Community discussions

MikroTik App
  4. RouterOS
  5. Wireless Networking

Hotspot with Vlan Ubiquiti AP doesn't work

Post Reply
 
calvofede
newbie
Topic Author
Posts: 26
Joined: Thu Aug 06, 2015 3:57 am

Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 9:22 pm

Hi,

I have a problem with Hotspot and VLANS using Ubiquiti UAPs here I show you my config in mikrotik, If i disable the hotspot I can use internet perfectly.

The UAPs in Ubiquiti Unifi software are in VLAN 100, 200, and 300 witohut problem with hotspot disabled.

I can reach gateway with hotspot enabled but any internet site. I cant see the hotpsot portal neither.
Code: Select all
[admin@M1] > export
# aug/02/2016 15:02:41 by RouterOS 6.36
# software id = TSKM-G1B8
#
/interface bridge
add mtu=1500 name=UniFi priority=0xAAAA
add name=talleres_bridge
/interface ethernet
set [ find default-name=ether1 ] comment="Internet -TX(subida)" mac-address=\
    4C:5E:0C:48:5F:E0
set [ find default-name=ether2 ] comment="Servidor UniFi"
set [ find default-name=ether3 ] comment="UniFi WiFi - Switch TPLINK gigabit"
set [ find default-name=ether4 ] comment="Stand Chacra"
set [ find default-name=ether5 ] comment="Stand Agrositio"
set [ find default-name=ether6 ] comment="Stand Syngenta"
set [ find default-name=ether7 ] comment="Stand Minagro"
set [ find default-name=ether8 ] comment="Tecnica Congress Indep."
set [ find default-name=ether9 ] comment="Streaming Indep."
set [ find default-name=ether10 ] comment=\
    "Roseta Cont. (Radio La Red y Chacra TV)"
set [ find default-name=ether11 ] comment="Streaming Cont."
set [ find default-name=ether12 ] comment="Talleres - Switch HP"
set [ find default-name=ether13 ] comment="Enlace M2"
/interface pptp-server
add name=pptp-in1 user=""
/ip neighbor discovery
set ether1 comment="Internet -TX(subida)"
set ether2 comment="Servidor UniFi"
set ether3 comment="UniFi WiFi - Switch TPLINK gigabit"
set ether4 comment="Stand Chacra"
set ether5 comment="Stand Agrositio"
set ether6 comment="Stand Syngenta"
set ether7 comment="Stand Minagro"
set ether8 comment="Tecnica Congress Indep."
set ether9 comment="Streaming Indep."
set ether10 comment="Roseta Cont. (Radio La Red y Chacra TV)"
set ether11 comment="Streaming Cont."
set ether12 comment="Talleres - Switch HP"
set ether13 comment="Enlace M2"
/interface vlan
add comment="Enlace Mikrotik2" interface=ether13 name=ether13_vlan32 vlan-id=32
add disabled=yes interface=ether13 name=ether13_vlan400 vlan-id=400
add interface=ether13 name=vlan10_ether13 vlan-id=10
add interface=ether13 name=vlan20_ether13 vlan-id=20
add interface=ether13 name=vlan21_ether13 vlan-id=21
add interface=ether13 name=vlan22_ether13 vlan-id=22
add interface=ether13 name=vlan30_ether13 vlan-id=30
add interface=ether13 name=vlan31_ether13 vlan-id=31
add interface=ether13 name=vlan40_ether13 vlan-id=40
add interface=ether13 name=vlan50_ether13 vlan-id=50
add comment="TX(bajada)" interface=UniFi name=vlan100-UniFi vlan-id=100
add interface=UniFi name=vlan200-UniFi vlan-id=200
add interface=UniFi name=vlan300-UniFi vlan-id=300
add interface=UniFi name=vlan400-UniFi vlan-id=400
/ip neighbor discovery
set ether13_vlan32 comment="Enlace Mikrotik2"
set vlan100-UniFi comment="TX(bajada)"
/ip dhcp-server
add authoritative=yes bootp-lease-time=lease-time bootp-support=dynamic \
    interface=ether13_vlan400 lease-time=1h name="Cableado vlan400"
/ip hotspot profile
set [ find default=yes ] login-by=http-chap
add hotspot-address=192.168.32.1 html-directory=\
    hotspot_aapresid2016_username_AGROFINA http-cookie-lifetime=3h name=\
    "agrofina visitantes"
add html-directory=hotspot_aapresid2016_username_AGROFINAPRENSA \
    http-cookie-lifetime=3h name="agrofina prensa"
add hotspot-address=192.168.33.1 login-by=cookie,http-chap,http-pap,mac-cookie \
    name=hsprof1
add hotspot-address=192.168.33.1 name=hsprof2
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=no transparent-proxy=yes
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des pfs-group=none
/ip pool
add name=Oficina ranges=10.128.0.4-10.128.0.30
add name=Streaming0 ranges=10.128.4.2-10.128.4.254
add name=Stands0 ranges=10.128.8.2-10.128.8.254
add name=Enlace ranges=10.0.0.2
add name=UniFi ranges=192.168.32.20-192.168.32.254
add name="UniFi vlan100" ranges=192.168.33.2-192.168.33.254
add name="UniFi vlan200" ranges=192.168.34.2-192.168.34.254
add name="UniFi vlan300" ranges=192.168.35.2-192.168.35.254
add name="UniFi vlan400" ranges=192.168.36.2-192.168.36.254
add name=Streaming1 ranges=10.128.5.2-10.128.5.254
add name=Streaming2 ranges=10.128.6.2-10.128.6.254
add name=Streaming3 ranges=10.128.7.2-10.128.7.254
