wireguard vpn + hotspot captive portal issue

RouterOS General
1

Hello, I don’t know much about computer networks, so please bear with me. I just followed some videos on the net.

I use a hap ax3 router. I configured a hotspot and everything worked fine.

Then I set up a VPN on the router (wireguard protocol) to protect my connection on the net.

But the problem is, when the VPN is active, the hotspot loging page (captive portal) is no longer displayed automatically.

Can someone please help me?

2

To be clear.
What is the purpose of wireguard in this setup.

For you as admin to reach the router while away from the main site?
Something else??

3

4

The purpose of wireguard vpn in this setup is to be safe in internet like torrenting, streaming… because you will never know the usage of other users

5

Got it, you host a bunch of users that you would like to push out the internet at some other location via Wireguard.
Are these hotspot users on their own subnet?
Can you separate your home or private use on a different subnet or would like to

Do you want the ability to use wireguard to reach your router remotely for config purposes?

Please post config to see what we are dealing with
/export file=anynameyouwish (minus router serial number, any public WANIP info, keys etc..)

6
  1. To my knowledge, the hotspot users is on their own subnet because i have created a bridge for them. So i think i have already separate my home/private use on a different subnet.
  2. I have already installed the mobile app Mikrotik VPN - Back to home to access my router remotely before i installed Wireguard (nordVPN).
  3. Please view in attached the config files that you asked. I tried to hide and delete some information. I don’t know if it correspond of your request.
    config - modif.rsc (7.29 KB)
7
  1. Only need one bridge. Using multiple bridges may seem like an easy go to but its not recommended. Use VLANs and vlan-filtering.
  2. Add a safe port to continue config for vlans from a port NOT connected to the bridge.
    We give it an IP address 192.168.55.1/30. Plug your PC into port 5, give your PC ipv4 settings of 192.168.55.2 and you should be good to go to start configuring.
    Ensure first that port is an interface member on the LAN list.
  3. Avoid /bridge filters as these are advanced settings
  4. Recommend nordvpn address be 10.5.0.2/24 ( not /16)
  5. ARE these nordvpn supplied DNS addresses ==??? → 103.86.96.100,103.86.99.100 ???

It would appear that you want ALL users, not just one subnet, to go out nordvpn at all times.
What happens if nordvpn goes down for some reason what is your plan for that possibility…