Hello!
In a hotspot when the gateway sends a packet to a client in hotspot (not logged in yet) we are talking about srcnat right?
Where the src.Address is the gateway address and the dst.Address the local ip of the client correct?
Also when the client (same state as above) sends a packet to the gateway (e.x. i press a button with a link in the captive portal) it’s also srcnat, but src.Add and dst.Add is the other way around.
Is that right?
Mikrotik Wiki explains it very nice…
Network Address Translation is an Internet standard that allows hosts on local area networks to use one set of IP addresses for internal communications and another set of IP addresses for external communications. A LAN that uses NAT is referred as natted network. For NAT to function, there should be a NAT gateway in each natted network. The NAT gateway (NAT router) performs IP address rewriting on the way a packet travel from/to LAN.
There are two types of NAT:
source NAT or srcnat. This type of NAT is performed on packets that are originated from a natted network. A NAT router replaces the private source address of an IP packet with a new public IP address as it travels through the router. A reverse operation is applied to the reply packets travelling in the other direction.
destination NAT or dstnat. This type of NAT is performed on packets that are destined to the natted network. It is most comonly used to make hosts on a private network to be acceesible from the Internet. A NAT router performing dstnat replaces the destination IP address of an IP packet as it travel through the router towards a private network.
Thanks for the reply, although i think it took you more time to search and copy-paste from wiki than to actually answer my question.
A yes or no would be better since i’ve already read the wiki about NAT.
Well if you were literate you wouldnt have needed to post at all. See how easy it is to be pompous and critical.
In other words, appreciate that the person took the time to answer your question and dont be snotty about it.
I think the way his post started was critical
“Mikrotik Wiki explains it very nice…”
Also i posted this in the Beginner Basics.
In any case to get to your question, admittedly its not easy to understand.
Why would a gateway send unsolicited traffic to someone not logged in?
You have to describe the scenario more fully, at least for me as I am also a beginner.
In fact, until the user has logged into the local system (wired or wireless) there would be no access provided to a gateway to access internet usage?
Hopefully you see my point. There is something missing in the explanation or my understanding of how hot spot works.
Oh, I am very sorry, won’t happen’ again !
So, the answer is NO!
Since the user has an ip from the hotspot LAN even if he hasn’t internet services yet while he interacts with the captive portal
e.x. press a button that redirects to another local html file stored in a directory in mikrotik
I see that there is package transmission. I was thinking of marking it or NATTING it somehow.
The thing is that i want the user while on captive portal to be able to press a button that opens up his camera.
The code seems correct cause when i open it via browser it works.
I think the captive portal prevents it and was looking for a workaround..
Its like pulling teeth. What has a camera got do with anything.
what you need to do is state your requirements more clearly and thoroughly
Thanks for the effort ! I ll try again!
WAN ETHER 2 DHCP CLIENT 192.168.80.1
LAN HOTSPOT 192.168.5.20-200
GATEWAY 192.168.5.1
The concept.
User connects to hotspot see login page press
“scan my table” (and his camera opens in order to scan QR code ) thats exactly the problem. The camera doesn’t open while the user is in captive portal.
If the user types in his browser 192.168.5.1/login
He can view the login page and pressing the button opens his camera.