hotspot got broken..
Posted: Thu Oct 12, 2023 11:27 am
Hi team, I have remote MT with hotspot setup (still in test phase) on AC2
It was created with SETUP wizard and worked pretty well (besides ratelimits). I have login with HTTP chap, cookie and trial
Yesterday I was reviewing documentation, and enabling additional features in order to test it later that day (while on site)
What I enabled (changed) :
on HOTSPOT :
on server profile :
additional login by http pap, https, mac cookie
selected letsencrypt certificate
on user profiles :
changed rate limits
added script on login >>> :log info "User $user logged in! $address"
added script on logout >>> :log info "User $user logged out! uptime $uptime-secs bytes in $bytes-in bytes out $bytes-out total $butes-total"
walled garded : added one URL
on MT generally :
- configured NTP server and client
- added hotspot logging >>> add topics=hotspot,debug
- interface bridge / vlan90 interface - arp is/was reply-only (enabled replied with MT MAC for non-existing arp requests)
And since then I pretty much can see hotspot not working.
client connects (mobile), gets IP address from hotspot dhcp pool, but does not detect existence of captive portal (no message/option to login)
Also I can't access hotspot URL if I wanted to access hotspot manually...
in logs I can constantly see :
QUESTIONS :
- why does client moves back and forth between vlan90 and vlan0. I don't have even vlan0 configured (I guess it's default somewhere..)
- I don't want to reset config on all MT (remote & serving internet currently) - how can I remake hotspot config - I guess removing the hotspot server will not remove firewall rules...
It was created with SETUP wizard and worked pretty well (besides ratelimits). I have login with HTTP chap, cookie and trial
Yesterday I was reviewing documentation, and enabling additional features in order to test it later that day (while on site)
What I enabled (changed) :
on HOTSPOT :
on server profile :
additional login by http pap, https, mac cookie
selected letsencrypt certificate
on user profiles :
changed rate limits
added script on login >>> :log info "User $user logged in! $address"
added script on logout >>> :log info "User $user logged out! uptime $uptime-secs bytes in $bytes-in bytes out $bytes-out total $butes-total"
walled garded : added one URL
on MT generally :
- configured NTP server and client
- added hotspot logging >>> add topics=hotspot,debug
- interface bridge / vlan90 interface - arp is/was reply-only (enabled replied with MT MAC for non-existing arp requests)
And since then I pretty much can see hotspot not working.
client connects (mobile), gets IP address from hotspot dhcp pool, but does not detect existence of captive portal (no message/option to login)
Also I can't access hotspot URL if I wanted to access hotspot manually...
in logs I can constantly see :
Code: Select all
10-11 19:52:17 hotspot,debug hotspot1: new host detected 0A:09:B4:C3:82:CE/10.1.90.189 by UDP :4777 -> 10.1.90.1:53
10-11 19:52:17 hotspot,debug hotspot1: dhcp host 0A:09:B4:C3:82:CE/10.1.90.189 added, ip 10.1.90.189
10-11 19:52:18 hotspot,debug hotspot1: dhcp host 10.1.90.189 moved to vlan id <90> from <0>
10-11 19:52:18 hotspot,debug hotspot1: dhcp host 10.1.90.189 moved to vlan id <0> from <90>
#last 2 lines repeats all the time- why does client moves back and forth between vlan90 and vlan0. I don't have even vlan0 configured (I guess it's default somewhere..)
- I don't want to reset config on all MT (remote & serving internet currently) - how can I remake hotspot config - I guess removing the hotspot server will not remove firewall rules...