add name=Stands1 ranges=10.128.9.2-10.128.9.254
add name=Stands2 ranges=10.128.10.2-10.128.10.254
add name=Stands3 ranges=10.128.11.2-10.128.11.254
add name=Stands4 ranges=10.128.12.2-10.128.12.254
add name=Stands5 ranges=10.128.13.2-10.128.13.254
add name=Stands6 ranges=10.128.14.2-10.128.14.254
add name=Radios0 ranges=10.128.16.2-10.128.16.254
add name=Radios1 ranges=10.128.17.2-10.128.17.254
add name=Radios2 ranges=10.128.18.2-10.128.18.254
add name=Prensa ranges=10.128.19.2-10.128.19.254
add name=Talleres ranges=10.128.15.2-10.128.15.254
add name=dhcp_pool1 ranges=192.168.33.2-192.168.33.254
add name=dhcp_pool2 ranges=192.168.34.2-192.168.34.254
/ip dhcp-server
add address-pool=UniFi authoritative=yes bootp-lease-time=lease-time \
    bootp-support=dynamic disabled=no interface=UniFi lease-time=3h name=UniFi
add address-pool=Enlace authoritative=yes bootp-lease-time=lease-time \
    bootp-support=dynamic disabled=no interface=ether13 lease-time=1w name=\
    "Enlace M2"
add address-pool=Oficina authoritative=yes bootp-lease-time=lease-time \
    bootp-support=dynamic interface=ether10 lease-time=6h name=Oficina
add address-pool=Streaming0 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan10_ether13 lease-time=3h name="Streaming M2"
add address-pool=Stands0 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan20_ether13 lease-time=1h name="Stand Nufarm"
add address-pool=Stands1 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan21_ether13 lease-time=1h name="Cabina Aapresid"
add address-pool=Stands2 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan22_ether13 lease-time=1h name="Stand YPF"
add address-pool=Radios0 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan30_ether13 lease-time=1h name="Radio Continental"
add address-pool=Radios1 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan31_ether13 lease-time=1h name=\
    "Sala de Radio y TV"
add address-pool=Prensa bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=vlan40_ether13 lease-time=1h name="Sala de Prensa"
add address-pool=Stands3 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether4 lease-time=1h name="Stand Chacra"
add address-pool=Stands4 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether5 lease-time=1h name="Stand Agrositio"
add address-pool=Stands5 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether6 lease-time=1h name="Stand Syngenta"
add address-pool=Stands6 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether7 lease-time=1h name="Stand Minagro"
add address-pool=Streaming1 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether8 lease-time=1h name=\
    "Streaming Tec. Congress Indep."
add address-pool=Streaming2 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether9 lease-time=1h name="Streaming Indep."
add address-pool=Radios2 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether10 lease-time=1h name=\
    "Roseta Contemp. (Radio La Red y Chacra TV)"
add address-pool=Streaming3 bootp-lease-time=lease-time bootp-support=dynamic \
    disabled=no interface=ether11 lease-time=1h name="Streaming Cont."
add address-pool=Talleres authoritative=yes bootp-lease-time=lease-time \
    bootp-support=dynamic disabled=no interface=talleres_bridge lease-time=6h \
    name=Talleres
add address-pool="UniFi vlan300" authoritative=yes bootp-lease-time=lease-time \
    bootp-support=dynamic disabled=no interface=vlan300-UniFi lease-time=1h \
    name="Agrofina Organizacion"
add address-pool="UniFi vlan400" authoritative=yes bootp-lease-time=lease-time \
    bootp-support=dynamic disabled=no interface=vlan400-UniFi lease-time=2h \
    name=Receptoria
add address-pool="UniFi vlan100" bootp-support=dynamic disabled=no interface=\
    vlan100-UniFi name="SSID Congreso Aapresid"
add address-pool="UniFi vlan200" disabled=no interface=vlan200-UniFi \
    lease-time=1h name="SSID Prensa"
/ip hotspot
add address-pool="UniFi vlan100" disabled=no interface=vlan100-UniFi name=\
    hotspot1 profile=hsprof2
/ip hotspot user profile
add address-pool="UniFi vlan100" keepalive-timeout=10m mac-cookie-timeout=2h \
    name="Agrofina Visitantes" shared-users=250 transparent-proxy=yes
add address-pool="UniFi vlan200" keepalive-timeout=10m mac-cookie-timeout=4h \
    name="Agrofina Prensa" shared-users=100 transparent-proxy=yes
/queue type
add kind=pcq name=pcq-download-visitantes pcq-classifier=dst-address pcq-rate=\
    500k
add kind=pcq name=pcq-upload-visitantes pcq-classifier=src-address pcq-rate=\
    400k
/queue tree
add max-limit=150M name="Descarga global" parent=global queue=default
add max-limit=150M name="Subida global" parent=global queue=default
