hotspot.hot/login ,behand point to point link page not found

RouterOS General
1

My hotspot is working just fine on my local premises. However, I want it to allow users about a kilometer away to also use it.

I use two Rocket M2 Titanium units to create this wireless link to the other premises. The rockets have two lan ports. I therefore run the hotspot access point from the one lan port on the range 192.168.3.x and the other lan port I want to use for IP cameras, using 192.168.0.x. The access point is a Bullet M2 Titanium, one at each premises. All hardware using static IP’s.

On the local site, the Bullet M2 AP work 100% with the hotspot.

However, the Bullet M2 (AP) on the far side, behind the Rocket link, refuse to display the hotspot.hot/login page. I use my android phone to connect and get an IP from the RB532’s DHCP server pool, but the hotspot see it as unauthorized, it seems like, and will not allow it to go to the login page. I added ARP to the DHCP server, but still no go. There is no difference with or without ARP.

When I try to connect to the hotspot, I can see the ip, allocated to the android, in the hotspot hosts tab, with an AH prefix, same as local devices login on. So I am definitely reaching the RB532 hotspot over the link.

On the remote site, when I type 192.168.3.1 (ether1, hotspot) into the browser, it redirects to hotspot.hot/login , but display page not found. Yet this is not happening on the local site, not going through the point to point link and using the exact same model access point. It redirects the same way and the login page is displayed.

SurferTim, I sure hope you are going to see this post and help me out! Some fancy rule? hehe

2

can you share your network connectivity ?

3

I am not sure of what you mean. Can you elaborate on what you want?

4

The HotSpot system does not care how did a client get an address before he/she gets to the HotSpot login page.

Guys, please help. I am running out of things to try and check. I thought maybe the devices which the client connect through is altering the IP in a way that is unacceptable to the hotspot, but above quote says otherwise. So why would a perfectly legal IP be rejected, in that the login page is refused to be displayed?

5

The rockets have two lan ports. I therefore run the hotspot access point from the one lan port on the range 192.168.3.x and the other lan port I want to use for IP cameras, using 192.168.0.x. The access point is a Bullet M2 Titanium, one at each premises. All hardware using static IP’s.

You need to describe how these are connected, including ip/subnet, routing, and nat assignments in the Bullets. Sounds like there is a routing problem on/to the remote network.

You can start by posting the ip/subnets for the hotspot and the remote network.

edit: Also check “/ip hotspot host”. Do you see any of the remote location ip addresses in the “address” part of the list?

6

Sorry Tim. I will come back to you shortly. I am just going through the basics to me, like wiring etc. Spend the whole day making sure that does not get mixed. And now starting to study the setup on the M2 Rockets, point to point link. Discovered I have set up the management IP only and nothing on lan0 and lan1.

So it is actually a miracle that DHCP is getting an IP through to the cell phone?

7

No, it is not a miracle. I have set up the Rockets in Bridge mode.

• Bridge The device acts as a transparent bridge and
operates in Layer 2, like an unmanaged switch.
There is only one IP address for the device in Bridge
mode.

So my hotspot is on 192.168.3.1, local side. (RB532)
That plugs into an 8 port hub.
The Rocket local side is on 192.168.3.111
Plugs into the same 8 port hub

The Rocket on the remote side is on 192.168.3.110
That goes via lan to the Bullet, which is the AP and is on 192.168.3.201

The android connect to this AP and get a IP of 192.168.3.27 from the hotspot pool.

So there is no other network in contact and poisoning is not possible.

I have another Bullet AP on the local side, plugged into the same 8 port hub. When the android connect to this AP, it gets the same IP of 192.168.3.27 and the login page of the hotspot is displayed and I can login successfully.

The problem at the remote site is that the login page is not displayed and reported as not found, so I can not log-in.

Can we try and get this part going, before I go and change the Rockets to router mode in order to run two networks on them, the other for the IP cameras on the 192.168.0.0/24 network, which is a totally separate network with its own RB450G.

What I battle to understand, is why is everything working 100% local side, why am I getting a valid IP on the remote side, but the login page is unauthorized and will not display?

