Multi hotspot on same router

Hi ,

I have tree hotspot on same router with this config:

eth0 ->dhcp0->hotspot0 → 10.0.0.1/24 gw 10.0.0.1 dns 10.0.0.1
eth1 ->dhcp1->hotspot1 → 10.0.3.1/24 gw 10.0.3.1 dns 10.0.3.1
eth2 ->dhcp2->hotspot2 → 10.5.50.1/24 gw 10.5.50.1 dns 10.5.50.1

i set a static entry in dns , exit ->10.0.0.1 , so client can disconect digit exit ( they are forward to 10.0.0.1/status ).

This work only for hotspot0 , how i made this for work with all hotspot with same key ?

Any suggestions?

brasileottanta

Make a static DNS name like hotspot.local and map it to 10.1.0.1 and make sure clients can resolve that. Set the name and address of the hotspot in all hotspot profiles to that name and address.

Why 10.1.0.1 ?

Sorry, I was reading this on a phone right after getting up and apparently got fairly confused. Ignore all that, and just read this post.

The idea is to have an IP address that ALL Hotspots respond to.

First make an IP address that’s always up - either another physical interface, or a loopback interface (empty bridge). Then map your Hotspot name to that IP address. Then use that IP address and name for all three Hotspots (maybe adjust that final command below as it edits ALL Hotspot profiles, you may want to change the three relevant ones one by one manually).

/interface bridge
add name=loopback auto-mac=no mac-address=aa:bb:cc:dd:ee:ff
/ip address
add address=172.31.255.255/32 interface=bridge
/ip dns static
add name=hotspot.local address=172.31.255.255
/ip hotspot profile
set [find] hotspot-address=172.31.255.255 dns-name=hotspot.local

Now all users on all Hotspots can do status-y things and interact with the Hotspot servlets by going to ‘hotspot.local’ or 172.31.255.255.

I do this with Hotspots stacked on VLAN interfaces, and use the IP address/name of the physical interface for all VLAN Hotspot instances. Works a treat.

Thanks , work great !!!

a creative solution

Brasileottanta

I have other little prob :

i m connect on eth0 with 10.0.0.x/24 and want reach a host on eth1 without using a bridge.

Any suggestions ?

brasileottanta

You’re trying to reach a device behind eth1 with its proper IP address of 10.0.3.0/24 from a device behind eth0 with its proper IP address of 10.0.0.0/24?

That doesn’t require a bridge, that’s just routing. Both are directly connected networks, so the router will route between them.

If that isn’t working then the most likely causes are, in order:

• host firewalls on the hosts. Traffic is being routed just fine, but the hosts are dropping it. Windows Vista and 7 introduced the concept of zones where most traffic is only permitted from the local network. Check host firewalls
• hosts are misconfigured and aren’t using the router as the default gateway for return traffic. Check host routing tables, and that you can access the Internet
• the router firewall has been configured to drop the traffic - by default with factory settings it would permit it.

Yes , i do that.

I think that the 3th is the correct one. But i check inside firewall of RB1100 and the only rules are about hot-spot. Normally traffic thought lan’s is permitted and generally i had some rules to block them.

Also , i don’t ping from RB1100 hosts on lans. Only arp-ping work.

I check again rules in firewall.

thanks

brasileottanta

p.s. the host are CPE connected to AP

Do you have address pools configured on the Hotspot profiles, or the Hotspot user profiles? If so you’re poison ARPing the network. Change the address pools to ‘none’, and try again.

No , this is correct. No pools inside hot-spot . ( no universal access )

So , i ping some ip like 10.0.1.x/24 and 10.5.50.x/24 ( not all ) and on some ip i receive DUP packet !!! I made a netmask misconfiguration ?


thanks

brasileottanta

Sounds like a problem with the network behind the router, and not like a problem with the router.

I have this :

lan1 10.0.0.1/20
lan2 10.0.3.1/24
lan3 10.5.50.1/24
lan4 loop-back for hotspot 172.0.0.1/32
arp is enable on all


and tree PPPoE server ( one for lan )

internet → 192.2.0.32/24

inside firewall , only tree rules : srcnat with masquerate for all lan and PPPoE


The strange is that : from lan1 ping gw lan3 (10.5.50.1 ) , no ping from lan1 to gw lan2 ( 10.0.3.1) , ping from lan2 to gw lan1(10.0.0.1) and gw lan3(10.5.50.1) !!!

thanks

brasileottanta

Hi ,

pinging on all eth work only if clients are autorized from hot-spot .

brasileottanta

That’s expected. Unauthorized traffic is blocked until the client authenticates and is authorized.

Do you need LAN to LAN traffic to work even for unauthorized users? If so you can add walled garden IP rules to accept that traffic.

Of course , but also with insert ip in walled garden don’t work !!! This is the strange …


So , now i set other RB ( starting with a vanilla config ) with same configuration to test if the problem still again.


Thanks

brasileottanta

Hi ,

Problem solved

Add ip to IP Binding on hot-spot configuration and not in walled garden.

Thanks for all

brasileottanta

Hi!
This working fine
/interface bridge
add name=loopback auto-mac=no mac-address=aa:bb:cc:dd:ee:ff
/ip address
add address=172.31.255.255/32 interface=bridge
/ip dns static
add name=hotspot.local address=172.31.255.255
/ip hotspot profile
set [find] hotspot-address=172.31.255.255 dns-name=hotspot.local



But i`ve a problem is that it is nor working on windows xp at client end , mean to say login page is not open … please help