add limit-at=10M max-limit=15M name="Talleres - Bajada" packet-mark=\
    "Talleres - Bajada" parent="Descarga global" priority=6 queue=\
    pcq-download-default
add limit-at=10M max-limit=20M name="Talleres - Subida" packet-mark=\
    "Talleres - Subida" parent="Subida global" priority=7 queue=\
    pcq-download-default
add limit-at=26M max-limit=40M name="Streaming - Descarga" parent=\
    "Descarga global" priority=3 queue=default
add limit-at=20M max-limit=40M name="Stands - Descarga" parent=\
    "Descarga global" priority=6 queue=default
add limit-at=14M max-limit=18M name="Radios - Descarga" parent=\
    "Descarga global" priority=7 queue=default
add limit-at=3M max-limit=5M name="Stand/Cabina Aapresid" packet-mark=\
    "Stands1 - Bajada" parent="Stands - Descarga" priority=4 queue=\
    pcq-download-default
add limit-at=4M max-limit=10M name="Stand YPF" packet-mark="Stands2 - Bajada" \
    parent="Stands - Descarga" priority=5 queue=pcq-download-default
add limit-at=3M max-limit=5M name="Stand Chacra" packet-mark="Stands3 - Bajada" \
    parent="Stands - Descarga" queue=pcq-download-default
add limit-at=2M max-limit=5M name="Stand Agrositio" packet-mark=\
    "Stands4 - Bajada" parent="Stands - Descarga" queue=pcq-download-default
add limit-at=3M max-limit=5M name="Stand Syngenta" packet-mark=\
    "Stands5 - Bajada" parent="Stands - Descarga" priority=6 queue=\
    pcq-download-default
add limit-at=2M max-limit=3M name="Stand Minagro" packet-mark=\
    "Stands6 - Bajada" parent="Stands - Descarga" queue=pcq-download-default
add limit-at=1M max-limit=6M name="Radio Continental" packet-mark=\
    "Radios0 - Bajada" parent="Radios - Descarga" queue=pcq-download-default
add limit-at=4M max-limit=6M name="Sala de Radio y TV" packet-mark=\
    "Radios1 - Bajada" parent="Radios - Descarga" queue=pcq-download-default
add limit-at=6M max-limit=10M name="Radio La Red y Chacra TV" packet-mark=\
    "Radios2 - Bajada" parent="Radios - Descarga" priority=3 queue=\
    pcq-download-default
add limit-at=20M max-limit=40M name="Prensa - Descarga" packet-mark=\
    "Prensa - Bajada" parent="Descarga global" priority=5 queue=\
    pcq-download-default
add limit-at=60M max-limit=90M name="WiFi - Descarga" parent="Descarga global" \
    priority=2 queue=default
add limit-at=20M max-limit=40M name="Agrofina Prensa" packet-mark=\
    "UniFi .34 - Bajada" parent="WiFi - Descarga" priority=4 queue=\
    pcq-download-default
add limit-at=14M max-limit=25M name="Agrofina Organizacion" packet-mark=\
    "UniFi .35 - Bajada" parent="WiFi - Descarga" priority=2 queue=\
    pcq-download-default
add limit-at=33M max-limit=45M name="Streaming - Subida" parent="Subida global" \
    priority=2 queue=default
add limit-at=10M max-limit=14M name="Streaming M2 - Subida" packet-mark=\
    "Streaming0 - Subida" parent="Streaming - Subida" priority=3 queue=\
    pcq-upload-default
add limit-at=3M max-limit=7M name="Streaming1 Tec. Congress Indep. - Subida" \
    packet-mark="Streaming1 - Subida" parent="Streaming - Subida" queue=\
    pcq-upload-default
add limit-at=10M max-limit=14M name="Streaming Independencia - Subida" \
    packet-mark="Streaming2 - Subida" parent="Streaming - Subida" priority=3 \
    queue=pcq-upload-default
add limit-at=10M max-limit=14M name="Streaming Contemporaneo - Subida" \
    packet-mark="Streaming3 - Subida" parent="Streaming - Subida" priority=3 \
    queue=pcq-upload-default
add limit-at=22M max-limit=30M name="Stands - Subida" parent="Subida global" \
    priority=6 queue=default
add limit-at=3M max-limit=5M name="Stand Agrositio - Subida" packet-mark=\
    "Stands4 - Subida" parent="Stands - Subida" queue=pcq-upload-default
add limit-at=3M max-limit=5M name="Stand Chacra - Subida" packet-mark=\
    "Stands3 - Subida" parent="Stands - Subida" queue=pcq-upload-default
add limit-at=2M max-limit=3M name="Stand Minagro - Subida" packet-mark=\
    "Stands6 - Subida" parent="Stands - Subida" queue=pcq-upload-default
add limit-at=3M max-limit=5M name="Stand Nufarm - Subida" packet-mark=\
    "Stands0 - Subida" parent="Stands - Subida" priority=7 queue=\
    pcq-upload-default
add limit-at=3M max-limit=5M name="Stand Syngenta - Subida" packet-mark=\
    "Stands5 - Subida" parent="Stands - Subida" priority=6 queue=\
    pcq-upload-default
add limit-at=5M max-limit=10M name="Stand YPF - Subida" packet-mark=\
    "Stands2 - Subida" parent="Stands - Subida" priority=5 queue=\
    pcq-upload-default
add limit-at=3M max-limit=5M name="Stand/Cabina Aapresid - Subida" packet-mark=\
    "Stands1 - Subida" parent="Stands - Subida" priority=4 queue=\
    pcq-upload-default
add limit-at=15M max-limit=25M name="Radios - Subida" parent="Subida global" \