If you want info from the RB, please explain again how to obtain it! I can not remember how to… Activate telnet from winbox and then what is the commands?

Maybe you can send me a mail? You have my address.

8

Yes, I see all the devices and 3 clients that is logged in.

https://docs.google.com/file/d/0B7wyzSIWTUvadG9US2hoOEZ1R1k/edit?usp=sharing

9

Could the problem be with my HTML directory structure? I did fiddle in their some time ago and maybe when I connect from remote, it creates a problem. Can’t see why, if it work local, why not remote?

https://docs.google.com/file/d/0B7wyzSIWTUvaRVZiVkJDelctZGM/edit?usp=sharing

10

Do the remote clients get the login page by requesting the router ip (gateway)?
http://192.168.3.1

If so, try a remote server by ip rather than domain, like Google. Do you get the login page then?
http://173.194.115.20

Do the remote hosts in “/ip hotspot host” have the correct mac address, or the mac of the Bullet?

11

Could you view the picture I gave of the hosts tab I showed? To me it looks correct.
https://docs.google.com/file/d/0B7wyzSIWTUvadG9US2hoOEZ1R1k/edit?usp=sharing

I will go look each one up manually now via its ip and compare to that list, to make sure. I know my android mac by know and knows that is correct, but will go look up the 2 Bullets and the 2 Rockets.

Back in a jiffy…

12

That host list may have helped. Did you notice it is translating all the remote localnet ips to another localnet ip? It is almost like the remote clients are getting their ips from another dhcp server. There isn’t another dhcp server somewhere on that remote localnet, is there?

Have you tried disabling the hotspot nat just as a test? Remember the current setting so you can change it back if it doesn’t work for you.

/ip hotspot
set 0 address-pool=none

If 0 is not the line number of the hotspot, change that.

edit: Are any of the logged in clients in the host list your remote clients?

13

Yes, I did notice, but thought it is ok, as only the clients login on with DHCP is not being changed, and all the fixed ip’s is being changed. I also suspect a second DHCP server somewhere and changed the pool of the known DHCP server to dish out in the range 192.168.3.80-192.168.3.90 and all the ip’s given out by DHCP changed accordingly and the fixed IP’ stayed the same, but was changed to the same pool in hosts. So I deducted from that, that it is only the one DHCP server.

I will however try and do your method as well.

In the meantime I compared those mac addresses and they are all correct on the device itself, ie corresponding with hosts.

14

Are there any remote clients connected to the Bullet? I don’t see any in the host list. Do the remote clients get an ip by dhcp? If so, check the lease list. Their leases should show up there, even if they are not connected at the time.

/ip dhcp-server lease
print detail
15

I am just worried I understand the word ‘remote’ different to what you mean. To me the local devices is the devices at this premises where the hotspot also is. The remote devices is the devices a kilometer away. I have indicated on that hosts list which is local and which is remote devices, according to above explanation. They all get translated IP’s, regardless whether they are local or remote. Therefore my guess is that they get changed because they are fixed on the device’s lan.

16 



[admin@RB532] ip dhcp-server lease> print detail
Flags: X - disabled, R - radius, D - dynamic, B - blocked 
 0 D address=192.168.3.30 mac-address=00:13:49:AB:55:14 client-id="1:0:13:49:ab:55:14" server=dhcp1 status=bound expires-after=52m50s 
     active-address=192.168.3.30 active-mac-address=00:13:49:AB:55:14 active-client-id="1:0:13:49:ab:55:14" active-server=dhcp1 host-name="elize" 

 1 D address=192.168.3.39 mac-address=D4:9A:20:9B:16:2F client-id="1:d4:9a:20:9b:16:2f" server=dhcp1 status=bound expires-after=11m15s 
     active-address=192.168.3.39 active-mac-address=D4:9A:20:9B:16:2F active-client-id="1:d4:9a:20:9b:16:2f" active-server=dhcp1 
     host-name="iPod-Touch" 
[admin@RB532] ip dhcp-server lease>

I do not see my android in the list. I tried to log on at the remote site about an hour ago. I will go do it again and immediately come check for the result and what IP I got there.

