Manual:IP/Hotspot: Difference between revisions
Line 19: | Line 19: | ||
* '''hotspot interface''' (name of the interface) : interface name to run HotSpot on. To run HotSpot on bridge interface, make sure public interfaces are not included to the bridge | * '''hotspot interface''' (name of the interface) : interface name to run HotSpot on. To run HotSpot on bridge interface, make sure public interfaces are not included to the bridge | ||
* '''local address of network''' (IP address; default: ''10.5.50.1/24'') : HotSpot gateway address | * '''local address of network''' (IP address; default: ''10.5.50.1/24'') : HotSpot gateway address | ||
* '''masquerade network''' (yes/no; default: ''yes'') : Whether to masquerade HotSpot network, when '''yes''' rule is added to ''/ip firewall nat'' with ''action=masquerade'' | * '''masquerade network''' (yes'''/'''no; default: ''yes'') : Whether to masquerade HotSpot network, when '''yes''' rule is added to ''/ip firewall nat'' with ''action=masquerade'' | ||
* '''address pool of network''' (name) : Address pool for HotSpot network, which is used to change user IP address to a valid address. Useful for providing network access to mobile clients that are not willing to change their networking settings | * '''address pool of network''' (name) : Address pool for HotSpot network, which is used to change user IP address to a valid address. Useful for providing network access to mobile clients that are not willing to change their networking settings | ||
* '''select certificate''' (none/import-other-certificate) : choose SSL certificate, when HTTPS authorization method is required | * '''select certificate''' (none'''/'''import-other-certificate) : choose SSL certificate, when HTTPS authorization method is required | ||
* '''ip address of smtp server''' (IP address; default: ''0.0.0.0'') : IP address of the SMTP server, where to redirect HotSpot's network SMTP requests (25 TCP port) | * '''ip address of smtp server''' (IP address; default: ''0.0.0.0'') : IP address of the SMTP server, where to redirect HotSpot's network SMTP requests (25 TCP port) | ||
* '''dns servers''' (IP address) : DNS server addresses used for HotSpot clients, configuration taken from ''/ip dns'' menu of the HotSpot gateway | * '''dns servers''' (IP address) : DNS server addresses used for HotSpot clients, configuration taken from ''/ip dns'' menu of the HotSpot gateway |
Revision as of 14:40, 1 October 2008
HotSpot
The MikroTik HotSpot Gateway provides authentication for clients before access to public networks .
HotSpot Gateway features:
- different authentication methods of clients using local client database on the router, or remote RADIUS server;
- users accounting in local database on the router, or on remote RADIUS server;
- walled-garden system, access to some web pages without authorization;
- login page modification, where you can put information about the company;
- automatic and transparent change any IP address of a client to a valid address;
ip hotspot setup
The simplest way to setup HotSpot server on a router, by
/ip hotspot setup
Router will ask you the questions, when successfully finished default configuration will be added for HotSpot server. Once your run setup command, you will be asked for the particular questions,
- hotspot interface (name of the interface) : interface name to run HotSpot on. To run HotSpot on bridge interface, make sure public interfaces are not included to the bridge
- local address of network (IP address; default: 10.5.50.1/24) : HotSpot gateway address
- masquerade network (yes/no; default: yes) : Whether to masquerade HotSpot network, when yes rule is added to /ip firewall nat with action=masquerade
- address pool of network (name) : Address pool for HotSpot network, which is used to change user IP address to a valid address. Useful for providing network access to mobile clients that are not willing to change their networking settings
- select certificate (none/import-other-certificate) : choose SSL certificate, when HTTPS authorization method is required
- ip address of smtp server (IP address; default: 0.0.0.0) : IP address of the SMTP server, where to redirect HotSpot's network SMTP requests (25 TCP port)
- dns servers (IP address) : DNS server addresses used for HotSpot clients, configuration taken from /ip dns menu of the HotSpot gateway
- dns name (name; default: blank) : domain name of the HotSpot server, full quality domain name is required, for example www.example.com
- name of local hotspot user (name; default: admin) : username of one automatically created HotSpot user, added to /ip hotspot user
- password for the user (name) : password for automatically created HotSpot user
ip hotspot
Menu is designed to manage HotSpot servers of the router. It is possible to run HotSpot on Ethernet, wireless, VLAN and bridge interfaces. One HotSpot server is allowed per interface. When HotSpot is configured on bridge interface, set HotSpot interface as bridge interface not as bridge port, do not add public interfaces to bridge ports.
