I’m probably missing something simple, but here it goes. I have a working Hotspot setup with my Radius server authenticating users with user/password. I wanted to change the hotspot/Radius setup so that certain business customers would never see the login, since they would be authenticated by their MAC.
On the hotspot site: I changed the hotspot from https, chap only by checking the MAC authentication too. The MAC password is blank.
On my radius server, I created a username: 00:1A:4D:DB:5E:1F with a blank password. I made this user a member of one of the existing hotspot groups (bandwidth limits).
When I power up this system, the hotspot complains that it tried to login by MAC but, “login failed: RADIUS server is not responding” I then open up a browser on the machine and login with a user/password and the same radius server without problem. Should the radius server reply to the hotspot with some special attribute or something? Thanks in advance,
marshall
I have a fully functioning system, radius, hotspot, etc.(for 2 years) I just Checked the MAC authentication box and kept the password box empty on the mikrotik hotspot. I set the radius server with username and password empty. Is something more required on the radius server?
if I create a user on the radius server for “test” with a password of “password” the radius server responds and login is successful.
By default it’s enough to have MAC-address as username and blank password. You may test the same configuration with ‘ip hotspot user’ add user with MAC-address as name without a password and check it.
Research ‘radius,debug’ logs to find out where is the problem with blank password.
if you using mikrotik hotspot,then what you can do is add their mac address under /ip hotspot bindings and select bypassed.That will bypass them from using the login page and give them direct internet access.
We had a similar problem when we would auto login our business clients. MAC Address as a username and password blank. This did not work. The work around we did, was that we created the Username by their MAC Address e.g xx:xx:xx:xx:xx:xx Then we added a password “business” on the radius server.
On the RouterOS 3.10 we did /ip hotspot profile
name=“hsprof1” hotspot-address=10.17.102.1 dns-name=“”
html-directory=hotspot rate-limit=“” http-proxy=0.0.0.0:0
smtp-server=xxx.150.xxx.5 login-by=mac,cookie,http-pap mac-auth-password="business" http-cookie-lifetime=1w
split-user-domain=no use-radius=yes radius-accounting=yes
radius-interim-update=5m nas-port-type=wireless-802.11
radius-default-domain=“” radius-location-id=“” radius-location-name=“”
And it worked - so try to add a standard password on the radius user and on the ROS hotspot too