to be factory-reset and reconfigured from scratch.
Ok, I was thinking about five, so we're close.
Some, yes. I'll have the router delivered here.
If there's documentation on what he did anywhere, I'll eat one of my hats. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Don't Panic |
Once actual cash starts getting laid down for expertise, maybe it might make sense to look at the net costs including your time, and maybe recommending simpler-to-setup-and-manage things that might aggregate out at lower overall costs. Not in your league of network expertise, but is all that you propose doing going to be a lot better/faster than recycling the all locked down stuff and putting in a pair/set of eeros/eero Pro's? I just got connected with Gigabit service and put in eero Pros. Wifi 6, super simple and remotely manageable. Plus, they have ridiculously good phone support (as in, short number of rings, and very knowledgeable staff answering.) You wouldn't have to spend hassle-time (or have to charge for it) and maybe it would be good enough? | |||
|
Nullus Anxietas |
Re-cycling the locked-down router is going to require the router be re-configured anyway. So that's a wash. Probably not even that, because the replacement router costs little more than an hour of my time.
Ask anybody who knows me what I think of "good enough" Besides: Somebody will have to set those up initially. Maybe she can do that. (She's not an airhead.) But I betcha if I tell her "Alternatively: Once I have the router going, you can just go out and buy a couple of these user-friendly mesh thingy's, and they'll probably work for you," she'll tell me she'd rather have me put in a WiFi network I know will work for her. I will give her the option. (I wouldn't recommend eeros, but NetGear Orbi.) As for ongoing support: I've already confirmed with her alarm/surveillance people that, should I not be able to take care of her sometime down the road, they have the expertise to step in. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Member |
. For the equipment that is currently in place... If it is useable, just hit the factory reset button and reconfigure it saving her the cost of replacing equipment that has not out lived it's service life. You will still need to configure any newly purchased equipment, this just reduces hardware costs. Keep the new network simple and write passwords on tape attached to the bottom of the router for the next poor schmuck that needs to maintain it. . | |||
|
Member |
I was thinking 3 hours for a very good friend would probably cover it if I didn't have to deal with physically installing the WAP's. I am notorious though for undercharging good friends, and family gets my help for free. ----------------------------- Guns are awesome because they shoot solid lead freedom. Every man should have several guns. And several dogs, because a man with a cat is a woman. Kurt Schlichter | |||
|
Nullus Anxietas |
The part you're missing, as explained already, is I already know the router I propose to install. I don't know hers. And I know I can admin/maintain the router I propose remotely, I cannot say the same for the one that's in place.
Words fail me...
I'd rather quote high and come in low than the other way 'round Remember: What I'm looking for is not a fixed number, but a "not to exceed" number.
I'm notorious for undercharging period, which is one reason I never dumped my day job and went into consulting on my own. I could have made a lot more money, but probably would not have. In fact: The friend that passed away, whose widow I'm now helping, once advised me, after he found out how I handled the financial side of the few independent consulting jobs I'd done, "Don't quit your day job" (I'd done some small amount of contract work for him, too.) "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Member |
Three hours would be my flat fee to do the work. If I finished in three or less I did Ok. If it took me over three hours, I'd simply eat the overage. I would however do all the configuration work for the router and WAP's at my home ahead of time which 'should' minimize my onsite time. I know its a bad habit but I really don't charge 'good' friends like clients or attempt to really cover my time with them. Everyone else pays full bill (and then some for certain projects). ----------------------------- Guns are awesome because they shoot solid lead freedom. Every man should have several guns. And several dogs, because a man with a cat is a woman. Kurt Schlichter | |||
|
Member |
The part you're missing, as explained already, is I already know the router I propose to install. I don't know hers. And I know I can admin/maintain the router I propose remotely, I cannot say the same for the one that's in place. ........................................................... I saw that, but having read what you documented in the original post ~ my impression is you know more then just the basics of networking. Pulling the unknown to you router's manual off the Internet for a quick read over will answer these questions and might save her from buying new equipment. Considering she already had to pay for a new security company and equipment, this is an option that benefits your best friend's widow vs. forcing her to buy gear she might not need.