    priority=5 queue=default
add limit-at=1M max-limit=8M name="Radio Continental - Subida" packet-mark=\
    "Radios0 - Subida" parent="Radios - Subida" queue=pcq-upload-default
add limit-at=4M max-limit=10M name="Sala de Radio y TV - Subida" packet-mark=\
    "Radios1 - Subida" parent="Radios - Subida" queue=pcq-upload-default
add limit-at=20M max-limit=50M name="Prensa - Subida" packet-mark=\
    "Prensa - Subida" parent="Subida global" priority=4 queue=\
    pcq-upload-default
add limit-at=50M max-limit=80M name="WiFi - Subida" parent="Subida global" \
    priority=3 queue=default
add limit-at=18M max-limit=40M name="Agrofina Prensa - Subida" packet-mark=\
    "UniFi .34 - Subida" parent="WiFi - Subida" priority=3 queue=\
    pcq-upload-default
add limit-at=10M max-limit=20M name="Agrofina Organizacion - Subida" \
    packet-mark="UniFi .35 - Subida" parent="WiFi - Subida" priority=2 queue=\
    pcq-upload-default
add limit-at=2M max-limit=10M name=Receptoria packet-mark="UniFi .36 - Bajada" \
    parent="WiFi - Descarga" priority=3 queue=pcq-download-default
add limit-at=5M max-limit=10M name="Receptoria - Subida" packet-mark=\
    "UniFi .36 - Subida" parent="WiFi - Subida" priority=4 queue=\
    pcq-upload-default
add limit-at=24M max-limit=50M name="Agrofina Visitantes" packet-mark=\
    "UniFi .33 - Bajada" parent="WiFi - Descarga" priority=6 queue=\
    pcq-download-default
add limit-at=17M max-limit=50M name="Agrofina Visitantes - Subida" packet-mark=\
    "UniFi .33 - Subida" parent="WiFi - Subida" priority=5 queue=\
    pcq-upload-default
add limit-at=6M max-limit=10M name="Radio La Red y Chacra TV - Subida" \
    packet-mark="Radios2 - Subida" parent="Radios - Subida" priority=3 queue=\
    pcq-upload-default
add limit-at=3M max-limit=5M name="Continental Streaming" packet-mark=\
    "Radios0 ST - Bajada" parent="Radios - Descarga" priority=3 queue=\
    pcq-download-default
add limit-at=3M max-limit=6M name="Continental - Subida" packet-mark=\
    "Radios0 ST - Subida" parent="Radios - Subida" priority=3 queue=\
    pcq-upload-default
add limit-at=8M max-limit=12M name="Streaming M2" packet-mark=\
    "Streaming0 - Bajada" parent="Streaming - Descarga" priority=3 queue=\
    pcq-download-default
add limit-at=2M max-limit=5M name="Streaming Tec. Congress Indep." packet-mark=\
    "Streaming1 - Bajada" parent="Streaming - Descarga" queue=\
    pcq-download-default
add limit-at=8M max-limit=12M name="Streaming Independencia" packet-mark=\
    "Streaming2 - Bajada" parent="Streaming - Descarga" priority=3 queue=\
    pcq-download-default
add limit-at=8M max-limit=12M name="Streaming Contemporaneo" packet-mark=\
    "Streaming3 - Bajada" parent="Streaming - Descarga" priority=3 queue=\
    pcq-download-default
add limit-at=3M max-limit=5M name="Stand Nufarm" packet-mark="Stands0 - Bajada" \
    parent="Stands - Descarga" priority=7 queue=pcq-download-default
/system logging action
set 1 disk-file-name=""
/tool user-manager customer
set admin access=\
    own-routers,own-users,own-profiles,own-limits,config-payment-gw password=\
    08540056e
/interface bridge port
add bridge=UniFi interface=ether2
add bridge=UniFi interface=ether3
add bridge=UniFi interface=ether13_vlan32
add bridge=talleres_bridge interface=ether12
add bridge=talleres_bridge interface=vlan50_ether13
/interface l2tp-server server
set authentication=mschap2 default-profile=default ipsec-secret=whchamamjo \
    use-ipsec=yes
/interface pptp-server server
set enabled=yes
/interface sstp-server server
set default-profile=default-encryption
/ip address
add address=192.168.32.1/24 comment="UniFi Bridge" interface=UniFi network=\
    192.168.32.0
add address=10.0.0.1/30 comment="Enlace Mikrotik2" interface=ether13 network=\
    10.0.0.0
add address=192.168.32.1/24 comment="Server UniFi" interface=ether2 network=\
    192.168.32.0
add address=10.128.4.1/22 disabled=yes interface=ether13_vlan400 network=\
    10.128.4.0
add address=10.128.0.1/24 comment=Oficina disabled=yes interface=ether10 \
    network=10.128.0.0
add address=192.168.33.1/24 interface=vlan100-UniFi network=192.168.33.0
add address=192.168.32.3/24 comment="Server UniFi" interface=ether2 network=\
    192.168.32.0
add address=10.128.4.1/24 interface=vlan10_ether13 network=10.128.4.0
add address=10.128.8.1/24 interface=vlan20_ether13 network=10.128.8.0
add address=10.128.9.1/24 interface=vlan21_ether13 network=10.128.9.0
add address=10.128.10.1/24 interface=vlan22_ether13 network=10.128.10.0
add address=10.128.16.1/24 interface=vlan30_ether13 network=10.128.16.0
add address=10.128.17.1/24 interface=vlan31_ether13 network=10.128.17.0
