Okay the situation is that I have a normal setup with a strange outcome.

What I want to do is use MT routers as Hotspots. These hotspots will have two roles; one is a paid subscriber and the other is a free access paid for by advertisements. I want to use the trial user and HTTP-PAP/HTTPS authentication built into the MT OS.

So the advertisement system is external and works fine. It set on its own IP next to the gateway. When I setup the free trial user HS it works great and the advertisements off the proxy server do what they are supposed to do. I had to use skynoc's little firewall code. That worked excellent. The problem is how do I get it so that the authorized paid users don't go through the external proxy server?

As a note I have tried setting up two Hotspot profiles with different IP ranges, one range being the advertisement (10.5.50.x) range and one being the paid for range (10.5.100.x). This works fine except my paid users don't get automatically redirected to the HS Logon Page. Where my Free users do!!!

Thank you in advance!!
~prestN

Bump....

Wow is this that tough?

that would be impossible since you unconditionally redirect all tcp port 80 traffic to the proxy.
*DuH*

Ouch the Duh was a bit harsh, but I understand that...what about conditionally sending only certain IP ranges on port 80 to the proxy server and everyone else gets to bypass it?

it was unduly harsh. i apologize.

try adding the IP adresses you want to bypass the proxy to an address-list called (e.g. bypass-list).
then change the redirection rule to:
notice the
essentially meaning NOT in "bypass-list".

Was pretty much the ticket...I also created two pools to solve all this so that the src-address-list was always in the same range.

Thank you very much this works like a charm.

Can I set 2 different pools in the same VLAN?

I am trying to accomplish the same thing... just on a VLAN basis.