Community discussions

MikroTik App

Search found 30 matches

by hazartilirot
Sun Oct 18, 2020 12:16 am
Forum: Announcements
Topic: v6.48beta [testing] is released!
Replies: 126
Views: 50087

Re: v6.48beta [testing] is released!

Who could explain me why my phone suffers from intermittent drops. I've updated to the latest version the same issue persists. It usually happens when my internal DNS server is down. You might tell me - there is no internet connection. However I've got AC68U at hand when my phone connects to it prov...
by hazartilirot
Sat Oct 17, 2020 4:34 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Re: Questions relating to Hotspot, https redirects, certificates + SUP-30646

Then why does it work even when user starts with https page? It's the previously described hotspot detection. It's standard thing, all common clients have it and use it, and in most cases it works correctly. So hotspot is detected and login page shown even before the doomed to fail attempt to redir...
by hazartilirot
Thu Oct 15, 2020 5:09 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Re: Questions relating to Hotspot, https redirects, certificates + SUP-30646

I'll still doubt your words, because there simply isn't any such mechanism in https (specifically in tls part, which handles the encryption) that would allow server to tell client "hey, forget about connecting to X and connect to Y instead". :) I'm sure the checkbox for redirecting https has some p...
by hazartilirot
Thu Oct 15, 2020 4:48 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Re: Questions relating to Hotspot, https redirects, certificates + SUP-30646

Congratulations, in that case creators of UniFi Controller have successfully broken https. Or the other explanation is that there's something else you don't see. Here's my settings (see the attachment)! I should be at work tomorrow provided I don't forget I'll record a short video so that you don't...
by hazartilirot
Thu Oct 15, 2020 4:12 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Re: Questions relating to Hotspot, https redirects, certificates + SUP-30646

This problem cannot be solved in a hotspot, captive portal, etc. It has to be solved by the client device. And modern client devices already solve that issue. So you should not see it anymore. The solution varies per manufacturer but the common part is that when you open a browser it first fetches ...
by hazartilirot
Thu Oct 15, 2020 3:44 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Re: Questions relating to Hotspot, https redirects, certificates + SUP-30646

If the problem is: i.e. when user tries to connect to e.g. https ://google.com, then unless you buy certificate valid for google.com, there will be error. And no, you can't buy certificate for google.com. Well, I haven't tried a Mikrotik hotspot particularly with SSL certificate however I know how ...
by hazartilirot
Thu Oct 15, 2020 2:49 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Re: Questions relating to Hotspot, https redirects, certificates + SUP-30646

Off course it will fix your issues. Just make sure you have a valid certificate for any URL that an end-user is redirected/pointed to. If you purchase a wildcard-cert for *.mycompany.com you are completely flexible in what you want to achieve. Thanks for your reply. Do you mean I need to buy a Posi...
by hazartilirot
Thu Oct 15, 2020 2:15 pm
Forum: Beginner Basics
Topic: Questions relating to Hotspot, https redirects, certificates + SUP-30646
Replies: 14
Views: 414

Questions relating to Hotspot, https redirects, certificates + SUP-30646

Well, Firstly, I would like to start complaining since a PM's envelope for no reason is invisible and I can't figure out if it's a kind of a limit that has been set on my account or the problem is globally? When I'm trying to open the url I get an error relating to a module being inaccessible. Then ...
by hazartilirot
Tue Oct 06, 2020 5:10 pm
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

Yes, the above poster is correct. You should consider external authentication, because (as another poster pointed out), MikroTik HTTP server can only serve static pages, there is no server side language support at all. Well, now it's clear. I wish I knew the info when I was going to buy MikroTik Is...
by hazartilirot
Tue Oct 06, 2020 4:41 pm
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

