Community discussions

MikroTik App
 
oooscar
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 84
Joined: Sun Jan 05, 2014 12:56 pm
Location: Spain
Contact:

Hotspot bypass temporaly

Wed Mar 26, 2014 12:28 pm

Hi everyone !

I have a hotpost running throw wifi.
When someone attach to the wifi first time has to open navigator,
get redirected to the captive portal log in with user and password and then gets internet.

I'm working with cookies 3days.
But when someone gets disconnected and come back has to open the browser and navigate to
allow internet Access. (most of the time cookies Works and alogin apears)

I would like to know is there any possibility to allow a user that has been logged in to bypass
hotspot during x days afeter.

I mean tan second time attach to the wifi and gets internet without open any browser.

Thank's
 
airforce1
just joined
Posts: 20
Joined: Sun Dec 09, 2007 1:21 pm

Re: Hotspot bypass temporaly

Wed Mar 26, 2014 2:08 pm

On the user profile change the "Open status page option" to "HTTP Login"
 
oooscar
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 84
Joined: Sun Jan 05, 2014 12:56 pm
Location: Spain
Contact:

Re: Hotspot bypass temporaly

Wed Mar 26, 2014 2:19 pm

Hi,

thank's for the aswer....

I forgot to mention that i'm using Radius (DoloRadius) for users to Access.

This option you write may be only for mikrotik's users isn't it ?

Thank's a lot.
Oscar.
 
airforce1
just joined
Posts: 20
Joined: Sun Dec 09, 2007 1:21 pm

Re: Hotspot bypass temporaly

Wed Mar 26, 2014 2:46 pm

It should work for radius also, just make sure u enable it under the default user
 
oooscar
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 84
Joined: Sun Jan 05, 2014 12:56 pm
Location: Spain
Contact:

Re: Hotspot bypass temporaly

Wed Mar 26, 2014 4:42 pm

Is not working for me.
Test i've don.

1) Hotspot + No cookies + open status page=always
connect wifi (in ip->hotspot-> hosts: shows mac)
open browser-captive page-login (ip->hotspot-> active: shows mac)
disconnect wifi
in ip->hotspot-> hosts: desapear mac
ip->hotspot-> active: desapear mac
connect wifi (in ip->hotspot-> hosts: shows mac)
have to to active: open browser-captive page-login (ip->hotspot-> active: shows mac)

2) Hotspot + cookies 3h + open status page=always
connect wifi (in ip->hotspot-> hosts: shows mac)
open browser-captive page-login (ip->hotspot-> active: shows mac)
disconnect wifi
in ip->hotspot-> hosts: desapear mac
ip->hotspot-> active: desapear mac
connect wifi (in ip->hotspot-> hosts: shows mac)
have to to active: open browser-captive page-redirects to alogin page (ip->hotspot-> active: shows mac)

SAME with open status page=HTTP login

I would like not to make open browser again to logg in user. Just connect wifi (same day o 3 days cookies) and goes automatically ACTIVE.

Thank's
 
airforce1
just joined
Posts: 20
Joined: Sun Dec 09, 2007 1:21 pm

Re: Hotspot bypass temporaly

Sat Mar 29, 2014 3:28 am

Your config should be

Hotspot + cookies 3d + open status page=HTTP Login
 
nerdtron
Member Candidate
Member Candidate
Posts: 123
Joined: Sat Nov 30, 2013 7:49 am

Re: Hotspot bypass temporaly

Sat Mar 29, 2014 3:47 am

Make sure also that "keep-alive" on the user profile is set to 3 days. So that even when the user disconnects on wifi, it will take 3 days before he is removed on the active queue.
Of course, he will be logged out once he request log-out or when radius servers says that the user should be logged out.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 2954
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: Hotspot bypass temporaly

Sat Mar 29, 2014 12:07 pm

If you have RouterOS 6.0+

paste this on new terminal of hotspot (there is no need to be modified):
/ip hotspot
set [find] addresses-per-mac=2 idle-timeout=5m keepalive-timeout=5m
/ip hotspot profile
set [find] http-cookie-lifetime=3d login-by=mac-cookie,cookie,http-chap
/ip hotspot user profile
set [find] add-mac-cookie=yes mac-cookie-timeout=3d keepalive-timeout=2m status-autorefresh=1m idle-timeout=none session-timeout=0
The script activate the MAC cookie feature described here:
http://wiki.mikrotik.com/wiki/Manual:Ho ... MAC_Cookie
and also revert all the changes made on timing, for the tests made, and for set the right timing for MAC Cookie work correctly.

If I solved your problem, remember to add Karma, Thanks.
I'm Italian, not English. Sorry for my imperfect grammar.
 
oooscar
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 84
Joined: Sun Jan 05, 2014 12:56 pm
Location: Spain
Contact:

Re: Hotspot bypass temporaly

Sun Mar 30, 2014 3:02 pm

rextended Karma added !!
Thank's.
Works nice.

I add HTTPS because i'm working with certificates.

A couple of cuestions:
Why Works with both mac-cookies and cookies .. may only mac-cookes will be all right ?
Why addresses-per-mac=2 ?

one more:
diferences between idle-timeout and keepalive-timeout ?

Do you know that the livetime of the cookes is reset to the begining (3days) each time the router has power off ?

Thank's.
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 2954
Joined: Tue Feb 25, 2014 12:49 pm
Location: Capalbio, Tuscany, Italy

Re: Hotspot bypass temporaly

Sun Mar 30, 2014 4:05 pm

>>>Why Works with both mac-cookies and cookies .. may only mac-cookes will be all right ?
Yes.

>>>Why addresses-per-mac=2 ?
Because sometime the client can have fixed IP address (for example fixed address at work office) and the HotSpot transparently identifyng and translate this situation.
If you put =1 can not be able to work properly.

>>>diferences between idle-timeout and keepalive-timeout ?
remember: session-timeout must be 0 for mac-cookies to works!

idle-timeout:period of inactivity for UNAUTHENTICATED clients, after that time user is dropped from the HotSpot host list and its used address becomes available again.

keepalive-timeout: Value shows how long AUTHENTICATED host can stay out of reach, after that time the client is removed from the HotSpot active sessions (but the mac-cookies or normal cookies are not deteted!), and its used address becomes available again.

>>>Do you know that the livetime of the cookes is reset to the begining (3days) each time the router has power off ?
Everytime the machine reboot, all dynamic item disappear, like mac-cookies, address-list, etc.
I'm Italian, not English. Sorry for my imperfect grammar.

Who is online

Users browsing this forum: sid5632, vanishoxigen and 75 guests