I setup a wireless hotspot for free wifi, all with mikrotik routerboards.
Basically, all the clients, thru a vlan, reach the main router (RB2011) where the hotspot is running. A DHCP server assigns the internal ip address and then NAT them with a public IP address.
What happens is that, due to the rule number 13 on hotspot (please see attachment), it redirects all the tcp traffic internally such that they go out using the ip address of the main router, as a proxy!. This is confirmed because if I check the ip public through the website whatismyipaddress shows the ip address of my servers, not the one dedicated to my clients.
This is something I need to avoid because
1. I need to log all their activity, also the tcp port 80 traffic
2. sometimes iphones are not able to download updates, send images thru whatsapp and others ...
I read a lot of topics (http://forum.mikrotik.com/viewtopic.php?f=2&t=82059 http://forum.mikrotik.com/viewtopic.php?f=2&t=53748 ) , it seems that the responsible is this "Universal Proxy" but I'm not able to disable it even if in my hotspot profile the address pool is set to "none" as somebody suggest.
Code: Select all
“This feature is called "Universal Proxy". If it is detected that a client is using some proxy server, the system will automatically mark that packets with the http hotspot mark to work around the unknown proxy problem, as we will see later on. Note that the port used (64874) is the same as for HTTP requests in the rule #9 (so both HTTP and HTTP proxy requests are processed by the same code).”How can I solve this issue ?
Please help !