i am on a campground that provides public wifi access. When i connect using a windows or linux machine i connect to the open wifi (no networkkey etc). The first time i open my browser i will be redirectetd to page where i can buy access on a hourly, daily or monthly basis. I am given an username and a password which i must use to login to the network. It says that i am allowed two devices, but not at the sime time.
Now i would like connect my microtik router to that hotspot and use it as my gateway to the internet.
in the appendix is a screenshot of my scan. I try to connect to CHM OLTRA.
I thought that a connection using EAP with given username and password should do the job, but no. I can connect to the network, but no traffic goes through.
Do i miss here something or do i use the wrong method?
Any hints would be very much appreciated
Only guessing, you’ll have to verify yourself: when you register for access, their system adds your currently used device as allowed device (its MAC address probably). When you want to use another device, you probably have to go to some login page and after entering username and password (obtained during registration / purchase on the first device) the system allows the second device (probably registering the second MAC address).
You can verify if my theory is correct by connecting another interactive device … like a phone or something.
Now, using MT wifi AP as second device is a bit complicated because ROS doesn’t provide any mechanism to enter username and password via some custom captive portal. It might be possible to do it if you use ROS device as NAT device (because for obvious reasons you want to hide the fact multiple devices will actually be using same wireless connection) and then use interactive device to manually connect to captive portal to enter username and password. ANd for that you’ll have to know IP address of captive portal … you most probably landed on it when first connecting your initial device (which you used to register and purchase access).
Again, I’m only guessing here, only site network admin’s imagination is limiting all the possibilities of how to implement such things.
I would say this is a typical spoofing activity. The first registration you do locks in your mac address.
So whatever you login next has to spoof the mac address of the first device and then you will be golden.
Since you cannot login with a router, you login with a computer behind the router.
The router will present its mac address to the login device and this is what you need to modify/mimic the original device used to login be it a smartphone etc…
Yes that is certainly true.
The first part in your reply is exactly as you have desribed. That works well when switisch from my notebook to my smartphone. No problems here.
Since traffic going through that interfase is indeed NATed and Masueraded i would have thought, that once you connect with a notebook/browser on “my” side of the router, you would be redirected to that said login page, but obviously there is no traffic going through.
So it is probaly simpler to continue using my Samrtphone as a tethering device and connect my MT to it. That works perfectly. Thanks anyhow.
If you are using your MT as a CPE NAT/router and you are getting an IP, Netmask and Gateway from the AP but you can’t get the initial login page I have found that if you make your first URL request to an unencrypted website (http) rather than an encrypted website (https) you may get the login page.