Community discussions

MikroTik App
  4. RouterOS
  5. General

Hotspot Login Redirect doesnt work when Routing Mark is active

Post Reply
 
User avatar
bammer
just joined
Topic Author
Posts: 4
Joined: Sun Jan 20, 2019 8:42 am
Location: México

Hotspot Login Redirect doesnt work when Routing Mark is active

Tue Oct 25, 2022 11:43 pm

Hello everyone!

I think it's a recurring problem, I've read other posts and it seems that no one has been able to solve it.

All the code works excellent in V6.49. But in V7.6 is where the problems start.

All the rest of the rules and functions work fine, but the problem is with the HOTSPOT.

I cannot automatically access the LOGIN window, or perhaps it does not redirect to access with the username and password. (LOGIN.HTML)

It only works if:

- I manually access the IP of the hotspot or DNS from the device's browser.
- I deactivate the ROUTING TABLE from ROUTE.

Does anyone know what it is due to, or is it a bug in V7.6.

Thanks for reading, greetings from Mexico!!!!

Code: Select all
/interface ethernet
set [ find default-name=ether1 ] name=ether1-ISP1Metrocarrier
set [ find default-name=ether2 ] name=ether2-ISP2Telmex
set [ find default-name=ether3 ] name=ether3-LAN_Admon
set [ find default-name=ether4 ] name=ether4-LAN_Hotspot
set [ find default-name=ether5 ] name=ether5-LAN_Dhcp


/ip hotspot profile
set [ find default=yes ] html-directory=hotspot
add dns-name=hs.hmi hotspot-address=10.0.15.253 html-directory=flash/hotspot \
    login-by=http-chap,http-pap name=HS_Profile_HMI rate-limit=200M/200M
/ip pool
add name=pool_local ranges=10.10.10.1-10.10.10.100
add name=pool_huespedes ranges=10.0.6.1-10.0.7.254
add name=pool_eventos ranges=10.0.12.1-10.0.13.254
add name=pool_guacamayas ranges=10.0.8.1-10.0.9.254
add name=pool_general ranges=10.0.0.1-10.0.5.254
add name=pool_admon ranges=10.0.14.5-10.0.14.254
add name=pool_elite ranges=10.0.10.1-10.0.10.254
add name=pool_it ranges=10.0.14.1-10.0.14.4
add name=pool_bindings ranges=10.0.11.1-10.0.11.254

/ip dhcp-server
add address-pool=pool_local authoritative=after-10sec-delay interface=\
    ether5-LAN_Dhcp name=DHCP_Local
add address-pool=pool_general interface=ether4-LAN_Hotspot name=DHCP_Hotspot

/ip hotspot
add address-pool=pool_general disabled=no idle-timeout=10m interface=\
    ether4-LAN_Hotspot name=HS_HMI profile=HS_Profile_HMI

/ip hotspot user profile
add address-pool=pool_huespedes keepalive-timeout=10h mac-cookie-timeout=1d \
    name=Perf_huespedes rate-limit=15M/15M shared-users=500
add address-pool=pool_guacamayas keepalive-timeout=4h mac-cookie-timeout=1d \
    name=Perf_guacamayas rate-limit=15M/15M shared-users=500
add address-pool=pool_admon !idle-timeout keepalive-timeout=4h \
    mac-cookie-timeout=1d name=Perf_admon rate-limit=15M/15M shared-users=200
add address-pool=pool_it keepalive-timeout=1h mac-cookie-timeout=1d name=\
    Perf_it shared-users=4
add address-pool=pool_elite keepalive-timeout=4h mac-cookie-timeout=1d name=\
    Perf_elite rate-limit=10M/10M shared-users=250
add address-pool=pool_eventos keepalive-timeout=4h mac-cookie-timeout=1d \
    name=Perf_eventos rate-limit=30M/30M shared-users=500

/routing table
add disabled=no fib name=LanAdmon-TO-Wan1
add disabled=no fib name=LanHotspot-TO-Wan2


/ip address
add address=10.10.10.253/24 interface=ether5-LAN_Dhcp network=10.10.10.0
add address=10.0.15.253/20 interface=ether4-LAN_Hotspot network=10.0.0.0
add address=1XX.XXX.XXX.XXX/21 interface=ether1-ISP1Metrocarrier network=\
    1XX.XXX.XXX.XXX
add address=192.168.1.253/23 interface=ether3-LAN_Admon network=192.168.0.0

