Community discussions

MikroTik App
 
peng
just joined
Topic Author
Posts: 1
Joined: Sat Oct 17, 2020 2:33 am

Hotspot2.0 configuration

Sat Oct 17, 2020 2:54 am

Hello!
I'm trying to configure Hospot 2.0 using a Mikrotik cAP ac. I started yesterday and I don't have any prior experience with any Mikrotik devices.
So far I was able to configure a internetworking profile under <interfaces wireless internetworking profiles> hierarchy. In this profile I have mentioned valid and tested values for:
- Realms
- Roaming-ois
- WAN Metrics
Note: I've used these values to successfully test Hotspot 2.0 for multiple vendors and since I'm configuring Hotspot 2.0 Network Deployment using Non-cellular Network Credentials for Authentication only these values are required.
After this I applied this profile to my SSID interface using the command <set 0 internetworking-profiles=<Profile_Name>

Here's my question:
- For my setup to work I wish to tie a Radius server to my SSID so it uses this Radius for authentication. I don't see how I can change the SSID security settings to use WPA2-Enterprise and add my Radius to this SSID.
- Do I need to setup a security profile? My end device (cellphone) will have a Certificate installed from the provider, once the device picks up a Hotspot 2.0 enabled SSID it automatically should connect to this SSID using the certificate profile. For this to happen should I configuring anything else for Mikrotik?
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: Hotspot2.0 configuration

Sun Oct 10, 2021 12:18 am

There is more info and an exemple now in : https://help.mikrotik.com/docs/display/ ... g+Profiles.

Now we have a Winbox (GUI) interface for this as well.

Is Hotspot 2.0 useful for a multi-AP private network ???? Roaming? Single sign-on for a hotspot (MT or other private hotspot) ?
Still trying to implement this (without using Forigate or Watchguard), as many Radius parameters apply to a portal only: https://www.watchguard.com/help/docs/he ... about.html

EDIT: Just found another one that automatically maps the WPA/Enterprise EAP/PEAP/MSCHAPv2 login to the portal login. If you study how thay do it, maybe there is some ROS script that does the same and creates either the needed MAC user, or the MAC Cookie in the portal. Has nothing to do with Hotspot 2.0 functionality, so this is under the wrong initial post.
https://www.websense.com/content/suppor ... _agent.pdf

Who is online

Users browsing this forum: Cloudtechiq [Bot] and 34 guests