add address=10.128.15.1/24 interface=talleres_bridge network=10.128.15.0
add address=10.128.11.1/24 interface=ether4 network=10.128.11.0
add address=10.128.12.1/24 interface=ether5 network=10.128.12.0
add address=10.128.13.1/24 interface=ether6 network=10.128.13.0
add address=10.128.14.1/24 interface=ether7 network=10.128.14.0
add address=10.128.5.1/24 interface=ether8 network=10.128.5.0
add address=10.128.6.1/24 interface=ether9 network=10.128.6.0
add address=10.128.7.1/24 interface=ether11 network=10.128.7.0
add address=10.128.18.1/24 interface=ether10 network=10.128.18.0
add address=10.128.19.1/24 interface=vlan40_ether13 network=10.128.19.0
add address=192.168.34.1/24 interface=vlan200-UniFi network=192.168.34.0
add address=192.168.35.1/24 interface=vlan300-UniFi network=192.168.35.0
add address=192.168.36.1/24 interface=vlan400-UniFi network=192.168.36.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
    interface=ether1
/ip dhcp-server lease
add address=192.168.32.64 client-id=4431.9212.e078-Vlan-interface1 mac-address=\
    44:31:92:12:E0:78 server=UniFi
add address=10.128.16.2 client-id=1:0:1c:77:7:83:20 mac-address=\
    00:1C:77:07:83:20 server="Radio Continental"
/ip dhcp-server network
add address=10.0.0.0/30 dns-server=8.8.8.8,8.8.4.4 gateway=10.0.0.1 netmask=30 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.0.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.0.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.4.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.4.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.5.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.5.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.6.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.6.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.7.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.7.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.8.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.8.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.9.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.9.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.10.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.10.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.11.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.11.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.12.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.12.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.13.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.13.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.14.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.14.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.15.0/24 dns-server=8.8.8.8 gateway=10.128.15.1 netmask=24 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.16.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.16.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.17.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.17.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.18.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.18.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=10.128.19.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=10.128.19.1 \
    ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=192.168.32.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=192.168.32.1 \
    netmask=24 ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=192.168.33.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=192.168.33.1 \
    netmask=24 ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=192.168.34.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=192.168.34.1 \
    netmask=24 ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=192.168.35.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=192.168.35.1 \
    netmask=24 ntp-server=200.3.170.50 wins-server=127.0.0.1
add address=192.168.36.0/24 dns-server=8.8.4.4,8.8.8.8 gateway=192.168.36.1 \
    netmask=24 ntp-server=200.3.170.50 wins-server=127.0.0.1
/ip dns
set allow-remote-requests=yes cache-size=12000KiB servers=8.8.8.8,8.8.8.8
/ip firewall address-list
add address=192.168.32.0/21 list=management
add address=10.128.0.0/24 list=management
add address=192.168.32.0/24 list="UniFi .32"
add address=10.128.0.4-10.128.0.30 list=Oficina
add address=192.168.34.0/24 list="UniFi .34"
add address=192.168.33.0/24 list="UniFi .33"
add address=192.168.35.0/24 list="UniFi .35"
add address=10.0.0.2 list=management
add address=192.168.36.0/24 list="UniFi .36"
add address=10.0.0.4 list=management
add address=10.0.0.5 list=management
add address=10.0.0.10-10.0.0.20 list=management
