Hospot - Logs in but then nothing happens

RAHQGideon · February 3, 2011, 8:00am

Hi guys.

I have a problem thet I haven seen before and am struggeling to fix.

We have a client with 8 hotspots linking to one central unit that also doubles as a hotspot. This 433 has the user manager installed and is handeling all the RADIUS for the other 7 radios an itself. The problem is that the other hotspots work fine with users created in user manager but the central unit does the following. User logs onto the hotspot and gets the login page, he then enters his details and it tells him he is now logged on but then nothing happens. The browser says “website found waiting for reply” but stops here.

I have no extra firewall rules than that created by the hotspot wizzard. If I bypass the user it works fine. I have tried with several user accounts and created new ones with no luck.

Any sugestions?

Thanks

SurferTim · February 3, 2011, 11:50am

What are you using for a masquerade/srcnat? Please post “/ip firewall nat”.
DNS is set correctly in that router?

ADD: Have you modified the login pages in the router? Have you tried the default login pages just as a test?

RAHQGideon · February 3, 2011, 2:13pm

I have the nat that the hotspot creates

/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    disabled=no src-address=172.80.52.0/24

Dns is right because all the bypassed pc work fine. I have modified the login page but have reset the HTML with no luck, I have even recreated the whole hotspot with no luck.

Thanks

SurferTim · February 3, 2011, 2:25pm

The hotspot is a strange creature when it comes to that masquerade. If ether1 is the WAN interface for your network, then this is what I use:

/ip firewall nat
add chain=srcnat action=masquerade out-interface=ether1

How are the rest of your routers set up as far as a masquerade/srcnat? Do they have approximately that same rule? I don’t see how they got out without a masquerade in them. The core router, if that is what this is we are discussing, was only masquerading your hotspot ip range to the internet. ??

RAHQGideon · February 4, 2011, 6:59am

I am running EOIP to their DSL line in my server room so the router points directly to the ADSL router, thats why there is no NAT for the ether port.

SurferTim · February 4, 2011, 11:49am

I am running EOIP to their DSL line in my server room so the router points directly to the ADSL router, thats why there is no NAT for the ether port.

You do have one NAT for the ether port:

add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    disabled=no src-address=172.80.52.0/24

RAHQGideon · February 7, 2011, 1:52pm

No this is the IP range of the wlan interface the hotspot is using. I upgraded the software to 4.16 and it works now.

Thanks anyway