I’ve got two things I’d like to get some help with.
I’d like to set my hotspot to have some PDQ function (split bandwidth down/up) by the total amount of users equally; e.g. 10/2mb line - 2 users each get 5/1mb, if ther are 10 users each get 1/0.2mb.
I’m not sure where or how I’d place the rules in for a hotspot to function that.
I have separate radius RB and hotspot locations; but to prevent any rouge devices from connecting in at the moment, I’m using a combo of port knocking and trusted ip’s. But I’d like to add in PPPoE - could someone tell me how I’d go about setting that up.
Is there away to cut down the cpu power needed when users are logged into the hotspot? I’ve noticed that data reporting between the radius server and the hotspot creates a cpu spike with even one user connected - RB450g (hotspot) and RB800 (radius) is creating a 20% spike, when downloading data.
Another odd thing I’ve just realised is that - if I’m running torrents connected to my hotspot, and the radius kicks them out or the hotspot router is rebooted; the user will not be able to visit any other webpage but can still download!
How can I make sure that all traffic is stopped until they are logged in?
That shouldn’t be the case. Are you SURE a user can torrent after a router is rebooted? I can see that maybe ongoing connections aren’t killed when the user is logged out, but a reboot resets all connections. I find it hard to believe that’s possible.
Hi there,
Yes 100% sure, I’ve tested it many times over - and I can confirm that the connections stay active (other than HTTP) on reboot of the hotspot.
Torrents are going through without any issues; but the second I try and log a webpage, I’m faced with the log in page. I believe this could be a bug.
When you say reboot of the hotspot, are you talking about actually rebooting the entire MikroTik itself, or are you talking about disabling and re-enabling the hotspot portion of the MikroTik?
As Fewi said, a reboot of the box completely clears out all connection state information, they should not be able to pass any traffic at all until they sign back in. If you are just talking about disabling the hotspot, then they will be able to pass traffic, because they have a valid connection state still in the connections table of the firewall and the router will do what it does best, route the connections.
You might be able to set up a filter rule that will check to see if the user is authorized on the hotspot and if they aren’t, drop the packets.
If my syntax is off it’s because I don’t have a box to connect to at the moment and verify, but this should get you started. You might need to make several adjustments to the rule as I’m not sure if this will break any of the login functionality.
Hi there
When I say reboot I mean a physical reboot! Now I’m thinking this could be a raduis issue with userman. I’ve found another bug with I’ve directly submitted, and has been confirm.
I’ll try that code or something based on it when I can later today
What are your sign in methods? Is the cookie one enabled? It could possibly be that they have a valid cookie that is signing them back in after you kick them off.