17

How long is your lease time on the hotspot interface? Looks pretty short by the lease list.

Are your remote clients behind the Bullet bridge getting an ip?

18

I see my last post did not go through. Here it is again.

OK, just back and printed the detail immediately.

[admin@RB532] > /ip dhcp-server lease
[admin@RB532] ip dhcp-server lease> print detail
Flags: X - disabled, R - radius, D - dynamic, B - blocked 
 0 D address=192.168.3.30 mac-address=00:13:49:AB:55:14 client-id="1:0:13:49:ab:55:14" server=dhcp1 status=bound expires-after=31m3s 
     active-address=192.168.3.30 active-mac-address=00:13:49:AB:55:14 active-client-id="1:0:13:49:ab:55:14" active-server=dhcp1 host-name="elize" 

 1 D address=192.168.3.39 mac-address=D4:9A:20:9B:16:2F client-id="1:d4:9a:20:9b:16:2f" server=dhcp1 status=bound expires-after=39m9s 
     active-address=192.168.3.39 active-mac-address=D4:9A:20:9B:16:2F active-client-id="1:d4:9a:20:9b:16:2f" active-server=dhcp1 
     host-name="iPod-Touch" 

 2 D address=192.168.3.40 mac-address=7C:C3:A1:DE:7D:3E client-id="1:7c:c3:a1:de:7d:3e" server=dhcp1 status=bound expires-after=48m19s 
     active-address=192.168.3.40 active-mac-address=7C:C3:A1:DE:7D:3E active-client-id="1:7c:c3:a1:de:7d:3e" active-server=dhcp1 
     host-name="Jurgs-iPad" 

 3 D address=192.168.3.29 mac-address=50:CC:F8:20:CA:83 client-id="1:50:cc:f8:20:ca:83" server=dhcp1 status=bound expires-after=50m6s 
     [b][u]active-address=192.168.3.29 active-mac-address=50:CC:F8:20:CA:83 active-client-id="1:50:cc:f8:20:ca:83" active-server=dhcp1 
     host-name="android-1f775e838aa768ba"[/u][/b] 
[admin@RB532] ip dhcp-server lease>

3 D is my Android. So I am definately getting the 3.29 ip from DHCP. Still no internet on it though.

19

0, 1 and 2 D is before the bridge, gets an IP and the login page and internet.

3 D is behind the bridge and does get an IP, 192.168.3.29, but not the login page or internet.

Yes. the list is not long as we do not have a lot of clients currently.

Remember, the bridge is on the Rockets and the Bullets is the AP’s.

20

So the Android’s lease run out and is not on the list anymore.

[admin@RB532] ip dhcp-server lease> print detail
Flags: X - disabled, R - radius, D - dynamic, B - blocked 
 0 D address=192.168.3.30 mac-address=00:13:49:AB:55:14 client-id="1:0:13:49:ab:55:14" server=dhcp1 status=bound expires-after=34m45s 
     active-address=192.168.3.30 active-mac-address=00:13:49:AB:55:14 active-client-id="1:0:13:49:ab:55:14" active-server=dhcp1 host-name="elize" 

 1 D address=192.168.3.39 mac-address=D4:9A:20:9B:16:2F client-id="1:d4:9a:20:9b:16:2f" server=dhcp1 status=bound expires-after=59m43s 
     active-address=192.168.3.39 active-mac-address=D4:9A:20:9B:16:2F active-client-id="1:d4:9a:20:9b:16:2f" active-server=dhcp1 
     host-name="iPod-Touch" 

 2 D address=192.168.3.36 mac-address=88:32:9B:52:41:71 client-id="1:88:32:9b:52:41:71" server=dhcp1 status=bound expires-after=36m19s 
     active-address=192.168.3.36 active-mac-address=88:32:9B:52:41:71 active-client-id="1:88:32:9b:52:41:71" active-server=dhcp1 
     host-name="android-4b8272f913b92c0c" 
[admin@RB532] ip dhcp-server lease>

So I am going to log in with it again, this time at the local site and see if there is any differences in the lease.