Do the wireless users get to the hotspot auth page, and do they auth successfully? Or do they never get to the auth page?We're seeing a problem with users of "newer" PC operating systems - mostly Macbook Pro and Windows7.
Our APs at the location in question are open APs operating as bridges.
Users with these devices can connect to the hard-wired ethernet, and authenticate / surf without any issues.
If these users connect to any of the wireless APs, however, they get IP addresses and show up in the hotstpot > hosts list, as well as DHCP leases, etc.
When they try to use the web browser, it simply times out and gives a "page cannot be displayed" error.
Has anyone else experienced anything similar to this behavior? Windows XP, and older Mac's have no trouble using the service.
Mikrotik is a RB1000 running v4.17
And i though that i'm the only one...This is a real head scratcher. (I'll post the solution if I find one)
almost... but if i disable the hotspot, everything is ok.Almost sounds like an MTU problem.
The trick is to do the following:
/ip hotspot profile set hsprof1 dns-name=""
/ip hotspot walled-garden
add action=allow comment="" disabled=no dst-host=www.apple.com path=/library/test/success.html
For some reason the iPhone and iPad won't resolve the dns-name of the hot spot properly, so don't set it and it will use the IP instead.
The next trick is to allow http://www.apple.com/library/test/success.html in the walled-garden. If IOS can't see that URL, it pops up the annoying login screen. The user can then go run a browser on the device and will be presented with the hotspot login screen.
This is of course a workaround. The proper way to do it is to figure out what the little login popup screen wants to see as a signal that the user was authenticated, but I haven't been able to figure that one out yet.
/interface wireless set 0 adaptive-noise-immunity=none allow-sharedkey=no antenna-gain=17 \ antenna-mode=ant-a area="" arp=enabled band=2ghz-b/g basic-rates-a/g=\ 6Mbps basic-rates-b=1Mbps bridge-mode=disabled burst-time=disabled \ channel-width=20mhz compression=no country="south africa" \ default-ap-tx-limit=0 default-authentication=yes default-client-tx-limit=\ 0 default-forwarding=yes dfs-mode=none disable-running-check=no disabled=\ no disconnect-timeout=3s distance=dynamic frame-lifetime=0 frequency=2417 \ frequency-mode=manual-txpower frequency-offset=0 hide-ssid=no \ hw-fragmentation-threshold=disabled hw-protection-mode=none \ hw-protection-threshold=0 hw-retries=7 l2mtu=2290 mac-address=\ 00:0C:42:62:52:CC max-station-count=2007 mode=ap-bridge mtu=1500 \ multicast-helper=default name=wlan1 noise-floor-threshold=default \ nv2-cell-radius=30 nv2-noise-floor-offset=default nv2-preshared-key="" \ nv2-qos=default nv2-queue-count=2 nv2-security=disabled \ on-fail-retry-time=100ms periodic-calibration=default \ periodic-calibration-interval=60 preamble-mode=both \ proprietary-extensions=post-2.9.25 radio-name=000C426252CC \ rate-selection=advanced rate-set=default scan-list=default \ security-profile=default ssid="my hotspot" \ station-bridge-clone-mac=00:00:00:00:00:00 supported-rates-a/g=\ 6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\ 1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \ update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\ none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \ wireless-protocol=unspecified wmm-support=disabled /ip hotspot profile set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\ hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\ cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \ split-user-domain=no use-radius=no add dns-name=hotspot.info hotspot-address=10.5.50.1 html-directory=hotspot \ http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=cookie,http-chap \ name=hsprof2 nas-port-type=wireless-802.11 radius-accounting=yes \ radius-default-domain="" radius-interim-update=received \ radius-location-id="" radius-location-name="" radius-mac-format=\ XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 split-user-domain=no \ use-radius=yes /ip hotspot user profile set [ find default=yes ] idle-timeout=none keepalive-timeout=2m name=default \ shared-users=1 status-autorefresh=1m transparent-proxy=no
I kinda solve it ( i mean, i didn't see it in a few months now)
what was changed:
- added hotspot name (users auth at hotspot.local)
- hotspot radius
- cookies synchronized (1d hotspot/dhcp)