Based on your network diagram you have to create the hotspot server because that is more important to understand the network topology and implementation.
Here , I am using the DMA Radius with my mikrotik NAS and my Radius is existed in the cloud .
That doest not matter whatever the radius server you are using because the hotspot configurations will be remain same in mikrotik nas and only the Authentication port and Accounting port can be different for different vendors of RADIUS .
Please find the diagram below of my network .
Lets get in to the hotspot configuration .
NOTE:-Sometimes the Hotspot is disabled in the mikrotik router so if it's disabled then you have to make it enable .and follow the below process to enable the hotspot .
As you can see on my above picture , My hotspot is disabled so let me make it enable first .
Once you will click on Enable , The mikrotik will be make the schedule to enable the hotspot in next reboot .
Now after click on the Enable button I have rebooted the router and my hotspot is enabled now .
Lets start the hotspot server configuration according to my network diagram.
As you can in my network diagram , my LAN interface is ETH-6 and I am going to use that eth-6
interface as HOTspot interface because all of my lan users are connected from this port .So once the user will be trying to browse the internet initially after giving the IP address in his/her computer the user will be automatically redirected into the Hotspot login lage .because without login that user will not be able to access the internet .
According to my scenario the users gateway interface is my ETH-6 of mikrotik NAS and I have configured a /24 ip subnet in this interface .
Configure the IP address of your hotspot interface .
Go To IP>Address>Add IP address (+)
Step-1
Create the Hotspot on 6 number interface of mikrotik.
GO To IP>Hotspot>Hotspot Setup>Select the interface
Please go through the below images to complete the configuration .
Dont need to select any certificate , If you have purchaged the SSL certificate then you can give the certificate .And Choose SSL certificate, when HTTPS authorization method is required.
IP address of the SMTP server, where to redirect HotSpot's network SMTP requests (25 TCP port)
DNS is mandatory to provide .
NO need to add any DNS name .
username of one automatically created HotSpot user.Password for automatically created HotSpot user
Click on OK.
Now the HOTspot server configuration is completed .
NOTE:- When you are creating a Hotspot server in mikroitk in that case the router itself is creating a DHCp Server automatically in that hotspot interface and when any user will be connect from that hotspot interface he/she will get the IP address automatically through DHCP server .
If want to use the dhcp server for hotspot network then you dont need to disable and if you dont want to use the DHCP server for LAN users then you have to remove the DHCP server from Mikroitk .
Lets Verify the DHCP server after finishing the configuration of HOTSPOT server .
As you can see on my below picture there is created one DHCP server in eth-6 . SO i am going to remove that DHCP server from that interface because i dont need the DHCP in my LAN
.
I am going to remove the DHCP server .
It's removed NOW .
And also after creating a hotspot server the mikrotik router is creating a IP pool automatically in the IP pool List .
And also once you create a HOt server the mikrotik will be create one Hotspot profile automatically .
you can see on below picture the profile name is hsprof 1
Go to Profiles>Double click on that profile to see the details .
This is very important to configure the Hotspot profile for Hotspot server beacuse based on your profile
the services will be available to the users .
Hotspot Address- This is your hot interface IP .
The Login process should be selected same as your Radius compatible process .
Select the Use radius and Accounting .
RADius configuration for hotspot in mikrotik NAS.
Address:My Radius IP
Secreat:-Shared secret used to access the RADIUS server.
Authentication Port -RADIUS server port used for authentication
Accounting Port:-RADIUS server port used for accounting.
Note:-Don't Select the Accounting Backup always if it's not for backup RADIUS server.
You have to select the Radius Incoming because that allow to terminate a session which has already been connected from RADIUS server. For this purpose DM (Disconnect-Messages) are used. Disconnect messages cause a user session to be terminated immediately.
And also you have configure the NAT for Private ip (192.168.1.0/24).
After completion of this process in mirkotik NAS you have to add this NAS in your radius .Here, i am not showing you that . you can add that in your RADIUS .
Please find the below Commands to configure the task .
