Hi,
Previously Mikrotik had a feature called advertisement in HotSpot, which is obsolete in latest ROS versions. I’m interested to know if In-Session Ads in hotspot will be possible.
My Scenario is - Public Free WiFi Zone. Users validate via OTP (say using Radius Manager / alternative for OTP verification). Next after certain interval say 15 mins, users will be forced to watch a video (youtube/ other source) for say a particular time say 15 seconds. Then after clicking continue/other button users can again browse the internet for free for next minutes.
How can we achieve this? May be a transparent proxy could be used. But I am not sure of the flow of operation. Any suggestions?
TIA
The only reliable way would be a proxy server and in today’s day and age you’d have to implement a product capable of man-in-the-middling the SSL based web-sites. This would require you to distribute a root CA to your users. Sure you can fiddle with only interrupting HTTP connections or messing with DNS replies for users but all of that will be PITA and result in far more problems than it’s worth.
Once you’ve MITM’d the SSL connections to proxy them along with normal HTTP proxy you can build a solution to manage the advertisement component. I’m not aware of anything that would be a complete package for this. Additionaly there are probably 3rd party services that offer this kind of functionality. They may also do it w/o MITM’ing the SSL but I wouldn’t trust it to be reliable or present a consistent end-user experience. All devices (phones) and browsers actively try to detect this (crap) and try to work around it in their own way which results in a poor experience for the user and doesn’t net you any revenue. If you want to do it, require the “free” users install a self-signed root ca and MITM the SSL. Then you become responsible for decrypting all their data and if your proxy server or root CA is compromised you risk the privacy of anyone using your service.
I remember this RoS-feature. After first usage, few years ago, I recognized the pitfalls, as it was not good enough for real production use.
As it might interrupt the rendering of a requested page by redirecting, when the timer hits.
After fiddling around this problem (there were some possibilities with the help of an intercepting proxy), I decided to write a proxy myself, to do a serious ‘content-injection’ (modify the traffic on-the-fly).
Which was in production use already a few years ago, first time.
All this is valid for http only, of course.
In case of interest, you can contact me at
augustus_meyer At yahoo.de
We have achived this in very simple way . ping me support@iberrywifi.in