add address=10.128.4.2-10.128.4.254 list=Streaming0
add address=10.128.5.2-10.128.5.254 list=Streaming1
add address=10.128.6.2-10.128.6.254 list=Streaming2
add address=10.128.7.2-10.128.7.254 list=Streaming3
add address=10.128.8.2-10.128.8.254 list=Stands0
add address=10.128.9.2-10.128.9.254 list=Stands1
add address=10.128.19.2-10.128.19.254 list=Prensa
add address=10.128.15.2-10.128.15.254 list=Talleres
add address=10.128.15.0/24 list=management
add address=10.128.10.2-10.128.10.254 list=Stands2
add address=10.128.11.2-10.128.11.254 list=Stands3
add address=10.128.12.2-10.128.12.254 list=Stands4
add address=10.128.13.2-10.128.13.254 list=Stands5
add address=10.128.14.2-10.128.14.254 list=Stands6
add address=10.128.16.3-10.128.16.254 list=Radios0
add address=10.128.17.2-10.128.17.254 list=Radios1
add address=10.128.18.2-10.128.18.254 list=Radios2
add address=10.128.18.0/24 list=management
add address=10.128.16.2 list="Radio0 Equipo Streaming"
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
    disabled=yes log-prefix=""
add action=accept chain=input comment=Establecidas connection-state=established \
    log-prefix=""
add action=accept chain=input comment=Relacionadas connection-state="" \
    log-prefix=""
add action=accept chain=input comment=Management log-prefix="" \
    src-address-list=management
add action=accept chain=input comment=ICMP log-prefix="" protocol=icmp
add action=accept chain=input comment=DHCP dst-port=67-68 log-prefix="" \
    protocol=udp
add action=accept chain=input comment="Acceso PPTP" log-prefix="" protocol=gre
add action=accept chain=input comment="Acceso PPTP" dst-port=1723 log-prefix="" \
    protocol=tcp
add action=drop chain=input comment=Dropeo log-prefix=""
/ip firewall mangle
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Streaming0 - Subida" passthrough=no src-address-list=Streaming0
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Streaming1 - Subida" passthrough=no src-address-list=Streaming1
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Streaming2 - Subida" passthrough=no src-address-list=Streaming2
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Streaming3 - Subida" passthrough=no src-address-list=Streaming3
add action=mark-packet chain=postrouting dst-address-list=Streaming0 \
    log-prefix="" new-packet-mark="Streaming0 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Streaming1 \
    log-prefix="" new-packet-mark="Streaming1 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Streaming2 \
    log-prefix="" new-packet-mark="Streaming2 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Streaming3 \
    log-prefix="" new-packet-mark="Streaming3 - Bajada" passthrough=no
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Oficina - Subida" passthrough=yes src-address-list=Oficina
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "UniFi .35 - Subida" passthrough=yes src-address-list="UniFi .35"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "UniFi .36 - Subida" passthrough=yes src-address-list="UniFi .36"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "UniFi .34 - Subida" passthrough=yes src-address-list="UniFi .34"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "UniFi .33 - Subida" passthrough=yes src-address-list="UniFi .33"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "UniFi .32 - Subida" passthrough=yes src-address-list="UniFi .32"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Talleres - Subida" passthrough=yes src-address-list=Talleres
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Prensa - Subida" passthrough=yes src-address-list=Prensa
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Radios2 - Subida" passthrough=no src-address-list=Radios2
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Radios1 - Subida" passthrough=yes src-address-list=Radios1
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Radios0 - Subida" passthrough=yes src-address-list=Radios0
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Radios0 ST - Subida" passthrough=no src-address-list=\
    "Radio0 Equipo Streaming"
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands6 - Subida" passthrough=yes src-address-list=Stands6
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands5 - Subida" passthrough=yes src-address-list=Stands5
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands4 - Subida" passthrough=yes src-address-list=Stands4
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands3 - Subida" passthrough=yes src-address-list=Stands3
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands2 - Subida" passthrough=yes src-address-list=Stands2
