Dear Gurus
I have being have a challenge with my hotspot setup and will need help.
Every thing was working fine with 2.9.51 until l started hitting CPU 100%.
l therefore change to 4.17 to be able to use multiple cpu .
The installation was smooth and the CPU is now 40% on the new system with same old configuration.
l now have an issue with any-ip feature or the universal nat feature.
The hotspot server has https enabled.
hotspot client with the static ip address(out side our subnet) already set can use the hotspot without problems.
But if he has proxy address already set in his browser then he Gets Error.
This error occurs whether ip was by dhcp or he already had static ip (outside or subnet)
This is the error on the browser side
https://www.makercx.com/login?dst=http%3A%2F%2Fsearch.bearshare.com%2F
But if he connects without the proxy and with or without static ip hotspot works.
This is my configuration
/ ip hotspot
add name=“campus-hotspot” interface=Campus-Link address-pool=campus
profile=campus-prf idle-timeout=2m keepalive-timeout=none
addresses-per-mac=100 disabled=no
/ ip hotspot service-port
set ftp ports=21 disabled=no
/ ip hotspot ip-binding
add address=10.10.20.0/24 server=campus-hotspot type=bypassed comment=“”
disabled=no
/ ip hotspot profile
set default name=“default” hotspot-address=0.0.0.0 dns-name=“”
html-directory=nov rate-limit=“” http-proxy=0.0.0.0:0 smtp-server=0.0.0.0
login-by=https ssl-certificate=cert4 split-user-domain=no use-radius=yes
radius-accounting=yes radius-interim-update=received
nas-port-type=wireless-802.11 radius-default-domain=“”
radius-location-id=“” radius-location-name=“”
/ ip hotspot user
add name=“admin” password=“67monkeys” profile=default comment=“” disabled=no
/ ip hotspot user profile
set default name=“default” idle-timeout=none keepalive-timeout=2m
status-autorefresh=1m shared-users=1 transparent-proxy=no
/ ip hotspot walled-garden ip
add server=campus-hotspot src-address=10.10.20.0/24 action=accept comment=“”
disabled=no
Firewall is also
oct/15/2011 02:06:28 by RouterOS 4.17
software id = IGG6-LFYP
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s
tcp-close-wait-timeout=10s tcp-established-timeout=1d
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=yes
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
/ip firewall mangle
add action=mark-packet chain=prerouting comment=“” disabled=no
new-packet-mark=upload passthrough=yes src-address-list=campus
add action=mark-packet chain=postrouting comment=“” disabled=no
dst-address-list=campus new-packet-mark=download passthrough=yes
add action=mark-packet chain=prerouting comment=“” disabled=no dst-address=
10.10.150.0/24 new-packet-mark=exempt-up passthrough=yes
add action=mark-packet chain=postrouting comment=“” disabled=no
new-packet-mark=exempt-down passthrough=yes src-address=10.10.150.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment=“masquerade hotspot network”
disabled=no
add action=passthrough chain=unused-hs-chain comment=
“place hotspot rules here” disabled=no
add action=dst-nat chain=dstnat comment=“” disabled=no dst-port=25 protocol=
tcp to-addresses=8.5.6.8 to-ports=25
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
any help will be appreciated
Rainmaker