Hotspot still doesn't work.. don't know what else to try..

thomsany · May 31, 2009, 1:53am

Hi!

I have a couple of questions regarding the installation of the RB433 as a Hotspot device for WiFi Access.
I have the current network layout and I was wondering if you could help me.
I am using Winbox to set up the box.

I have two connections that I am using:
ether1: DMZ port to my firewall. IP address is 17.0.0.2 (Gateway is 17.0.0.1). I added the IP address and then created a route for any traffic (0.0.0.0/0) to go out through the 17.0.0.1 Gateway.
Now, I go into IP > Hotspot and then Select Hotspot setup.
I set a hotspot on my wlan1 network with a Gateway address of 10.0.0.1/24. The IP pool is 10.0.0.3 –10.0.0.254.
I create a default user name admin and a password of 123.
I enter also the DNS servers of my ISP so that the DHCP server can give to my users.

Then I go into IP> Firewall and create a NAT srcnat with Outgoing interface ether1.

After all of this is done, I try to test my network by using my laptop to connect.
I get an address from the DHCP server running on my wlan1 adapter.
When I open the browser, it tries to go to my default browser homepage. Of course since it’s a hotspot and I am not authenticated I can’t navigate anywhere. After I manually access the hotspot IP address of 10.0.0.1 I get the login page. I enter my credentials and it authenticates. However, I still can’t browse anywhere on the internet.
So basically I have two problems:

When I create a Hotspot server, running on the Mikrotik device with the configuration mentioned above, I can’t get to a login page for my user to log in or even for users to enter as trial users.
After the users authenticates, they can’t navigate. They have the IP address and DNS servers but they can’t navigate anywhere.

I tried using a bridge, creating the hotspot on the same subnet as the ether1 network, without luck of getting it to work.
I checked the tutorial on the wiki, even saw some videos on youtube to see if I was doing something wrong and still I can’t get it to work.
That’s when I decided to email you guys.
I am trying to set up a hotspot for a mall and I want users to have a time limit of 2 hours on free accounts.

If you have another step by step guide that I could use I would greatly appreciate it.

Thanks much in advance,
Teo

Toby · May 31, 2009, 9:53am

On our hotspot we use masquerade instead of src-nat. But I am not sure if it will solve your problem with internet access.

thomsany · May 31, 2009, 2:19pm

I forgot to mention that when I used srcnat with the outgoing interface set to ether1 I used masquerading, however this does not make a difference.
I also note that whenever I create a Hotspot server on Winbox, it automatically creates entries on the IP > FIrewall > NAT and FIlter sections.

I don’t know why it doesn’t work. I’ve seen different tutorials, follow it step by step and I can’t get it to work.

jimbojones · May 31, 2009, 4:11pm

Might be you don’t have ARP on. Also, can I ask why your using 17.x.x.x ? Thats routable IP space, and should not be used as private space on your lan. Stick to 10.x.x.x 192.168.x.x. Maybe if you post up your config, someone might spot something obvious thats wrong.

Cheers

Jimbo