- name (Text) :
- address-pool (comma separated list of IP prefixes) :
- idle-timeout (IP prefix) :
- interface (Name of interface, or all) :
- addresses-per-mac (Name of , or none) :
- keepalive-timeout (Comma separated list of) :
- profile (One of both, upload, download or none) :
ip hotspot profile
Lorem Ipsum Dolor Sit Amet
- name (Text) :
- dns-name (comma separated list of IP prefixes) :
- hotspot-address (IP prefix) :
- html-directory (Name of interface, or all) :
- http-cookie-lifetime (Name of , or none) :
- http-proxy (Comma separated list of) :
- login-by (One of both, upload, download or none) :
- mac-auth-password (1..8) :
- nas-port-time (SOMETHING/SOMETHING) :
- radius-accounting (NUMBER/NUMBER) :
- radius-default-domain (NUMBER/NUMBER) :
- radius-interim-update (NUMBER/NUMBER) :
- radius-location-name (NUMBER/NUMBER) :
- smtp-server (TIME/TIME) :
- split-user-domain () :
- ssl-certificate () :
- trial-uptime () :
- trial-user-profile () :
- use-radius () :
ip hotspot user
Lorem Ipsum Dolor Sit Amet
- name (Text) :
- address (comma separated list of IP prefixes) :
- comment (IP prefix) :
- email (Name of interface, or all) :
- limit-bytes-in (Name of , or none) :
- limit-bytes-out (Comma separated list of) :
- limit-bytes-total (One of both, upload, download or none) :
- limit-uptime (1..8) :
- mac-address (SOMETHING/SOMETHING) :
- password (NUMBER/NUMBER) :
- profile (NUMBER/NUMBER) :
- routes (NUMBER/NUMBER) :
- server (NUMBER/NUMBER) :
ip hotspot user profile
Lorem Ipsum Dolor Sit Amet
- name (Text) :
- address-pool (comma separated list of IP prefixes) :
- advertise (IP prefix) :
- advertise-interval (Name of interface, or all) :
- advertise-timeout (Name of , or none) :
- advertise-url (Comma separated list of) :
- idle-timeout (One of both, upload, download or none) :
- incoming-filter (1..8) :
- incoming-packet-mark (SOMETHING/SOMETHING) :
- keepalive-timeout (NUMBER/NUMBER) :
- on-login (NUMBER/NUMBER) :
- on-logout (NUMBER/NUMBER) :
- open-status-page (NUMBER/NUMBER) :
- outgoing-filter (NUMBER/NUMBER) :
- outgoing-packet-mark (NUMBER/NUMBER) :
- rate-limit (NUMBER/NUMBER) :
- session-timeout (NUMBER/NUMBER) :
- shared-users (NUMBER/NUMBER) :
- status-auto-refresh (NUMBER/NUMBER) :
- transparent-proxy (NUMBER/NUMBER) :
ip hotspot active
Lorem Ipsum Dolor Sit Amet
- address (Text) :
- blocked (comma separated list of IP prefixes) :
- bytes-in (IP prefix) :
- bytes-out (Name of interface, or all) :
- domain (Name of , or none) :
- idle-time (Comma separated list of) :
- idle-timeout (One of both, upload, download or none) :
- keepalive-timeout (1..8) :
- incoming-packet-mark (SOMETHING/SOMETHING) :
- keepalive-timeout (NUMBER/NUMBER) :
- limit-bytes-in (NUMBER/NUMBER) :
- limit-bytes-out (NUMBER/NUMBER) :
- limit-bytes-total (NUMBER/NUMBER) :
- login-by (NUMBER/NUMBER) :
- mac-address (NUMBER/NUMBER) :
- packets-in (NUMBER/NUMBER) :
- packets-out (NUMBER/NUMBER) :
- radius (NUMBER/NUMBER) :
- server (NUMBER/NUMBER) :
- session-time-left (NUMBER/NUMBER) :
- uptime (NUMBER/NUMBER) :
- user (NUMBER/NUMBER) :
ip hotspot host
Lorem Ipsum Dolor Sit Amet
- address (Text) :
- authorized (comma separated list of IP prefixes) :
- bridge-port (Comma separated list of) :
- bytes-in (IP prefix) :
- bytes-out (Name of interface, or all) :
- found-by (Name of , or none) :
- host-dead-time (Comma separated list of) :
- idle-time (One of both, upload, download or none) :
- idle-timeout (1..8) :
- keeaplive-timeout (SOMETHING/SOMETHING) :
- keepalive-timeout (NUMBER/NUMBER) :
- mac-address (NUMBER/NUMBER) :
- packet-in (NUMBER/NUMBER) :
- packet-out (NUMBER/NUMBER) :
- login-by (NUMBER/NUMBER) :
- mac-address (NUMBER/NUMBER) :
- packets-in (NUMBER/NUMBER) :
- packets-out (NUMBER/NUMBER) :
- server (NUMBER/NUMBER) :
- static (NUMBER/NUMBER) :
- to-address (NUMBER/NUMBER) :
- uptime (NUMBER/NUMBER) :
address copy-from mac-address server type comment disabled place-before to-address
ip hotspot ip-binding
Lorem Ipsum Dolor Sit Amet
- address (Text) :
- mac-address (comma separated list of IP prefixes) :
- server (IP prefix) :
- to-address (Name of interface, or all) :
- type (Name of , or none) :
ip hotspot walled-garden
Lorem Ipsum Dolor Sit Amet
- action (Text) :
- dst-host (comma separated list of IP prefixes) :
- dst-port (IP prefix) :
- method (Name of interface, or all) :
- path (Name of , or none) :
- server (Name of , or none) :
- src-address (Name of , or none) :
action copy-from dst-address dst-port protocol src-address comment disabled dst-host place-before server
ip hotspot walled-garden ip
Lorem Ipsum Dolor Sit Amet
- action (Text) :
- dst-address (comma separated list of IP prefixes) :
- dst-host (comma separated list of IP prefixes) :
- dst-port (IP prefix) :
- protocol (Name of interface, or all) :
- server (Name of , or none) :
- src-address (Name of , or none) :
ip hotspot cookie
Lorem Ipsum Dolor Sit Amet
- domain (Text) :
- expires-in (comma separated list of IP prefixes) :
- mac-address (comma separated list of IP prefixes) :
- user (IP prefix) :