/ip dhcp-client
add add-default-route=no interface=ether2-ISP2Telmex use-peer-dns=no


/ip dhcp-server network
add address=10.0.0.0/20 gateway=10.0.15.253
add address=10.10.10.0/24 gateway=10.10.10.253

/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4

/ip firewall address-list
add address=10.0.0.0/20 list="IP Hotspot"
add address=192.168.0.0/23 list="IP Admon"
add address=10.10.10.0/24 list="IP DHCP"
add address=10.10.10.0/24 list=DNS_Accept
add address=10.0.0.0/20 list=DNS_Accept
add address=192.168.0.0/23 list=DNS_Accept
add address=8.8.8.8 list=DNS_Accept
add address=8.8.4.4 list=DNS_Accept
add address=208.67.222.222 list=DNS_Accept
add address=208.67.220.220 list=DNS_Accept


/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
add action=accept chain=input comment="Established, Related" \
    connection-state=established,related
add action=accept chain=input comment="Accept Only Address List" \
    src-address-list="IP Admon"
add action=accept chain=input comment="Accept Only Address List" \
    src-address-list="IP Hotspot"
add action=accept chain=input comment="Accept Only Address List" \
    src-address-list="IP DHCP"
add action=accept chain=input comment="Accept PING" protocol=icmp
add action=drop chain=input comment="Drop invalid"
add action=accept chain=forward comment="Established, Related" \
    connection-state=established,related
add action=accept chain=forward comment="Accept Only Address List" \
    src-address-list="IP Admon"
add action=accept chain=forward comment="Accept Only Address List" \
    src-address-list="IP Hotspot"
add action=accept chain=forward comment="Accept Only Address List" \
    src-address-list="IP DHCP"
add action=drop chain=forward comment="Drop invalid" connection-state=invalid \
    log=yes log-prefix=invalid


/ip firewall mangle
add action=accept chain=prerouting comment="LANAdmon Reach Gateway" \
    dst-address=192.168.1.253 src-address-list="IP Admon"
add action=accept chain=prerouting comment="LANHotspotReach Gateway" \
    dst-address=10.0.15.253 src-address-list="IP Hotspot"
add action=accept chain=prerouting comment="LANHotspot Reach LANHotspot" \
    dst-address-list="IP Hotspot" src-address-list="IP Hotspot"
add action=accept chain=prerouting comment="LANAdmon Reach LANHotspot" \
    disabled=yes dst-address-list="IP Hotspot" src-address-list="IP Admon"
add action=accept chain=prerouting comment="LANHotspot Reach LANAdmon" \
    disabled=yes dst-address-list="IP Admon" src-address-list="IP Hotspot"
add action=mark-routing chain=prerouting comment="LANAdmon To WAN1" \
    new-routing-mark=LanAdmon-TO-Wan1 passthrough=yes src-address-list=\
    "IP Admon"
add action=mark-routing chain=prerouting comment="LANHotspot To WAN2" \
    new-routing-mark=LanHotspot-TO-Wan2 passthrough=yes src-address-list=\
    "IP Hotspot"


/ip firewall nat
add action=masquerade chain=srcnat comment="ISP1 Out Masquerade" \
    out-interface=ether1-ISP1Metrocarrier
add action=masquerade chain=srcnat comment="ISP2 Out Masquerade" \
    out-interface=ether2-ISP2Telmex



/ip hotspot user
add name=huesped profile=Perf_huespedes server=HS_HMI
add name=evento profile=Perf_eventos server=HS_HMI
add name=guacamayas profile=Perf_guacamayas server=HS_HMI
add name=admon profile=Perf_admon server=HS_HMI
add name=elite profile=Perf_elite server=HS_HMI
add name=it profile=Perf_it server=HS_HMI


