Community discussions

MikroTik App
  4. RouterOS
  5. General

HOTSPOT login page does not open.

Post Reply
 
MatiasMM
just joined
Topic Author
Posts: 6
Joined: Sat Apr 24, 2021 4:54 pm

HOTSPOT login page does not open.

Sun Apr 25, 2021 4:35 pm

Hi!
I have a hotspot and I can't get the home page to open automatically on any device.
I have created a hundred times, changed the firewall rules and I can not find the problem, so I turn to you. The hotspot and everything works fine if the user opens a browser and enters the DNS manually or the IP.
I copy the mikrotik rb configuration to see if someone can tell me where I am going wrong.

Know to understand that I am not an expert,

Thanks

# apr/23/2021 13:46:27 by RouterOS 6.48.2
# software id = RIGJ-USL2
#
# model = RouterBOARD 3011UiAS
# serial number = B88F0A72926F

/interface bridge
add arp=proxy-arp name=bridge_LAN protocol-mode=none

/interface ethernet
set [ find default-name=ether1 ] comment="40" name=ISP1
set [ find default-name=ether2 ] comment="20" name=ISP2
set [ find default-name=ether3 ] comment="ss" name=ISP3
set [ find default-name=ether4 ] comment=""
set [ find default-name=ether5 ] comment=""
set [ find default-name=ether6 ] comment=""
set [ find default-name=ether7 ] comment=""
set [ find default-name=ether8 ] comment=""
set [ find default-name=ether9 ] comment=""
set [ find default-name=ether10 ] comment=""
set [ find default-name=sfp1 ] disabled=yes

/interface pppoe-client
add disabled=no interface=ISP1 name="internet" password=xxxx \
user=xxxx

/interface vlan
add interface=bridge_LAN name=vlan_Alumnos vlan-id=101
add interface=bridge_LAN name=vlan_Maestros vlan-id=100

/interface list
add name=WAN
add name=LAN

/ip hotspot profile
add dns-name=acceso..com hotspot-address=10.10.40.1 login-by=\
http-chap,trial name=hsprof1

/ip pool
add name=pool_LAN ranges=172.16.100.40-172.16.100.254
add name=pool_Maestros ranges=10.50.0.5-10.50.0.254
add name=pool_Alumnos ranges=10.10.40.5-10.10.47.254
add name=pool_VPN ranges=172.16.100.5-172.16.100.9

/ip dhcp-server
add address-pool=pool_LAN disabled=no interface=bridge_LAN lease-time=30m \
name=dhcp_LAN
add address-pool=pool_Maestros disabled=no interface=vlan_Maestros \
lease-time=4h name=dhcp_Maestros
add address-pool=pool_Alumnos disabled=no interface=vlan_Alumnos name=\
dhcp_Alumnos

/ip hotspot
add address-pool=pool_Alumnos addresses-per-mac=1 disabled=no interface=\
vlan_Alumnos name=hotspot_Upsala profile=hsprof1

/ip hotspot user profile
set [ find default=yes ] address-pool=pool_Alumnos rate-limit=2M/2M \
shared-users=50
add address-pool=pool_Alumnos name="Full Acceso" shared-users=30
add address-pool=pool_Alumnos name=Alumnos rate-limit=20M/20M shared-users=\
250
add address-pool=pool_Alumnos name=Personal rate-limit=5M/5M shared-users=25

/ppp profile
add dns-server=172.16.100.1 interface-list=LAN local-address=172.16.100.1 \
name=profile_VPN remote-address=pool_VPN use-compression=yes \
use-encryption=yes

/interface bridge port
add bridge=bridge_LAN interface=ether4
add bridge=bridge_LAN interface=ether5
add bridge=bridge_LAN interface=ether6
add bridge=bridge_LAN interface=ether7
add bridge=bridge_LAN interface=ether8
add bridge=bridge_LAN interface=ether9
add bridge=bridge_LAN interface=ether10
add bridge=bridge_LAN interface=vlan_Alumnos
add bridge=bridge_LAN interface=vlan_Maestros

/interface bridge settings
set use-ip-firewall=yes

/ip neighbor discovery-settings
set discover-interface-list=LAN

/interface l2tp-server server
set authentication=mschap2 enabled=yes ipsec-secret=xxxxx \
one-session-per-host=yes use-ipsec=required

/interface list member
add disabled=yes interface=ISP1 list=WAN
add interface=ISP2 list=WAN
add interface=ISP3 list=WAN
add interface=bridge_LAN list=LAN
add interface="internet" list=WAN
add interface=vlan_Alumnos list=LAN
add interface=vlan_Maestros list=LAN

/ip address
add address=172.16.100.1/24 interface=bridge_LAN network=172.16.100.0
add address=192.168.100.2/24 interface=ISP2 network=192.168.100.0
add address=10.10.40.1/21 interface=vlan_Alumnos network=10.10.40.0
add address=10.50.0.1/24 interface=vlan_Maestros network=10.50.0.0

