Is there a way to set up an address list to bypass the hotspot? I know I can add firewall rules ahead of the hotspot firewall entries, but when I disable and re-enable the hotspot server my rules are bumped to the bottom and stop working.
Any help is appreciated!
Hi,
Try http://wiki.mikrotik.com/wiki/Manual:IP/Hotspot/Walled_Garden
HTTP walled-garden, menu allows to set authentication bypass for HTTP and HTTPs resources
I am aware of the walled garden, but don’t see a way to add an address list to that.
By the way, I wasn’t clear in my original request. The Address List contains addresses on my LAN - Devices I want to always allow hotspot bypass access to. I’m looking for a way to allow the entire address list to bypass the hotspot.
That’s simply not supported. The only supported way to bypass clients by IP is the “/ip hotspot walled-garden ip” section, which automatically and dynamically creates entries in the hs-auth and hs-auth-to firewall filter chains. That section doesn’t take address lists, so you can’t use address lists. You could come up with some script that runs every minute and jockeys rules around to keer your customizations at the top, but that might break with future releases and would be relatively resource intensive.
Have you considered a different approach? Maybe use ranges instead of address lists?