Community discussions

MikroTik App
 
Syonyk
Member Candidate
Member Candidate
Topic Author
Posts: 109
Joined: Mon Feb 14, 2005 6:32 pm
Location: Coralville, IA
Contact:

Static IP'd devices behind a Hotspot interface

Thu Sep 08, 2005 8:45 pm

I'm sure I'm not the only person to have this problem, as I found some threads related to it, and there were no good solutions.

Our network has a Hotspot segment handling a number of users within an apartment complex. There are also quite a few managed switches handling this network segment (large complex). The users are handed routed public IP addresses, and the switches are given private 10.0.0.x IP addresses.

With the router having an IP address on the Hotspot interface of 10.0.0.2, it is unable to ping the switches. HOWEVER, if I connect to a switch from a system on the network segment, and use the Ping Test utility to send data outbound, it works, and then the router is able to ping the switch, and I can send data to the switch from outside the router.

The important step seems to be that sending data from the switch puts the switch in the Hotspot/Hosts list. Once it's in there, I can create a binding for it, set it to bypassed mode, and things work properly.

Unfortunately, I haven't been able to find a way to accomplish this without having each switch send data outbound. I would prefer to not have to send data from each switch in order to be able to contact it. Adding an item into the bindings doesn't add a Hotspot/Hosts entry, and I cannot contact the switch.

Is there a solution here?

-=Russ=-
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24709
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Fri Sep 09, 2005 10:42 am

First of all, hotspot must not translate ip addresses from 10.0.0.0/24 to
anything else. If address-pool is specified for hotspot server, it will
translate every host to ip from that pool. Following rule will avoid that:
/ip hotspot ip-binding add address=10.0.0.0/24 type=bypassed

Now, it should be possible to ping any ip from 10.0.0.x network. If IP will
respond, it will be added to host list. If ping is still failing all the
time, then something is wrong - arp requests are failing. In this case only
solution is to add complete ip-binding entry for each switch:
/ip hotspot ip-binding add mac-address=00:11:22:33:44:55 address=10.0.0.33
to-address=10.0.0.33 server=hs-local type=bypassed

If all fields are specified in ip-binding entry, static host entry will be
added immediately, without waiting for any packets from a host. And therefore
it will always be possible to access that host from outside network.
 
User avatar
timatics
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Mon Jan 17, 2005 11:50 pm
Location: Ames, Ia

Fri Sep 09, 2005 7:02 pm

Russ, if you are still having problems call ICS and talk to me.

Tim
 
User avatar
LatinSuD
Member Candidate
Member Candidate
Posts: 174
Joined: Wed Jun 29, 2005 1:05 pm
Location: Spain
Contact:

Thu Sep 15, 2005 11:03 pm

Actually there was also an issue with multi-addressed interfaces, arp and hotspot that i discovered today and... wow! today the released 2.9.2 that fixes it! Did you read my mind?
 
Syonyk
Member Candidate
Member Candidate
Topic Author
Posts: 109
Joined: Mon Feb 14, 2005 6:32 pm
Location: Coralville, IA
Contact:

Thu Sep 15, 2005 11:11 pm

Actually there was also an issue with multi-addressed interfaces, arp and hotspot that i discovered today and... wow! today the released 2.9.2 that fixes it! Did you read my mind?
Interesting. I'll try that tonight.

-=Russ=-
 
Syonyk
Member Candidate
Member Candidate
Topic Author
Posts: 109
Joined: Mon Feb 14, 2005 6:32 pm
Location: Coralville, IA
Contact:

Wed Sep 21, 2005 8:49 pm

2.9.2 did fix the issue, at least part of it. I can now ping the devices behind the router, but I still can't seem to actually connect to them - connections on port 80 just immediately close. So I'm thinking they're not HS-authenticated.

-=Russ=-

Who is online

Users browsing this forum: andkar, Bing [Bot], cobz, Google [Bot] and 89 guests