MikroTik

Hi,

I am trying to setup a Hotspot service to handle MAC authentication against a RADIUS server. Prior to this, I am handing out public IP addresses via DHCP. I'm a bit confused on how the DHCP server correlates to the Hotspot service.

I am not using any private IP addresses on DHCP or my hotspot. I have a DHCP server configured with a pool of public IP's. I then used the HotSpot Setup function and specified my public subnet as the "Local Address." and the public DHCP pool as the range of IP's.

I have several hosts on the "Hosts" tab (under Hotspot) that do not have DHCP leases on the DHCP Server. This is causing me to run out of IP's on my DHCP pool. Can someone clue me in on the proper way to handle DHCP and Hotspot services using public IPs? I would think that once a user authenticated to the HotSpot, they would just get a DHCP lease from the DHCP server?

Thanks.

So, it would appear that as a hotspot user, if I release my DHCP lease, and renew - I get a new lease from the MT, and I have to re-authenticate to my hotspot server. But, under the "hosts" tab of the Hotspot server, there is still an entry for my OLD ip address (before I renewed). This is eating up IP's. What is the proper way to handle this?

I think there is a timeout value somewhere that removes those IP addresses when they are no longer used.

Ok, after a bit more research I think I understand how the hotspot works now..

Typically, you would hand the customer a temporary IP address (with a very short lease time via DHCP). This is done with a DHCP server. Once the user authenticates, according to whatever "address pool" you assign the hotspot server, next time the client requests a DHCP lease, he will get a -real- IP from this pool.

My scenario is a bit different. I want to give the customer a public IP from the get-go (pre-authentication), and once the user is authenticated, I want the user to have the same public IP. It shouldn't change.

Therefore, I configured a DHCP server to hand out public IP's, and disabled the "address pool" (none) on the hotspot server. Things are working, but I am still seeing entries in the "hosts" tab of the Hotspot server that have multiple IP's - ie, the "Address" and "To Address" are two different public IP's from my DHCP pool. Why is this? The "Address" and "To Address" should be the same. I don't want the hotspot server attempting to do any weird 1:1 NAT or other trickery. I simply want the authenticated user to use the same IP/DHCP Lease that he had before he authenticated to the hotspot.

Ideas?

Thanks.

You will need to add 2 ip-binding rules to keep the multiple IPs from showing in the "Host" tab. One is to allow your IP range and the second to disallow all other IPs.

To allow your IP range: To block unwanted IPs: Be sure to keep the block rule at the bottom.