i have setup a Mikrotik Hotspot and it works fine.
To Solve the issue that ssl (443) requests are not redirect to the login-page, i have created a let's encrypt dns certificate and add this to the hotspot profile.
Now if a device is connected to the system, the login popup appaer.
But, if a user click on "use network without login" the device is still connected, if the user is now using any browser to open "google.com", the login page will not appaer.
Is there a solution to redirect the traffic for unauthorized devices to the login-page?
PS: if i use (ios) chrome instead safari, i get the error by opening https://google.com "ERR_SSL_PROTOCOL_ERROR"
if i use (android) duckduckgo/chrome browser i get ERR_CONNECTION_CLOSED, on Firefox it works every time (also in private mode)!
*if i enter google.de it works too, and the mikrotik is redirect the client to the https://hotspot.mytestdomain.com ... but google.com ebay.de are still not work.
Hope someone can help.
The hotspot config is default, i have only add the domain of the certificate to the DNS Name in the Hotspot profile and activate the certificate under Hotspot - Login SSL Certificate.
Code: Select all
[admin@hotspot] > /ip/hotspot/profile/print
Flags: * - default
0 * name="default" hotspot-address=0.0.0.0 dns-name="" html-directory=hotspot
html-directory-override="" install-hotspot-queue=no http-proxy=0.0.0.0:0
smtp-server=0.0.0.0 login-by=cookie,http-chap http-cookie-lifetime=3d
split-user-domain=no use-radius=no
1 name="hsprof1" hotspot-address=10.5.50.1
dns-name="hotspot.mytestdomain.com" html-directory=Responsive_Hotspot
html-directory-override="" install-hotspot-queue=no http-proxy=0.0.0.0:0
smtp-server=0.0.0.0 login-by=http-chap,https
ssl-certificate=fullchain.pem_0 split-user-domain=no use-radius=no
[admin@hotspot] > /ip/hotspot/print
Flags: S - HTTPS
Columns: NAME, INTERFACE, ADDRESS-POOL, PROFILE, IDLE-TIMEOUT
# NAME INTERFACE ADDRESS-POOL PROFILE IDLE-TIMEOUT
0 S hotspot1 ether4-hs-lan hs-pool-5 hsprof1 5m