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands1 - Subida" passthrough=yes src-address-list=Stands1
add action=mark-packet chain=prerouting log-prefix="" new-packet-mark=\
    "Stands0 - Subida" passthrough=yes src-address-list=Stands0
add action=mark-packet chain=postrouting dst-address-list=Oficina log-prefix="" \
    new-packet-mark="Oficina - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .35" \
    log-prefix="" new-packet-mark="UniFi .35 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .34" \
    log-prefix="" new-packet-mark="UniFi .34 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .36" \
    log-prefix="" new-packet-mark="UniFi .36 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .33" \
    log-prefix="" new-packet-mark="UniFi .33 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list="UniFi .32" \
    log-prefix="" new-packet-mark="UniFi .32 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Talleres log-prefix=\
    "" new-packet-mark="Talleres - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Prensa log-prefix="" \
    new-packet-mark="Prensa - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Radios2 log-prefix="" \
    new-packet-mark="Radios2 - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Radios1 log-prefix="" \
    new-packet-mark="Radios1 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Radios0 log-prefix="" \
    new-packet-mark="Radios0 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=\
    "Radio0 Equipo Streaming" log-prefix="" new-packet-mark=\
    "Radios0 ST - Bajada" passthrough=no
add action=mark-packet chain=postrouting dst-address-list=Stands6 log-prefix="" \
    new-packet-mark="Stands6 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands5 log-prefix="" \
    new-packet-mark="Stands5 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands4 log-prefix="" \
    new-packet-mark="Stands4 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands3 log-prefix="" \
    new-packet-mark="Stands3 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands2 log-prefix="" \
    new-packet-mark="Stands2 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands1 log-prefix="" \
    new-packet-mark="Stands1 - Bajada" passthrough=yes
add action=mark-packet chain=postrouting dst-address-list=Stands0 log-prefix="" \
    new-packet-mark="Stands0 - Bajada" passthrough=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here" \
    disabled=yes log-prefix=""
add action=masquerade chain=srcnat log-prefix="" out-interface=ether1
/ip hotspot ip-binding
add address=192.168.32.2 type=bypassed
add address=192.168.32.1 type=bypassed
/ip hotspot user
add name=AGROFINA password=Agrofina profile="Agrofina Visitantes" server=\
    hotspot1
add name=AGROFINAPRENSA password=PROBALATRILOGIA profile="Agrofina Prensa"
/ip hotspot walled-garden
add dst-host=http://www.google.com server=hotspot1
add dst-host="http://www.google.co.\?\?" server=hotspot1
add dst-host="http://www.google.com.\?\?" server=hotspot1
add dst-host="http://www.google.\?\?" server=hotspot1
add dst-host=https://www.google.com server=hotspot1
/ip ipsec peer
add address=0.0.0.0/0 enc-algorithm=3des exchange-mode=main-l2tp \
    generate-policy=port-override local-address=0.0.0.0 secret=whchamamjo
/ip proxy
set enabled=yes max-cache-size=1000000KiB
/ip route
add check-gateway=arp comment=M2 distance=1 dst-address=10.128.32.0/19 gateway=\
    10.0.0.2
/ip smb
set allow-guests=no comment=Compartido domain=WORKGROUP enabled=yes interfaces=\
    pptp-in1
/ip smb shares
set [ find default=yes ] disabled=yes
add directory=/disk1 name="carpeta compartida mikrotik"
/ip smb users
add name=cfede password=1234 read-only=no
add name=cjulia password=1234 read-only=no
add name=amariano password=1234 read-only=no
/system clock
set time-zone-autodetect=no time-zone-name=America/Argentina/Buenos_Aires
/system identity
set name=M1
/system ntp client
set enabled=yes primary-ntp=170.155.148.1
/system script
add name="agregar address list" owner=dnaredo policy=\
    ftp,reboot,read,write,policy,test,password,sniff,sensitive source=":for e fr\
    om=1 to=254 do={/ip firewall address-list add address=\"192.168.35.\$e\" lis\
    t=\"Unifi\"}"
/tool bandwidth-server
set authenticate=no
/tool graphing interface
add allow-address=192.168.32.0/24
add allow-address=10.128.0.0/22
/tool graphing queue
add allow-address=192.168.32.0/24 allow-target=no
/tool graphing resource
add allow-address=192.168.32.0/24
add allow-address=10.128.0.0/22
/tool romon
set enabled=yes id=4C:5E:0C:48:5F:E4 secrets=08540056E
/tool romon port
add
/tool user-manager database
set db-path=user-manager
[admin@M1] >
Top
 
