hotspot woes

Perhaps someone can help me here. We have Hotspot sessions authenticating via FreeRadius from MAC’s. They get a private IP address that is masqueraded in the firewall.

Just recently we’ve had customers complaining that windows updates just times out and they can’t get them and getting to certain websites does the same. I read another post about putting several of the windows sites in walled garden but that hasn’t worked. And we can’t be doing this for every site that has this issue on every single board. If I add the customers MAC address in IP Bindings as bypassed then everything works. A particular site other than windows updates is http://www.traditionbank.com

This site works when IP Bindings is active as I described, and works from any of our other servers that are not behind Mikrotik. I have yet to get this site or windows updates with walled garden setup or anything else I’ve tried.

Anyone that can shed some light on this would be greatly appreciated as we need it fixed ASAP.

Oh yes, this has been confirmed on 2.9.46 and 2.9.50 units that we have.

is your hotspot connected to the internet via a pppoe connection by chance?

No, we don’t use PPPOE for anything at this moment; also the webproxy-test package is installed but not enabled. I was noticing the ip address for that site listed under connections in waiting state. My browser I’m testing with is not setup to use a proxy but I have tested using and enabling the proxy in mikrotik but still nothing with denying caching or just allowing direct access. All these tests have been done in conjunction with the ones I previously stated.