DNS problem when hotspot activated

campingspotde · May 20, 2018, 1:17pm

Hi.

I´m using 6.42.2 . All on the system is running fine, but when i activate my hotspot, DNS is not working?!!
What can be the problem?

solar77 · May 21, 2018, 8:07am

check what DNS do your hotspot clients get?

campingspotde · May 22, 2018, 10:00am

Check… sorry. Everything is working. DNS HTTP and HTTPS. When i actived the hotspot, user´s can login and after that … nothing. No page (URL) is available. I cant open anything.

solar77 · May 22, 2018, 10:23am

is your hotspot DHCP pool correct? if it is diffirent from you LAN DHCP pool, does the hotspot pool get correctly NAted?

campingspotde · May 22, 2018, 10:55am

He is using the same pool.

solar77 · May 22, 2018, 12:35pm

please can you post

export hide-sensitive

?

campingspotde · May 23, 2018, 6:14am

[admin@Tik-Bistro-Damp] > export hide-sensitive

may/23/2018 08:02:52 by RouterOS 6.42.2

software id = FGJK-B0II

model = 750GL

serial number = 467A04D3F715

/interface bridge
add admin-mac=4C:5E:0C:D4:9D:89 auto-mac=no comment="created from master port"
name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
/interface pptp-client
add connect-to=utm01.camping-spot.de disabled=no name=pptp-out1 user=
rxxxxxxxxxxxxx
/interface vlan
add interface=bridge1 name=vlan100 vlan-id=100
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
add dns-name=damp.login hotspot-address=10.4.40.1 html-directory=dorotheenthal
html-directory-override=dorotheenthal login-by=cookie,http-chap,http-pap
name=hsprof1 radius-location-id=dorotheenthal-bistro use-radius=yes
/ip hotspot user profile
add idle-timeout=30m name=putze shared-users=2 transparent-proxy=yes
/ip pool
add name=default-dhcp ranges=192.168.2.50-192.168.2.254
add name=dhcp_pool5 ranges=10.4.40.2-10.4.43.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge1 lease-time=1d10m
name=defconf
add address-pool=dhcp_pool5 disabled=no interface=vlan100 lease-time=1d10m
name=dhcp1
/ip hotspot
add address-pool=dhcp_pool5 idle-timeout=15m interface=vlan100 name=hotspot1
profile=hsprof1
/ip hotspot user profile
set [ find default=yes ] address-pool=dhcp_pool5 idle-timeout=30m
/tool user-manager customer
set admin access=
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether2-master
/ip neighbor discovery-settings
set discover-interface-list=all
/interface list member
add interface=bridge1 list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=bridge1 list=mactel
add interface=bridge1 list=mac-winbox
/ip address
add address=192.168.2.1/24 comment=defconf interface=ether2-master network=
192.168.2.0
add address=10.4.40.1/22 interface=vlan100 network=10.4.40.0
add address=192.168.88.222/24 interface=bridge1 network=192.168.88.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=10.4.40.0/22 dns-server=10.4.40.1 gateway=10.4.40.1
add address=192.168.2.0/24 comment=defconf dns-server=192.168.2.1 gateway=
192.168.2.1
/ip dns
set allow-remote-requests=yes cache-size=8192KiB max-concurrent-queries=1000
max-concurrent-tcp-sessions=200 servers=192.168.2.1,217.237.150.225,8.8.8.8
/ip dns static
add address=10.4.40.1 disabled=yes name=dorotheenthal.camping-spot.login
add address=10.4.40.1 name=damp.login
add address=10.15.23.20 name=paypal.camping-spot.login
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here"
disabled=yes
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related"
connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" in-interface=
ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack"
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related"
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=
invalid
add action=drop chain=forward comment=
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat
connection-state=new in-interface=ether1
add action=accept chain=input dst-port=8291 protocol=tcp
/ip firewall nat
add action=accept chain=hotspot dst-port=53 protocol=udp to-ports=64872
add action=accept chain=hotspot dst-port=53 protocol=tcp to-ports=64872
add action=passthrough chain=unused-hs-chain comment="place hotspot rules here"
disabled=yes
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=
ether1
add action=masquerade chain=srcnat comment="masquerade hotspot network"
src-address=10.4.40.0/24
add action=dst-nat chain=dstnat dst-port=7443 protocol=tcp to-addresses=
192.168.2.2 to-ports=7443
add action=masquerade chain=srcnat comment="masquerade hotspot network"
src-address=192.168.2.0/24
/ip hotspot user
set [ find default=yes ] limit-uptime=30m
add name=admin
add name=5555 profile=putze server=hotspot1
/ip hotspot walled-garden
add comment="place hotspot rules here" disabled=yes
add dst-host=:^.akamaiedge.net server=hotspot1 src-address=0.0.0.0
add dst-host=:^radius-doro.camping-spot.de
add dst-host=:^[1](http://www.paypalobjects.com)
add dst-host=:^[2](http://www.paypal.com)
add dst-host=:^[3](http://www.paypal.de)
add dst-host=:^content.paypalobjects.com
/ip hotspot walled-garden ip
