MikroTik

Community discussions
https://forum.mikrotik.com/

Best way to bypass the hotspot

https://forum.mikrotik.com/viewtopic.php?t=2477

Page 1 of 1

Best way to bypass the hotspot

Posted: Tue Mar 22, 2005 5:13 pm
by mrchiless
I have to class C's 192.168.1.x and 192.168.2.x
I want 192.168.1.x to alway use the hotspot to authenticate, but I want 192.168.2.x to be router thru the hotspot without the need to authenicate.
I see from the posts that in to 2.8 you create a mangle rule to mark the packets, then a firewall rule Is it the same in 2.9 or is there a easy way to do it. But some poeple are saying you just need mangle rule.
I have tried the rule below with no luck.

ip firewall mangle add src-address=192.168.2.0/24 mark-flow=hs-auth chain=input

Posted: Tue Mar 22, 2005 9:00 pm
by lastguru
In 2.9 hotspot is working completely differently. either "/ip hotspot ip-binding" or "ip hotspot walled-garden ip" is your friend, I suppose. There is a manual for the new hotspot if you want some weekend reading.

Posted: Tue Mar 22, 2005 11:14 pm
by mrchiless
In 2.9 hotspot is working completely differently. either "/ip hotspot ip-binding" or "ip hotspot walled-garden ip" is your friend, I suppose. There is a manual for the new hotspot if you want some weekend reading.
Looking at the manual,

/ip hotspot ip-binding seems to be aim at client IP's and not a whole subnet.

I need to allow the user thru based on there src-address ( being the whole class c)

/ip hotspot walled-garden ip allows for src-address but when i try
ip hotspot walled-garden add src-address=192.168.2.0/24 action=allow server=hs-Internal it doesn't work

Posted: Wed Mar 23, 2005 12:50 pm
by lastguru
You mean that those from 192.168.2.0/24 are still required to authenticate? Did you put this rule to "ip hotspot walled-garden" or to "ip hotspot walled-garden ip"?

Posted: Wed Mar 23, 2005 4:08 pm
by mrchiless
You mean that those from 192.168.2.0/24 are still required to authenticate? Did you put this rule to "ip hotspot walled-garden" or to "ip hotspot walled-garden ip"?
I put then to "ip hotspot walled-garden" , and it works on the test router, but not on the production router it's not. Here is the configure's

Test
[admin@MikroTik] > ip hotspot walled-garden print
Flags: X - disabled, D - dynamic
0 src-address=192.168.2.0/24 action=allow

Production

[admin@HOTSPOT-GW] > ip hotspot walled-garden print
Flags: X - disabled, D - dynamic
0 src-address=210.x.xx.0/23 action=allow

1 src-address=203.xx.xx.0/24 action=allow

2 src-address=203.xx.xx.0/23 action=allow
All times are UTC+03:00
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/