I have MT433, WAN on ether1 with more public IPs (let say xxx.xxx.xxx.243, .244 , .245. , .246 ), LANs on ether2 (VLAN and DHCP server for each LAN defined, IPs are 192.168.243.0, .244.0, .245.0, .246.0 ). NAT defined via src-nat (for each VLAN particular public IP on WAN is defined via src-nat - 192.168.243.0 to xxx.xxx.xxx.243 etc.). If I use LAN user without hotspot and test my IP outside (ie. whatismyip.com), it works fine (user on 192.168.243.0 is receiving xxx.xxx.xxx.243 etc.) , if I turn ON hotspot on particular VLAN and user login to hotspot, public IP on whatismyip.com is changed to different value and this address is the same for all VLANs (for all VLANs users I am receiving xxx.xxx.xxx.245 on whatismyip.com). Some idea why?
Thanks
Make sure transparent-proxy is off for HotSpot User Profile.
You can also use this to prevent the Hotspot servlets from grabbing traffic from authenticated users:
/ip firewall nat
add chain=pre-hotspot dst-address-type=!local hotspot=auth action=accept