add action=accept disabled=no dst-address=10.15.23.20 !dst-address-list
!dst-port protocol=tcp server=hotspot1 src-address=0.0.0.0
!src-address-list
add action=accept comment="ppobj may/23/2018" disabled=no dst-address=
92.123.40.198
add action=accept comment="ppj may/23/2018" disabled=no dst-address=23.52.12.83
add action=accept comment="ppobj may/23/2018" disabled=no dst-address=
23.52.14.182
add action=accept comment="ppobj may/21/2018" disabled=no dst-address=
23.194.204.198
add action=accept comment="ppj may/23/2018" disabled=no dst-address=
104.84.145.75
add action=accept comment="ppobj apr/06/2018" disabled=no dst-address=
95.100.200.237
add action=accept comment="ppobj apr/06/2018" disabled=no dst-address=
23.211.1.19
add action=accept comment="ppobj apr/06/2018" disabled=no dst-address=23.45.1.6
add action=accept comment="ppobj may/20/2018" disabled=no dst-address=
23.44.105.6
add action=accept comment="ppobj may/22/2018" disabled=no dst-address=
2.19.105.19
add action=accept comment="ppobj may/14/2018" disabled=no dst-address=
104.81.34.199
add action=accept comment="pp may/01/2018" disabled=no dst-address=23.44.109.7
add action=accept comment="ppj may/23/2018" disabled=no dst-address=
23.53.173.13
add action=accept disabled=no dst-port=53 protocol=udp
add action=accept disabled=no dst-port=53 protocol=tcp
/ip route
add distance=1 dst-address=10.15.23.0/24 gateway=pptp-out1
/ip service
set www-ssl certificate=www_camping-spot_de.crt_0 disabled=no
set winbox address=0.0.0.0/0
/radius
add address=10.15.23.20 service=ppp,hotspot timeout=3s
/snmp
set contact=dirk.westphal@camping-spot.de enabled=yes location=
"Dororthenthal Bistro" trap-interfaces=pptp-out1 trap-version=2
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=Tik-Bistro-Damp
/system logging
add topics=radvd
add topics=radius,debug
add topics=hotspot,info
add topics=dns
add disabled=yes topics=firewall,info
add disabled=yes topics=firewall,debug
add topics=dhcp,debug
/system routerboard settings
set silent-boot=no
/system scheduler
add interval=10m name=paypal on-event=paypal policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon
start-date=apr/04/2018 start-time=05:11:54
add interval=23h name=cleanup on-event=cleanup policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon
start-date=apr/04/2018 start-time=05:12:10
/system script
add name=paypal owner=admin policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":lo
cal ppobjip [:resolve www.paypalobjects.com];\r
\n:local today [/system clock get date];\r
\n:local paypalobject [/ip hotspot walled-garden ip find dst-address=$ppobj
ip];\r
\n:local thisdate none;\r
\n:local noip true;\r
\n\r
\n:foreach i in=$paypalobject do={\r
\n :set noip false;\r
\n :set thisdate [/ip hotspot walled-garden ip get $i comment];\r
\n :if ($thisdate != ("ppobj $today")) do={\r
\n /ip hotspot walled-garden ip set $i comment="ppobj $today"
;\r
\n }\r
\n}\r
\n\r
\n:if ($noip) do={\r
\n :log info "paypal script adding $ppobjip";\r
\n /ip hotspot walled-garden ip add dst-address=$ppobjip comment="ppobj
_$today";\r
\n}\r
\n\r
\n:local ppjip [:resolve www.paypal.com];\r
\n:local today [/system clock get date];\r
\n:local paypal [/ip hotspot walled-garden ip find dst-address=$ppjip];\r
\n:local thisdate none;\r
\n:local noip true;\r
\n\r
\n:foreach i in=$paypal do={\r
\n :set noip false;\r
\n :set thisdate [/ip hotspot walled-garden ip get $i comment];\r
\n :if ($thisdate != ("pp $today")) do={\r
\n /ip hotspot walled-garden ip set $i comment="ppj $today";
\r
\n }\r
\n}\r
\n\r
\n:if ($noip) do={\r
\n :log info "paypal script adding $ppjip";\r
\n /ip hotspot walled-garden ip add dst-address=$ppjip comment="pp $to
day";\r
\n}"
add name=cleanup owner=admin policy=
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":lo
cal today [/system clock get date];\r
\n:local old [/ip hotspot walled-garden ip find comment~"ppobj*"];\r
\n:global thisrem none;\r
\n:global thisip none;\r
\n\r
\n:foreach i in=$old do={\r
\n :set thisrem [/ip hotspot walled-garden ip get $i comment];\r
\n\r
\n :if ($thisrem != ("ppobj $today")) do={\r
\n /ip hotspot walled-garden ip remove $i;\r
\n }\r
\n}\r
\n\r
\n:local today [/system clock get date];\r
\n:local old [/ip hotspot walled-garden ip find comment~"pp*"];\r
\n:global thisrem none;\r
\n:global thisip none;\r
\n\r
\n:foreach i in=$old do={\r
\n :set thisrem [/ip hotspot walled-garden ip get $i comment];\r
\n\r
\n :if ($thisrem != ("pp $today")) do={\r
\n /ip hotspot walled-garden ip remove $i;\r
\n }"
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox
/tool user-manager database
set db-path=user-manager

www.paypalobjects.com ↩︎
paypal.com

A Simple and Safer Way to Pay and Get Paid

PayPal is the faster, safer way to send money, make an online payment, receive money or set up a merchant account.

↩︎
paypal.com

PayPal Konto | Digitale Mobile Wallet | PayPal DE

Verwende dein PayPal-Konto zum Bezahlen, Geld senden und verwalten. Erstelle ein Händlerkonto für dein Unternehmen. Nutze mobiles Bezahlen und Ratenkauf.

↩︎