/ip dhcp-client
add add-default-route=no disabled=no interface=ISP3 use-peer-dns=no
add add-default-route=no interface=ISP2 use-peer-dns=no

/ip dhcp-server network
add address=10.10.40.0/21 comment="hotspot network" dns-server=\
172.16.100.1,8.8.8.8 gateway=10.10.40.1
add address=10.50.0.0/24 gateway=10.50.0.1
add address=172.16.100.0/24 gateway=172.16.100.1

/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=input comment="E y R x Facu 23-03-2021" \
connection-state=established,related
add action=accept chain=forward comment="Zoom y Meet x Facu 23-03-2021" \
src-address-list=Zoom
add action=accept chain=forward comment="E y R x Facu 23-03-2021" \
connection-state=established,related
add action=accept chain=input comment="Acepto VPN" dst-port="" protocol=udp \
src-port=1701,500,4500
add action=accept chain=input protocol=ipsec-esp
add action=accept chain=forward disabled=yes dst-address-list=Directivos \
src-address-list=Directivos
add action=add-src-to-address-list address-list=Syn_Flooder \
address-list-timeout=30m chain=input comment=\
"Add Syn Flood IP to the list" connection-limit=30,32 protocol=tcp \
tcp-flags=syn
add action=drop chain=input comment="Drop to syn flood list" \
src-address-list=Syn_Flooder
add action=jump chain=forward comment="Jump for icmp forward flow" \
jump-target=ICMP protocol=icmp
add action=add-src-to-address-list address-list=Port_Scanner \
address-list-timeout=1w chain=input comment="Port Scanner Detect" \
protocol=tcp psd=21,3s,3,1
add action=drop chain=input comment="Drop to port scan list" \
src-address-list=Port_Scanner
add action=jump chain=input comment="Jump for icmp input flow" jump-target=\
ICMP protocol=icmp
add action=drop chain=forward comment="Drop to bogon list " dst-address-list=\
bogons
add action=add-src-to-address-list address-list=spammers \
address-list-timeout=3h chain=forward comment=\
"Add Spammers to the list for 3 hours" connection-limit=30,32 dst-port=\
25,587 limit=30/1m,0:packet protocol=tcp
add action=drop chain=forward comment="Avoid spammers action" dst-port=25,587 \
protocol=tcp src-address-list=spammers
add action=accept chain=input comment="Accept DNS - UDP" port=53 protocol=udp
add action=accept chain=input comment="Accept DNS - TCP" port=53 protocol=tcp
add action=accept chain=input comment="Accept to established connections" \
connection-state=established
add action=accept chain=input comment="Accept to related connections" \
connection-state=related
add action=accept chain=ICMP comment=\
"Echo request - Avoiding Ping Flood, adjust the limit as needed" \
icmp-options=8:0 limit=2,5:packet protocol=icmp
add action=accept chain=ICMP comment="Echo reply" icmp-options=0:0 protocol=\
icmp
add action=accept chain=ICMP comment="Time Exceeded" icmp-options=11:0 \
protocol=icmp
add action=accept chain=ICMP comment="Destination unreachable" icmp-options=\
3:0-1 protocol=icmp
add action=accept chain=ICMP comment=PMTUD icmp-options=3:4 protocol=icmp
add action=drop chain=ICMP comment="Drop to the other ICMPs " protocol=icmp
add action=jump chain=output comment="Jump for icmp output" jump-target=ICMP \
protocol=icmp
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward comment="BLOQUEO de torrents" \
layer7-protocol=Bittorrent-exp src-address=172.16.100.0/24 \
src-address-list=!allow-bit
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward layer7-protocol=Bittorrent-exp \
src-address=10.50.0.0/24 src-address-list=!allow-bit
add action=add-src-to-address-list address-list=Torrent-Conn \
address-list-timeout=2m chain=forward layer7-protocol=Bittorrent-exp \
src-address=10.10.40.0/21 src-address-list=!allow-bit
add action=drop chain=forward dst-port=\
!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=tcp \
src-address-list=Torrent-Conn
add action=drop chain=forward dst-port=\
!0-1024,8291,5900,5800,3389,14147,5222,59905 protocol=udp \
src-address-list=Torrent-Conn

