Landing page not working from WAN

MrJingles46 · November 18, 2011, 8:12am

Hi Guys

I have setup 13 stores country wide with routerboards and hotspots.

They are all done exactly the same as I copied the config from the first board to all others and just updated the script.

The board dials in the pppoe for the ADSL and I have a script running to update the dynamic dns for the public IP.

when i access the dyndns URL in my browser i get the landing page on some boards as I should but not on others.

I need to be able to access userman on each board via the web interface so that the store manager can add/delete users themselves.

I cant see how the one would work and the other doesn’t , is there something I am missing?

I will post any logs or anything you guys want to help solve the problem.

PLEASE HELP

cieplik206 · November 18, 2011, 11:53am

Hi there,

Plese post export config from 2 devices, one that work and one that does not

/ip hotspot export
/ip service export
/ip firewall filter export

Pawel

MrJingles46 · November 18, 2011, 7:07pm

ok cool here we go -

here is the non-working one
/ip hotspot export

/ip hotspot profile
set default dns-name=“” hotspot-address=0.0.0.0 html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap name=default rate-limit=“”
smtp-server=0.0.0.0 split-user-domain=no use-radius=no
add dns-name=gateway.dionwired.co.za hotspot-address=192.168.0.129 html-directory=hotspot http-cookie-lifetime=5m http-proxy=0.0.0.0:0 login-by=cookie,http-chap name=
hsprof1 nas-port-type=wireless-802.11 radius-accounting=yes radius-default-domain=“” radius-interim-update=received radius-location-id=“” radius-location-name=“”
radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit=“” smtp-server=64.13.232.144 split-user-domain=no use-radius=yes
/ip hotspot
add address-pool=dhcp_pool2 addresses-per-mac=1 disabled=no idle-timeout=5m interface=wlan2 keepalive-timeout=none name=hotspot1 profile=hsprof1
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=4 status-autorefresh=1m transparent-proxy=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot walled-garden
add action=allow comment=“place hotspot rules here” disabled=yes
add action=allow comment=twitter disabled=no dst-host=twitter server=hotspot1
add action=allow comment=mweb disabled=no dst-host=mweb server=hotspot1
add action=allow comment=dionwired disabled=no dst-host=dionwired server=hotspot1
add action=allow comment=“twitter images” disabled=no dst-host=twimg server=hotspot1
add action=allow comment=“facebook backend” disabled=no dst-host=fbcdn server=hotspot1
add action=allow comment=“facebook backend” disabled=no dst-host=facebook server=hotspot1
add action=allow comment=twitter disabled=no dst-host=webtrix server=hotspot1
add action=allow comment=twitter disabled=no dst-host=youtube server=hotspot1
add action=allow comment=twitter disabled=no dst-host=itunes server=hotspot1
add action=allow comment=twitter disabled=no dst-host=sony server=hotspot1
add action=allow comment=twitter disabled=no dst-host=toshiba server=hotspot1
add action=allow comment=twitter disabled=no dst-host=canon server=hotspot1
add action=allow comment=twitter disabled=no dst-host=samsung server=hotspot1
add action=allow comment=twitter disabled=no dst-host=intel server=hotspot1
add action=allow comment=twitter disabled=no dst-host=apple server=hotspot1
add action=allow comment=“youtube images” disabled=no dst-host=ytimg server=hotspot1
add action=allow comment=dionwired disabled=no dst-host=youtu.be server=hotspot1
add action=allow comment=twitter disabled=no dst-host=google server=hotspot1
add action=allow comment=twitter disabled=no dst-host=img server=hotspot1
/ip hotspot walled-garden ip
add action=accept disabled=no server=hotspot1 src-address=64.13.232.144
add action=accept disabled=no dst-address=64.13.232.144 server=hotspot1
add action=accept disabled=no server=hotspot1 src-address=196.4.160.4
add action=accept disabled=no dst-address=196.4.160.4 server=hotspot1
add action=accept disabled=no server=hotspot1 src-address=66.102.13.101
add action=accept disabled=no dst-address=66.102.13.101 server=hotspot1

ip service export

/ip service
set telnet disabled=no port=23
set ftp disabled=no port=21
set www disabled=no port=80
set ssh disabled=no port=22
set www-ssl certificate=none disabled=yes port=443
set api disabled=yes port=8728
set winbox disabled=no port=8291
[admin@WoodMead] >