Another way to contact Mikrotik support is to reach them at support@mikrotik.com. Thank you for the email! It's kind of you. I owe you! :D As for the website availability, well it's better to see something once than to hear about it a thousand times. https://poster3.radikal.ru/2010/c4/99c0a41ba0af....
by hazartilirot
Tue Oct 06, 2020 3:12 pm
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

AFAIK mikrotiks web server cannot host _any_ server side languages. I get nothing! It doesn't redirect me. It even doesn't send me a POST request. Why do we need MikroTik webserver at all? What's the point? There is a RouterOS Client allowing to communicate with a router via API The example shows h...
by hazartilirot
Tue Oct 06, 2020 12:14 pm
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

Wow, the tip of the iceberg is that I went to Customer Service to submit my request and failed to sign up. Then I tried to open the link in Yandex with a VPN - eventually it's been opened. Well, Ukraine blocks a range of Russian's IP addresses who knows it might be the reason. I typed my email, even...
by hazartilirot
Tue Oct 06, 2020 11:18 am
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

Here is the video, it persistently wants to get a HTML file.

Image
by hazartilirot
Tue Oct 06, 2020 10:16 am
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

There are many ways to perform HTTP redirects, here is one example https://wiki.mikrotik.com/wiki/HotSpot_external_login_page Well, It's for an external php version . I think I don't need redirects. I want MikroTik device to use my external server communicating via API if it's needed. As far as I u...
by hazartilirot
Tue Oct 06, 2020 9:52 am
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Re: Mikrotik hotspot is unfriendly with Node.js [SOLVED]

Is there any coders from a MikroTik's development? Is it possible to point a device to a node server?
I would like to have something like UniFi Controller provides:

Image
by hazartilirot
Tue Oct 06, 2020 1:17 am
Forum: Scripting
Topic: Mikrotik hotspot is unfriendly with Node.js [SOLVED]
Replies: 14
Views: 521

Mikrotik hotspot is unfriendly with Node.js [SOLVED]

Good day! I was going to use Node for MikroTik Hotspot and I'm unable to get my HTML page. What the heck? Why does it want to work with a directory? I've installed express + ejs, run the server, my customized page is opened in the Chrome as expected. I open Hotspot -> Server Profiles -> create a new...
by hazartilirot
Sat Oct 03, 2020 3:32 pm
Forum: General
Topic: DCHP Option 119 (domain search)
Replies: 6
Views: 2793

Re: DCHP Option 119 (domain search)

Example: my.test.com and your.domain.org have no part in common, so you only provide the length of each substring as a byte right in front of it and indicate the end of each fqdn by a zero byte. Here we go: /ip dhcp server option add name=domain-search code=119 value="0x02'my'0x04'test'0x03'com'0x0...
by hazartilirot
Sat Oct 03, 2020 12:09 am
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

Well, I've switched mydomain.local to mydomain.com - it solved the problem I had with an unrelated app. However, the DNS server now cannot resolve a host's name in its subnet 10.0/24. It seems to me that the DNS server couldn't have resolved a domain name in another subnet since a phone I made a nsl...
by hazartilirot
Fri Oct 02, 2020 3:58 pm
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

The DNS lookups via the Mikrotik and your bind server appear to be working as expected. The N hazartilirot-pc unknown 0.0.0.0 cached record shows that the upstream DNS server (your BIND server) replied with NXDOMAIN so the type and data fields have no value, hence the suggestion to check the BIND s...
by hazartilirot
Fri Oct 02, 2020 9:03 am
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

Thanks to tdw . I did as you said. In the previous screenshot I went to the DHCP client and got rid of the use peer DNS feature. Then I switched off the inner DNS server last night knowing exactly that nobody gets the Internet. If you need a configuration file, I've shared in a code editor online: h...
by hazartilirot
Fri Oct 02, 2020 1:07 am
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

I originally thought you wanted your hotspot clients to be able to query your internal DNS server. Exactly what I want The Mikrotik hotspot redirects any DNS requests from hotspot clients to the Mikrotik itself. This happens quite early in the firewall chains so the walled garden or walled garden I...
by hazartilirot
Thu Oct 01, 2020 11:40 pm
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