/ip firewall mangle
add action=accept chain=prerouting comment=\
"PCC Accept WAN - ISP1, ISP2 y ISP3" dst-address=xxx.x.xxx.xx
add action=accept chain=prerouting dst-address=xxx.xxx.xxx.x/24
add action=accept chain=prerouting dst-address=xxx.xx.x.x./24
add action=mark-connection chain=prerouting comment=\
" BALANCEO PCC - MARCAS Entrantes ISP1, 2 y 3" connection-mark=no-mark \
in-interface="pppoe-internet" new-connection-mark=PCC_isp1_conn \
passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=ISP2 new-connection-mark=PCC_isp2_conn passthrough=yes
add action=mark-connection chain=prerouting connection-mark=no-mark \
in-interface=ISP3 new-connection-mark=PCC_isp3_conn passthrough=yes
add action=mark-connection chain=prerouting comment=\
"BALANCEO PCC - 50% ISP1 25% ISP2 25% ISP3" connection-mark=no-mark \
dst-address-list=!Impresora dst-address-type=!local in-interface-list=LAN \
new-connection-mark=PCC_isp1_conn passthrough=yes \
per-connection-classifier=both-addresses:4/0 src-address-list=!Impresora
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-list=!Impresora dst-address-type=!local in-interface-list=LAN \
new-connection-mark=PCC_isp1_conn passthrough=yes \
per-connection-classifier=both-addresses:4/1 src-address-list=!Impresora
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-list=!Impresora dst-address-type=!local in-interface-list=LAN \
new-connection-mark=PCC_isp2_conn passthrough=yes \
per-connection-classifier=both-addresses:4/2 src-address-list=!Impresora
add action=mark-connection chain=prerouting connection-mark=no-mark \
dst-address-list=!Impresora dst-address-type=!local in-interface-list=LAN \
new-connection-mark=PCC_isp3_conn passthrough=yes \
per-connection-classifier=both-addresses:4/3 src-address-list=!Impresora
add action=mark-routing chain=prerouting comment="BALANCEO PCC - Marcado del B\
alanceo 50% ISP1 40% ISP2 10% ISP3 VIA LAN_BRIDGE" connection-mark=\
PCC_isp1_conn in-interface-list=LAN new-routing-mark=PCC_to_isp1 \
passthrough=yes
add action=mark-routing chain=prerouting connection-mark=PCC_isp2_conn \
in-interface-list=LAN new-routing-mark=PCC_to_isp2 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=PCC_isp3_conn \
in-interface-list=LAN new-routing-mark=PCC_to_isp3 passthrough=yes
add action=mark-routing chain=output comment=\
"BALANCEO PCC - Salidas ISP 1, 2 y 3 LAN" connection-mark=PCC_isp1_conn \
new-routing-mark=PCC_to_isp1 passthrough=yes
add action=mark-routing chain=output connection-mark=PCC_isp2_conn \
new-routing-mark=PCC_to_isp2 passthrough=yes
add action=mark-routing chain=output connection-mark=PCC_isp3_conn \
new-routing-mark=PCC_to_isp3 passthrough=yes
add action=mark-connection chain=input comment=\
"BALANCEO CARGA ECMP - Marcado de paquetes" disabled=yes in-interface=\
"pppoe-Cotecal 40" new-connection-mark=isp1_ECMP passthrough=yes
add action=mark-connection chain=input disabled=yes in-interface=ISP2 \
new-connection-mark=isp2_ECMP passthrough=yes
add action=mark-connection chain=input disabled=yes in-interface=ISP3 \
new-connection-mark=isp3_ECMP passthrough=yes
add action=mark-routing chain=output connection-mark=isp1_ECMP disabled=yes \
new-routing-mark=to_isp1_ECMP passthrough=yes
add action=mark-routing chain=output connection-mark=isp2_ECMP disabled=yes \
new-routing-mark=to_isp2_ECMP passthrough=yes
add action=mark-routing chain=output connection-mark=isp3_ECMP disabled=yes \
new-routing-mark=to_isp3_ECMP passthrough=yes

/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="Masquerade WAN -" \
out-interface-list=WAN
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
out-interface-list=WAN src-address=10.10.40.0/21

/ip hotspot user
add name=admin password=291215 profile="Full Acceso"
add name=maestros password=educar2021 profile="Full Acceso"
add name=upsala password=colegio2021 profile=Alumnos
add name=personal password=123456789 profile=Personal

/ip route
add check-gateway=ping comment="BALANCEO PCC - RUTAS" distance=1 gateway=\
10.10.10.10 routing-mark=PCC_to_isp1
add check-gateway=ping distance=1 gateway=xxx.xxx.xxx.x routing-mark=\
PCC_to_isp2
add check-gateway=ping comment="RUTA 40x40" distance=1 gateway=\
xx.xx.xx.xx
add check-gateway=ping comment="RUTAS 20X20" distance=2 gateway=\
xxx.xx.x.x
add check-gateway=ping comment="RUTAS 20X4" distance=3 gateway=\
xxx.xxx.xxx.x

/ppp secret
add name=VPN_Upsala password="password\$#" profile=profile_VPN routes=\
"172.16.100.0/24 0.0.0.0 1" service=l2tp
Top
 
MatiasMM
just joined
Topic Author
Posts: 6
Joined: Sat Apr 24, 2021 4:54 pm

Re: HOTSPOT login page does not open.

Wed Apr 28, 2021 2:56 pm

Please any news, thank you
Top
Post Reply

Who is online

Users browsing this forum: Bing [Bot], BoraHorza, Google [Bot], seriosha and 56 guests
  4. RouterOS
  5. General