User avatar
czolo
Member
Member
Posts: 423
Joined: Fri Mar 04, 2005 9:49 am
Location: Poland (Warsaw)
Contact:
Contact czolo

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 9:39 pm

Check if your hotspot-router can reach your dns server (8.8.8.8 in your config)?
Top
 
calvofede
newbie
Topic Author
Posts: 26
Joined: Thu Aug 06, 2015 3:57 am

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 9:55 pm

Check if your hotspot-router can reach your dns server (8.8.8.8 in your config)?
With mobile device It works, with other devices types I cannot see hotspot portal.
Top
 
User avatar
czolo
Member
Member
Posts: 423
Joined: Fri Mar 04, 2005 9:49 am
Location: Poland (Warsaw)
Contact:
Contact czolo

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 10:19 pm

OK so if mobile devices can work i assume that your router can reach DNS.
Of course you trying to type in url any non-https address and after that nothing happens?
Top
 
calvofede
newbie
Topic Author
Posts: 26
Joined: Thu Aug 06, 2015 3:57 am

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 10:25 pm

OK so if mobile devices can work i assume that your router can reach DNS.
Of course you trying to type in url any non-https address and after that nothing happens?

Yes, Im trying to reach a non-https site and with mobile devices I could. But with some of them, windows phone doesn't work for example. Weird.
Top
 
calvofede
newbie
Topic Author
Posts: 26
Joined: Thu Aug 06, 2015 3:57 am

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 10:43 pm

OK so if mobile devices can work i assume that your router can reach DNS.
Of course you trying to type in url any non-https address and after that nothing happens?
when I delete an IP from IP - Hostpot - Hosts. An Ip that havent loged yet, the hotspot appears.

The login settings are in COOKIE and HTTP-CHAP
Top
 
User avatar
czolo
Member
Member
Posts: 423
Joined: Fri Mar 04, 2005 9:49 am
Location: Poland (Warsaw)
Contact:
Contact czolo

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 11:12 pm

What value do you have in
Code: Select all
/ip hotspot user profile shared-users
?
Top
 
calvofede
newbie
Topic Author
Posts: 26
Joined: Thu Aug 06, 2015 3:57 am

Re: Hotspot with Vlan Ubiquiti AP doesn't work

Tue Aug 02, 2016 11:18 pm

What value do you have in
Code: Select all
/ip hotspot user profile shared-users
?
100 and 250.
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 62 guests
  4. RouterOS
  5. Wireless Networking