HotSpot Login Problems

erich5470 · October 30, 2010, 2:04pm

This afternoon, I successfully setup a hotspot on a radio which consists of:
RB 532A
SR2
SR5
Level 4 license
No Radius Server… Just using the hotspot option in the RouterOS provided on the routerboard.

THE PROBLEM:

When I use a new computer and connect wirelessly to the radio. Everything is OK.
I am able to login to the login page perfectly.

After the initial login. I disconnect from the wireless connection. I go back about a half hour later to login on the same laptop.
But, instead of coming up to the login page. The router automatically logs me in like it has remembered my mac address or something and is automatically authorizing me to use the connection. I want my users to have to go through the login page.

If I use a new laptop to login.. it comes up to the login page.

I need help either correcting the problem or an explaination of what is going on?

Any help would be appreciated..

Thanks, Eric

fewi · October 30, 2010, 3:12pm

Edit the Hotspot server profile and remove the cookie login option. With that option enabled a cookie is written to the browser. The login page is technically shown, but the browser sends the credentials automatically via the cookie and the user is logged in transparently. The option is on by default.
http://wiki.mikrotik.com/wiki/Manual:IP/Hotspot/Profile

login-by (cookie|http-chap|http-pap|https|mac|trial; Default: http-chap, cookie)

Used HotSpot authentication method
cookie - may only be used with other HTTP authentication method. HTTP cookie is generated, when user authenticates in HotSpot for the first time. User is not asked for the login/password and authenticated automatically, until cookie-lifetime is active
http-chap - login/password is required for the user to authenticate in HotSpot. CHAP challenge-response method with MD5 hashing algorithm is used for protecting passwords.
http-pap - login/password is required for user to authenticate in HotSpot. Username and password are sent over network in plain text.
https - login/password is required for user to authenticate in HotSpot. Client login/password exchange between client and server is encrypted with SSL tunnel
mac - client is authenticated without asking login form. Client MAC-address is added to /ip hotspot user database, client is authenticated as soon as connected to the HotSpot
trial - client is allowed to use internet without HotSpot login for the specified amount of time

erich5470 · October 31, 2010, 1:06am

Thankyou… that makes sense…

Just got home from overseas.. everything is secured networking over there. After a while of not using browsers, you tend to forget about the minute details behind the applications..lol