I'm experimenting with authenticating all of our users using the hotspot service and radius.
Our distribution points are all Mikrotik based and I would like to add hotspot functionality to all of them.
At the moment we are using the 3.30 firmware.
All of our customers use CPEs which are routers (most of which are Mikrotiks) and also use NAT, so that any customer PC, VoIP ATA etc. appears to the outside world as the same IP.
When trying to authenticate the CPEs on the hotspot using MAc addresses however, the hotspot somehow recognizes that the connection is coming from a different device. It also seems to authenticate incoming connections separately too.
I can opnly assume that this is something to do with the higher level protocols involved, but I'm not sure.
The reasons this is a problem are twofold:
1. I would like to assign an IP to customers automatically using radius. When different devices (and incoming connections) are attempted however, the hotspot tries to give the same IP to the newer authenticated connection and therefore removes it from the first. This causes constant breaks in the connection and I would assume only allows one device to work at a time!
2. It becomes impossible to control the number of times that a MAC address can logon!
I wonder if anyone else has come across this problem and if there are any answers?
The ideal situation would be for devices behind a NAT router to be treated exactly as if they were just one PC connected directly.
Does version 4 change this funcionality at all?
Thanks for any advice.