There appears to be a bug in the latest version of the Hotspot code. We are running multiple Hotspots on 3.0. We are also running numerous other hotspots on 3.11 - 3.30.
The problem is with communicating with devices behind the Hotspot that are bypassed with either the Walled Garden IP list or with IP address accept rules added to the firewall to bypass traffic through the hotspot router that is destined for devices behind the hotspot router.
In all cases, the bypass works flawlessly for an arbitrary amount of time, usually many days or weeks. Then at some point, seemingly without reason, the bypass simply stops working and we are unable to communicate with the device behind the firewall.
For instance, in this setup:
Network → Hotspot Router → Switch
We are able to ping the switch and even winbox or gain web access to the Switch for some time from the Network. Then after a number of days or weeks, we can no longer communicate from the Network to the Switch even though the IP of the Switch is in the Hotspot Walled Garden IP list and in firewall “accept” rules. In all situations when this occurs, if we reboot the Hotspot router, communication to the Switch is restored for some time until the condition develops again in the same manner.
We have experienced this issue for several years on numerous hotspot setups. We’ve tried writing individual firewall rules to completely bypass the hotspot in both directions, we’ve tried changing the hotspot configuration, etc and nothing we’ve tried has solved the problem.
Because of the fact that it works for so long before it stops working and then a simple reboot fixes the problem every time, I can only conclude that there is some kind bug in the system.
Can we get this fixed?