HEX Lite, I’ve managed to set up the hotspot and it correctly pops up on an Android device and allows me to connect. However, when the session expires, the captive portal Android popup is very unpredictable as to when it will pop up. Sometimes it is immediately, sometimes 90s, sometimes never. Is this a config issue or just an Android quirk?
By all means correct me if any of my config is incorrect, especially any of the timeouts.
Thanks in advance!
Config Export:
/interface bridge
add admin-mac=CC:2D:E0:74:C9:45 auto-mac=no comment=“created from master port”
name=bridge1 protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether2 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full name=
ether2-master
set [ find default-name=ether3 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether5 ] advertise=
10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot login-by=
http-chap,http-pap
add dns-name=.local hotspot-address=192.168.88.1 html-directory=
flash/hotspot login-by=http-chap name=hsprof1
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=no shared-users=unlimited
add add-mac-cookie=no !mac-cookie-timeout name=Guest open-status-page=
http-login session-timeout=5m shared-users=unlimited transparent-proxy=yes
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp disabled=no interface=bridge1 name=defconf
/ip hotspot
add address-pool=default-dhcp disabled=no idle-timeout=none interface=bridge1
name=hotspot1 profile=hsprof1
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/user group
set full policy=“local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,passw
ord,web,sniff,sensitive,api,romon,dude,tikapp”
/interface bridge port
add bridge=bridge1 interface=ether3
add bridge=bridge1 interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether2-master
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add comment=defconf interface=bridge1 list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=bridge1 list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=bridge1 list=mactel
add interface=bridge1 list=mac-winbox
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge1 network=
192.168.88.0
/ip dhcp-client
add comment=defconf disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf dns-server=192.168.88.1 gateway=
192.168.88.1
/ip dns
set allow-remote-requests=yes servers=192.168.88.1,8.8.8.8
/ip dns static
add address=192.168.88.1 name=router.lan type=A
/ip firewall address-list
add address=********* list=“"
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here”
disabled=yes
add action=accept chain=input comment=
“defconf: accept established,related,untracked” connection-state=
established,related,untracked
add action=drop chain=input comment=“defconf: drop invalid” connection-state=
invalid
add action=accept chain=input comment=“defconf: accept ICMP” protocol=icmp
add action=drop chain=input comment=“defconf: drop all not coming from LAN”
in-interface-list=LAN
add action=accept chain=forward comment=“defconf: accept in ipsec policy”
ipsec-policy=in,ipsec
add action=accept chain=forward comment=“defconf: accept out ipsec policy”
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment=“defconf: fasttrack”
connection-state=established,related
add action=accept chain=forward comment=
“defconf: accept established,related, untracked” connection-state=
established,related,untracked
add action=drop chain=forward comment=“defconf: drop invalid” connection-state=
invalid
add action=drop chain=forward comment=
“defconf: drop all from WAN not DSTNATed” connection-nat-state=!dstnat
connection-state=new disabled=yes in-interface-list=WAN
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here”
disabled=yes
add action=masquerade chain=srcnat comment=“defconf: masquerade” ipsec-policy=
out,none out-interface-list=WAN
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=192.168.88.0/24
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
src-address=192.168.88.0/24
/ip hotspot service-port
set ftp disabled=yes
/ip hotspot user
add name=notsosecretuser password=notsosecretpass profile=Guest server=hotspot1
/ip hotspot walled-garden ip
add action=accept disabled=yes !dst-address dst-address-list="”
!dst-port !protocol server=hotspot1 !src-address !src-address-list
/ip service
set www-ssl certificate=“Hotspot Server”
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox