Good Evening,
I am having an issue with redirect to hotspot login page for unauthenticated users. The Mikrotik I am on is v6.9 CCR1016 Cloud Router. If I type in the gateway IP address (10.100.20.1) it goes to the log in page but trying to go to google for redirect isn't working. If I place the mac-address in the radius it authenticates and allows access to google, etc. Here is the output of firewall and hotspot.
/////////Firewall Configuration\\\\\\\\\\\\\\\
/ip firewall layer7-protocol
add name=torrentsites regexp="^.*(get|GET).+(torrent|thepiratebay|isohunt|ente\
rtane|demonoid|btjunkie|mininova|flixflux|torrentz|vertor|h33t|btscene|bit\
unity|bittoxic|thunderbytes|entertane|zoozle|vcdq|bitnova|bitsoup|meganova\
|fulldls|btbot|flixflux|seedpeer|fenopy|gpirate|commonbits).*\$"
/ip firewall address-list
add address=10.11.100.0/24 list=Restrict-Access
add address=10.158.0.0/24 list=Restrict-Access
add address=10.11.102.0/24 list=Restrict-Access
add address=172.16.0.0/16 list=Restrict-Access
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=drop chain=forward comment=torrentsites layer7-protocol=\
torrentsites src-address=10.0.0.0/8
add action=drop chain=forward comment=dropDNS dst-port=53 layer7-protocol=\
torrentsites protocol=udp src-address=10.0.0.0/8
add action=drop chain=forward comment=keyword_drop content=torrent \
src-address=10.0.0.0/8
add action=drop chain=forward comment=trackers_drop content=tracker \
src-address=10.0.0.0/8
add action=drop chain=forward comment=get_peers_drop content=getpeers \
src-address=10.0.0.0/8
add action=drop chain=forward comment=info_hash_drop content=info_hash \
src-address=10.0.0.0/8
add action=drop chain=forward comment=announce_peers_drop content=\
announce_peers src-address=10.0.0.0/8
add action=drop chain=forward comment=p2p_drop p2p=all-p2p src-address=\
10.0.0.0/8
/ip firewall mangle
add action=change-mss chain=forward dst-address=0.0.0.0/0 new-mss=1300 \
protocol=tcp src-address=172.16.0.0/16 tcp-flags=syn
add action=change-mss chain=forward dst-address=0.0.0.0/0 new-mss=1300 \
protocol=tcp src-address=192.168.0.0/16 tcp-flags=syn
add action=change-mss chain=forward dst-address=0.0.0.0/0 new-mss=1300 \
protocol=tcp src-address=10.0.0.0/8 tcp-flags=syn
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
//////////////Hotspot\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
/ip hotspot profile
set [ find default=yes ] login-by=mac,http-chap,http-pap mac-auth-password=\
visp use-radius=yes
add hotspot-address=10.100.20.1 login-by=mac,http-chap,http-pap \
mac-auth-password=XXXX name=hsprof1 use-radius=yes
/ip hotspot
add disabled=no interface=ether10 name=hotspot1 profile=hsprof1
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=no idle-timeout=none on-logout="/ip ho\
tspot host remove [find where address=\"\$address\" and !authorized and !b\
ypassed]"
/ip hotspot user
add name=admin password=XXXX
/ip hotspot walled-garden
add comment="place hotspot rules here" disabled=yes