/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here” disabled=yes
[admin@WoodMead] >

And here is the one that does work -

/ip hotspot profile
set default dns-name=“” hotspot-address=0.0.0.0 html-directory=hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap name=default rate-limit=“”
smtp-server=0.0.0.0 split-user-domain=no use-radius=no
add dns-name=gateway.dionwired.co.za hotspot-address=192.168.0.129 html-directory=hotspot http-cookie-lifetime=5m http-proxy=0.0.0.0:0 login-by=cookie,http-chap name=
hsprof1 nas-port-type=wireless-802.11 radius-accounting=yes radius-default-domain=“” radius-interim-update=received radius-location-id=“” radius-location-name=“”
radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit=“” smtp-server=64.13.232.144 split-user-domain=no use-radius=yes
/ip hotspot
add address-pool=dhcp_pool2 addresses-per-mac=1 disabled=no idle-timeout=5m interface=wlan1 keepalive-timeout=none name=hotspot1 profile=hsprof1
/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=4 status-autorefresh=1m transparent-proxy=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot walled-garden
add action=allow comment=“place hotspot rules here” disabled=yes
add action=allow comment=twitter disabled=no dst-host=twitter server=hotspot1
add action=allow comment=mweb disabled=no dst-host=mweb server=hotspot1
add action=allow comment=dionwired disabled=no dst-host=dionwired server=hotspot1
add action=allow comment=“twitter images” disabled=no dst-host=twimg server=hotspot1
add action=allow comment=“facebook backend” disabled=no dst-host=fbcdn server=hotspot1
add action=allow comment=“facebook backend” disabled=no dst-host=facebook server=hotspot1
add action=allow comment=twitter disabled=no dst-host=webtrix server=hotspot1
add action=allow comment=twitter disabled=no dst-host=youtube server=hotspot1
add action=allow comment=twitter disabled=no dst-host=itunes server=hotspot1
add action=allow comment=twitter disabled=no dst-host=sony server=hotspot1
add action=allow comment=twitter disabled=no dst-host=toshiba server=hotspot1
add action=allow comment=twitter disabled=no dst-host=canon server=hotspot1
add action=allow comment=twitter disabled=no dst-host=samsung server=hotspot1
add action=allow comment=twitter disabled=no dst-host=intel server=hotspot1
add action=allow comment=twitter disabled=no dst-host=apple server=hotspot1
add action=allow comment=“youtube images” disabled=no dst-host=ytimg server=hotspot1
add action=allow comment=dionwired disabled=no dst-host=youtu.be server=hotspot1
add action=allow comment=twitter disabled=no dst-host=google server=hotspot1
add action=allow comment=twitter disabled=no dst-host=img server=hotspot1
/ip hotspot walled-garden ip
add action=accept disabled=no server=hotspot1 src-address=64.13.232.144
add action=accept disabled=no dst-address=64.13.232.144 server=hotspot1
add action=accept disabled=no server=hotspot1 src-address=196.4.160.4
add action=accept disabled=no dst-address=196.4.160.4 server=hotspot1
add action=accept disabled=no server=hotspot1 src-address=66.102.13.101
add action=accept disabled=no dst-address=66.102.13.101 server=hotspot1
[admin@HydePark] >

/ip service
set telnet disabled=no port=23
set ftp disabled=no port=21
set www disabled=no port=80
set ssh disabled=no port=22
set www-ssl certificate=none disabled=yes port=443
set api disabled=yes port=8728
set winbox disabled=no port=8291

/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=“place hotspot rules here” disabled=yes
[admin@HydePark] >

Cool thanks a lot for your help

cieplik206 · November 18, 2011, 10:14pm

seem to be ok and same on both ,

Do you have any other equipment routers that are diffrent on both locations ? maybe they bloch access to www on RB

MrJingles46 · November 21, 2011, 11:23am

No , all the stores have the exact same setup with Hardware.

We did all the stores in one go , so we bought 13 sets of the exact same equipment , I did the first setup and it worked and then just copied everything across to all other boards.

it is very very strange.

I can winbox into every board no problem , its just the www that doesnt work from WAN!