I’ve been preparing to deploy my first hotspot system using the User-Manager package and it’s been going well. However, I’m running into one issue that I can’t seem to solve.
From the internal network, I can’t access the signup page without first logging in!
In fact, if I point my browser to my internal IP address (10.10.10.1) the only hotspot/user-manager page I can get is the login page, everything else 404’s. However, if I use my routers external IP, I can access the signup page/userman/etc after logging in.
I’ve read through all the wiki articles and manual pages and can’t find my mistake. The only thing I haven’t done is to enable the use of SSH. What am I missing?
I have tried using both ROS 4.11 w/4.11 User-Manager, and ROS 4.10 w/ 4.10-test User-Manager and get the same results.
Thanks for that suggestion, it got me thinking in the right direction.
If my understanding is incorrect, anyone can feel free to jump in, but this is how I see things at this point.
The hotspot web server is completely independent from the User Manager web server.
If the hotspot and User Manager are configured to run on the same internal hotspot gateway IP then the User Manager pages WILL NOT be accessible without login from the hotspot network.
The User Manager pages (Signup, userman, etc) can only be accessed from the hotspot network given the following conditions are true:
3a. The User Manager router (/tool user-manager router) and the Radius client (/radius) are set on any IP other than the one the hotspot is using (i.e. random private IP on loopback [IP on portless bridge] or external router IP).
3b. A walled garden IP entry is added to the hotspot to allow access to the User Manager IP without login (/ip hotspot walled-garden ip)
In my case, I changed my User Manager to another IP, added a walled garden entry to that new IP, and added a link to the signup page to the hotspot login page, which got me up and running.
Hello
I am working on this as well. Signup is eluding me. I followed your lead and can get the login page with signup. After accepting the SSL cert, I am directed to https://192.168.1.1/user/signup/mikrotik. Address would seem correct however, it is the standard user manager login page. Not a new user sign up (set user/pass and pay for access).
You can’t use the hotspot ip to get to the payment page. You should use the ip on you wan interface (ether1?). But before that will work, you need to let requests to that ip through the hotspot.
/ip hotspot walled-garden ip
add dst-address=x.x.x.x action=accept
yes, i do get pass the hotspot login page through the walled-garden ip, but the radius use manager page (blue) displayed to login instead of a page to fill data for a new user!
The link should be http://routerIP/user?signup=PublicID
The PublicID should be replaced with the customer public id setting.
You need to set up some type of payment method in my version anyway.
I don’t understand “prepaid voucher”. If the user is prepaying, all user data like username and password, should be entered in the user database when he/she prepays. How are you intending to handle it?
i will have printed prepaid voucher cards with some type of serial number.
a user connects to my network and creates his/her account… but inactive.
the user adds the serial code of the card “secret code”, the user is active.
after the period of the card expires, the user is again inactive..
think of it like a mobile “prepaid card”. you have a line, but you can’t make a call till you recharge your phone with credit. (scratch card).
You should probably be using RadiusManager instead.
It’s not without it’s issues, but the developer does provide direct technical support, rather than foisting it off on 3rd parties.
I was told that UM in 5.x would support signup for free access, but this does not appear to be the case.
Given that they haven’t fixed what’s broken, and have not implemented basic features requested by a lot of users, I doubt there will be any new features any time soon.
Not everything is perfect in this world … Routers are meant to route traffic - but nicely Mikrotik adds many features to their
devices to lessen the needs of extra hardware and 3rd party software. When you mentioned Radius Manager, this means
I must set a pc for one job alone, buy the 3rd party software at its full price, and at times of downtime or technical issue
i will have to dig through the root of problem either the routers or the pc or the software… with mikrotik, it’s all in one…
if you step on a seed of pine tree while in the development stage, you will break it, but when its fully developed, you will need a saw to break it… so we hope for the better
