Oh, the humanity....

It works fine for a couple days, then the nightmare starts. "Why won't you take my money?" will be the first calls, usually starting around 9PM on Friday night. The hotspot will not allow users to go to any secure sites in the walled garden. That will go on for a few hours, then "I can't login!" calls start, and you will not even be finished explaining why they couldn't pay.

The only hack I found that worked was the IPs for the secure sites in "walled-garden ip" instead of the URLs for the secure sites in the "walled-garden". And even with that, there are bugs:

This is the walled-garden traffic over a 2 day period. This hotspot has taken a few dozen payments, according to Authorize.Net. Only this afternoon did any SSL traffic show up at all, and that was under the walled-garden ip entries. RB333/V3.11

[admin@HDMom] /ip hotspot walled-garden> pri
Flags: X - disabled, D - dynamic

SERVER METHOD DST-HOST DST-PORT PATH ACTION HITS

0 D ;;; secure.authorize.net
allow 0
1 D ;;; secure.authorize.net
allow 7
2 D ;;; verify.authorize.net
allow 3
3 X ;;; place hotspot rules here
allow 0
4 http://www.wififory... allow 694
5 secure.autho... allow 0
6 verify.autho... allow 0
[admin@HDMom] /ip hotspot walled-garden>

Note: entry 4 does not have the http:// in the entry. The forum software puts it there.

ADD: Here is a much more remote RB433/v3.10. It has taken about a dozen payments in the week this has been up:

[admin@hdroof] /ip hotspot walled-garden> pri
Flags: X - disabled, D - dynamic

SERVER METHOD DST-HOST DST-PORT PATH ACTION HITS

0 http://www.wififory... allow 175
1 secure.autho... allow 61
2 verify.autho... allow 35
[admin@hdroof] /ip hotspot walled-garden>

Note: Line 0 has no http://

The second one looks much cleaner, and a lot more accurate. Any way I can get that back in V3.12?