MikroTik RouterOS • View topic - Multiple Hostspots/user profiles on one router

bwa · **Posted:** Wed Jun 23, 2010 6:08 pm

I have set up multiple Hot Spot servers on my RB493 on multiple ethernet ports. I have also created multiple user profiles. The problem I have is how do I assign a specific user profile to a specific Hot Spot instance? Each user profile has different rate limit attributes. All logins are authenticated through a Free Radius server.

fewi · **Posted:** Sat Aug 14, 2010 4:38 pm

Can you be more specific? What does 'assign a user profile to an instance' mean?

bwa · **Posted:** Sat Aug 14, 2010 4:45 pm

I have several Hot Spot Server instances running on a single MT and they all use the Default User Profile. I would like to assign a different User Profile to each Hot Spot Server Instance but I do not see a way to do this

fewi · **Posted:** Sat Aug 14, 2010 4:52 pm

It doesn't work that way. User profiles only apply to user accounts. User accounts in turn can be limited to certain Hotspot instances.

Hotspot instances take their parameters from Hotspot profiles (not Hotspot user profiles). Set those up as required and select them in the Hotspot instance.

bwa · **Posted:** Sat Aug 14, 2010 4:56 pm

My goal was to rate limit each user on a specific Hot Spot. I know I can apply a rate limit to the HS Server Profile, but is the rate limit per user or for the entire Hot Spot?

Appreciate the help

fewi · **Posted:** Sat Aug 14, 2010 5:10 pm

User profile rate limits are applied to specific users by installing a dynamic simple queue targeting that user's IP address. New dynamic queues are installed on log in and uninstalled on log out. They are installed at the top of the list of queues. At the bottom of the list sits a queue at is just tied to the interface, and any user that doesn't match a more specific queue by IP falls through to it. That interface queue takes the parameters from the rate limit on the server profile. It generally applies to users that are bypassed from login in IP bindings and users that are not authenticated yet.

Since you're using RADIUS you just use RADIUS attributes to rate limit users, though.
http://wiki.mikrotik.com/wiki/Manual:RADIUS_Client#Access-Accept

You can either make user profiles and use the Mikrotik-Group attribute to log users into them, or you can just bypass all that and use the Mikrotik-Rate-Limit attribute to directly tell the router what rate limit to apply to that user's IP address.

Who is online