I think analyzing some packet captures will probably get you to a resolution pretty quickly. I know that captive portals depend on DNS and that could be the reason that all traffic goes through router. It controls that user would be authorized to go to the Internet, it doesn't resolved any domain n...
by hazartilirot
Thu Oct 01, 2020 10:56 pm
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

Well there is a question is it predefined by developers (standards?) that hotspot users won't be able to reach a DNS server inside the other subnet or there is a chance to change a DNS server once a user authenticated. The packets definitely go through a router first.
by hazartilirot
Thu Oct 01, 2020 9:10 pm
Forum: General
Topic: DNS Server doesn't work with hotspot
Replies: 2
Views: 973

Re: DNS Server doesn't work with hotspot

Put the IP address of your DNS server into the walled garden IP list. Basically, the 10.2.x.x network works because hosts are able to communicate directly with the DNS server, so no hotspot rules get in the way, but coming from 10.3.x.x, the packets must first flow through the router. If the hotspo...
by hazartilirot
Thu Oct 01, 2020 8:49 pm
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

To what IP are the hotspot clients sending DNS queries? Where did they learn of the DNS server they are sending queries to? DHCP perhaps? I've got no idea. It seems they take ISP's DNS. I see lots of dns queries in DNS cache table despite the fact each device coming from a hotspot gets 192.168.10.2...
by hazartilirot
Thu Oct 01, 2020 8:19 pm
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Re: Inner DNS server doesn't resolve domain names for hotspot users

# update: I opened Hotspot and created a new rule for hotspot users so that they could reach out to my DNS server in the main subnet /ip hotspot walled-garden ip> print detail 0 ;;; Allowing hotspot users to communicate with DNS Server in the other subnet server=hotspot1 src-address=192.168.20.0/24 ...
by hazartilirot
Thu Oct 01, 2020 5:03 pm
Forum: Beginner Basics
Topic: Inner DNS server doesn't resolve domain names for hotspot users
Replies: 15
Views: 452

Inner DNS server doesn't resolve domain names for hotspot users

Good day, Well I've got two subnets 192.168.10.0/24 - the main 192.168.20.0/24 - a hotspot 192.168.10.252 - is BIND DNS server which resolves dns requests in the main subnet and it doesn't for users in hotspot. add action=accept chain=forward disabled=yes dst-address=192.168.10.252 dst-port=53 proto...
by hazartilirot
Mon Sep 28, 2020 12:33 pm
Forum: General
Topic: Let's encrypt and Mikrotik
Replies: 13
Views: 12988

Re: Let's encrypt and Mikrotik

In the meantime, a number of manufacturers of appliances and routers have already integrated support for Let's Encrypt into their devices.
Ha-ha! Most routers are set up in a number of clicks, but not MikroTik! ;D
by hazartilirot
Mon Sep 28, 2020 12:08 am
Forum: Beginner Basics
Topic: script importing MAC table
Replies: 1
Views: 39

Re: script importing MAC table

I've changed my script, but it doesn't work either.... I don't know why.... :local filename "mac_table.txt"; :local content [/file get [/file find name=$filename] contents]; :delay 1; :foreach line in=[:find "\r" $content] do={ :local array [:toarray $line]; :local mac-address [:pick $array 0]; :loc...
by hazartilirot
Sun Sep 27, 2020 9:04 pm
Forum: Beginner Basics
Topic: script importing MAC table
Replies: 1
Views: 39

script importing MAC table

Well, I've just started using one of Mikrotik devices and decided to import a table of MACs from my previous device. The thing is that I'm a newcomer and have by no means dealt with Mikrotik before. There is a comma separated values in file MAC,ADDRESS,SERVER,COMMENT 00:00:00:00:00:00,XXX.XXX.XXX.XX...