Words fail me... ........................................................... Why's that? This is for an in home network, not a company with employees and customers coming and going and a POS system attached that is processing credit card transactions. Anyone who breaks into the house will walk out with jewelry, computers, and TV, they are not going to break into the home for the network password. Her kids and grandkids will be the ones asking her for the password when they come for a visit. Having the SSID name and password on the bottom of the router will make giving it to those she trusts easier on her and them. ........................................................... By the way, I like your decision to keep using PoE cameras vs. WiFi cameras. 2.4 & 5Ghz jammers are below $1,000 now and getting smaller in size. . | |||
|
Nullus Anxietas |
Probably a fairly safe assumption.
No offense intended, but this kind of comment is why I specifically entitled my OP "I.T. Colleagues That Consult/Contract..." (Emphasis added) You don't give a piece of network infrastructure's documentation "a quick read-over," deploy it, and hope for the best. Particularly something as critical as an Internet border router. That is how networks get compromised.
Because it's a bad practice, whether for business or a home network. People thinking this is ok is how passwords end up taped to the bottoms of keyboards and the like at work. I would no more recommend somebody do that than I would they keep an emergency key to their front door under a rock in their garden.
Then she can fetch them out of her encrypted keyring (password safe, what-have-you), instead of going downstairs, into the network/video surveillance/alarm system closet and looking on the bottom of the router. But she won't need to do that, either, because her kids and grandkids will have no need for access to her Internet border router. Nor will they have need for access to her private WiFi network. I will set up a separate guest WiFi network to which she can hand out the keys willy nilly.
They're actually analog cameras. But they're working well, so all she needed was a new NVR. Wasn't my decision (though I agreed with it), but hers. Her not being an air-head: I give her her options, the pros and cons of each approach, the rough cost estimates, and let her decide. It's her home and her money. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
quarter MOA visionary |
You certainly can tell the mindset differences of those in IT and those who are not. I have done exactly what has been proposed ~ replace a router with another. Had a scenario where the device was experiencing performance issues after a Comcast Business upgrade. It was far more expedient and ultimately cheaper (time is money) to replace than to troubleshoot any further (some was done). Just had to preconfigure off site and install with some minor tweaks. Up and running - everybody happy. I have seen too many passwords taped to a monitor - {sigh}. Cheapo Mesh never would enter my mind and as I have said before it is an alternative to running a cable where not possible. It has a place but not as a primary objective. FWIW, even EnGenius has a MESH line as do most all Wi-Fi Companies so MESH isn't evil nor is it optimum. Generally, IT guys like to do most of the work up front (infrastructure) so we can avoid a stressful disaster recovery scenario. At last it's my view. | |||
|
Nullus Anxietas |
Agreed. Particularly having to do disaster recovery because you missed something or tried to cut corners. So I try to avoid the former (thus thorough understanding of the stuff) and simply do not do the latter. Plus, as I've noted, before: Do it once. Do it right. Move on to new challenges. When I was still employed, it was a point of pride for me that my coworkers simply assumed everything would just work. 24x7x52. My Waterloo was a trouble-prone manufacturing system, of which I very reluctantly took the administration. That system was a disaster of epic proportions. But even that one I'd improved the reliability of a couple orders of magnitude. (Outages and inexplicable behavior became an exception, rather than a regular occurrence.) They finally replaced it when, shortly before I retired, I informed my boss "This isn't good enough, but it's the best it can be made to be." (I suspect the thing with which they replaced it, against my counsel, will be as bad, but that's not my problem anymore .)
We are in concordance on this issue. Not that eero, and particularly eero Pro, is "cheapo mesh," but I don't see the point when I can put in two business-/carrier-grade APs and give her rock-solid coverage.
I noticed that. "America is at that awkward stage. It's too late to work within the system,,,, but too early to shoot the bastards." -- Claire Wolfe "If we let things terrify us, life will not be worth living." -- Seneca the Younger, Roman Stoic philosopher | |||
|
Member |
Me too, but the one that floored me the most was when I worked for a bank (100 years ago), bank employees (more than one) would write their ATM PIN number on the back of their ATM card with a black Sharpee. I can still hear one woman (who was a VP) bitching about the bank being unwilling to cover her losses after she lost he ATM card and they determined she'd written her pin number on the back of the card. ----------------------------- Guns are awesome because they shoot solid lead freedom. Every man should have several guns. And several dogs, because a man with a cat is a woman. Kurt Schlichter | |||
|
Powered by Social Strata |
Please Wait. Your request is being processed... |