Remote VPN traffic is forced to self register and pay to gain Internet access using Hotspot/Userman on CHR.
How exactly would one setup the CHR Hotspot Interface to accomplish that?
I’m open to ideas. In this scenario I want to authorize all traffic from the remote ROS once they have paid for service. I assume this would be easier to accomplish on the CHR as it will only see the remote ROS device as a single IP.
I am guessing the answer would be to setup a bridge on the CHR and then add that bridge to the ppp profile for VPN users and then setup Hotspot on the bridge interface?
Finally managed to get it working as desired. Remote Mikrotik routers are authorized by their MAC address. End users have no access to the Mikrotik interface and are masqueraded by the Mikrotik so there should be no way for them to position themselves to spoof MAC.