/ip route
add check-gateway=ping comment="ISP2 Telmex" disabled=no distance=1 \
    dst-address=0.0.0.0/0 gateway=192.168.11.254 pref-src="" routing-table=\
    LanHotspot-TO-Wan2 scope=30 suppress-hw-offload=no target-scope=10
add check-gateway=ping comment="ISP1 Metrocarrier" disabled=no distance=1 \
    dst-address=0.0.0.0/0 gateway=1XX.XXX.XXX.XXX pref-src="" routing-table=\
    LanAdmon-TO-Wan1 suppress-hw-offload=no
add check-gateway=ping comment="ISP1 Metrocarrier" disabled=no distance=1 \
    dst-address=0.0.0.0/0 gateway=1XX.XXX.XXX.XXX pref-src="" routing-table=\
    main scope=30 suppress-hw-offload=no target-scope=10
add check-gateway=ping comment="ISP2 Telmex" disabled=no distance=1 \
    dst-address=0.0.0.0/0 gateway=192.168.11.254 pref-src="" routing-table=\
    main scope=30 suppress-hw-offload=no target-scope=10
Top
 
nikolas22t
just joined
Posts: 18
Joined: Thu Jan 12, 2012 1:03 pm

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Sat Oct 29, 2022 2:04 am

I have the same problem, I tried everything i couldn't fix the issue , if you mark the package the login page is not landing.
Top
 
User avatar
xaviernuma
newbie
Posts: 49
Joined: Tue Feb 16, 2016 11:27 am
Location: France

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Sat Oct 29, 2022 4:18 pm

Hi there,

I have the same problem, I need to mark the packets to route my different hotspots, it's an annoying problem... :(

Are the developers aware of the issue?

Michael
Top
 
mwhitaker
just joined
Posts: 2
Joined: Wed Aug 24, 2022 6:04 pm

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Tue Jan 17, 2023 5:45 pm

This also affects our organisation and we could really do with Mikrotik fixing it.

I do have a bit of a workaround.... whether it works for you really depends upon how important the route marking is....

If you add 'hotspot=auth' to the mangle rule it will only apply to clients that have successfully authenticated (and moved passed the captive portal screen). This means you can still route the bulk of the active user traffic in the way you want to, but the traffic to load the captive portal screen itself will have to go via default routes.
Code: Select all
/ip/firewall/mangle
add action=mark-routing chain=prerouting comment="LANHotspot To WAN2" new-routing-mark=LanHotspot-TO-Wan2 passthrough=yes src-address-list="IP Hotspot" hotspot=auth
Top
 
albaloops
just joined
Posts: 5
Joined: Thu Oct 27, 2016 9:26 am

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Fri Feb 17, 2023 9:49 pm

This also affects our organisation and we could really do with Mikrotik fixing it.

I do have a bit of a workaround.... whether it works for you really depends upon how important the route marking is....

If you add 'hotspot=auth' to the mangle rule it will only apply to clients that have successfully authenticated (and moved passed the captive portal screen). This means you can still route the bulk of the active user traffic in the way you want to, but the traffic to load the captive portal screen itself will have to go via default routes.
Code: Select all
/ip/firewall/mangle
add action=mark-routing chain=prerouting comment="LANHotspot To WAN2" new-routing-mark=LanHotspot-TO-Wan2 passthrough=yes src-address-list="IP Hotspot" hotspot=auth
This solution worked for me. But this is a version 7 bug.
Top
 
goodend
just joined
Posts: 1
Joined: Wed Mar 22, 2023 10:32 am

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Tue Mar 28, 2023 11:30 am

How to achieve after pcc load?
Top
 
agilee
just joined
Posts: 3
Joined: Wed Aug 23, 2023 4:26 pm

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Tue Oct 03, 2023 5:02 am

All I can say is that I'm on version 7.1.5 and everything works fine

The problem is magle's make connection
Once this line is present, the redirect in NAT will have no effect (redirect is used in hostspot)
The official reply to me is that there is currently no solution, and my opinion is that they don’t understand what I said.
Top
 
Mohammed7
just joined
Posts: 1
Joined: Wed Oct 04, 2023 3:36 am

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Wed Oct 04, 2023 3:41 am

If I return to this version 7.1.5, will the problem be solved?
Top
 
agilee
just joined
Posts: 3
Joined: Wed Aug 23, 2023 4:26 pm

Re: Hotspot Login Redirect doesnt work when Routing Mark is active

Wed Oct 04, 2023 2:54 pm

If I return to this version 7.1.5, will the problem be solved?
you can try it... i still use the version 7.1.5, and mulit wan & hotspot
Top
Post Reply
  4. RouterOS
  5. General