/ip hotspot profile
add hotspot-address=192.16.1.1 login-by=http-chap,http-pap name=hsprof1 \
use-radius=yes
/ip pool
add name=hs-pool-10 ranges=192.16.1.2-192.16.1.254
/ip hotspot
add address-pool=hs-pool-10 disabled=no interface=ether6 name=hotspot1 \
profile=hsprof1
/ip address
add address=192.16.1.1/24 interface=ether6 network=192.16.1.0
/ip dns
set cache-size=10000KiB servers=8.8.4.4,8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=192.16.1.0/24
/radius
add address=14.0.0.1 secret=secret service=ppp,hotspot timeout=9s
/radius incoming
set accept=yes
Here , I am using the DMA Radius with my mikrotik NAS and my Radius is existed in the cloud .
That doest not matter whatever the radius server you are using because the hotspot configurations will be remain same in mikrotik nas and only the Authentication port and Accounting port can be different for different vendors of RADIUS .
Please find the diagram below of my network .
Lets get in to the hotspot configuration .
NOTE:-Sometimes the Hotspot is disabled in the mikrotik router so if it's disabled then you have to make it enable .and follow the below process to enable the hotspot .
As you can see on my above picture , My hotspot is disabled so let me make it enable first .
Once you will click on Enable , The mikrotik will be make the schedule to enable the hotspot in next reboot .
Now after click on the Enable button I have rebooted the router and my hotspot is enabled now .
Lets start the hotspot server configuration according to my network diagram.
As you can in my network diagram , my LAN interface is ETH-6 and I am going to use that eth-6
interface as HOTspot interface because all of my lan users are connected from this port .So once the user will be trying to browse the internet initially after giving the IP address in his/her computer the user will be automatically redirected into the Hotspot login lage .because without login that user will not be able to access the internet .
According to my scenario the users gateway interface is my ETH-6 of mikrotik NAS and I have configured a /24 ip subnet in this interface .
Configure the IP address of your hotspot interface .
Go To IP>Address>Add IP address (+)
Step-1
Create the Hotspot on 6 number interface of mikrotik.
Please go through the below images to complete the configuration .
Once you will select the interface the router will take the ip pool in that hotspot interface automaticall and will add that subnet range itself in IP POOL .
NOTE:- When you are creating a Hotspot server in mikroitk in that case the router itself is creating a DHCp Server automatically in that hotspot interface and when any user will be connect from that hotspot interface he/she will get the IP address automatically through DHCP server .
If want to use the dhcp server for hotspot network then you dont need to disable and if you dont want to use the DHCP server for LAN users then you have to remove the DHCP server from Mikroitk .
Lets Verify the DHCP server after finishing the configuration of HOTSPOT server .
As you can see on my below picture there is created one DHCP server in eth-6 . SO i am going to remove that DHCP server from that interface because i dont need the DHCP in my LAN
.
And also once you create a HOt server the mikrotik will be create one Hotspot profile automatically .
you can see on below picture the profile name is hsprof 1
This is very important to configure the Hotspot profile for Hotspot server beacuse based on your profile
the services will be available to the users .
RADius configuration for hotspot in mikrotik NAS.
Address:My Radius IP
Secreat:-Shared secret used to access the RADIUS server.
Authentication Port -RADIUS server port used for authentication
Accounting Port:-RADIUS server port used for accounting.
Note:-Don't Select the Accounting Backup always if it's not for backup RADIUS server.
You have to select the Radius Incoming because that allow to terminate a session which has already been connected from RADIUS server. For this purpose DM (Disconnect-Messages) are used. Disconnect messages cause a user session to be terminated immediately.
And also you have configure the NAT for Private ip (192.168.1.0/24).
After completion of this process in mirkotik NAS you have to add this NAS in your radius .Here, i am not showing you that . you can add that in your RADIUS .
Please find the below Commands to configure the task .
/ip hotspot profile
add hotspot-address=192.16.1.1 login-by=http-chap,http-pap name=hsprof1 \
use-radius=yes
/ip pool
add name=hs-pool-10 ranges=192.16.1.2-192.16.1.254
/ip hotspot
add address-pool=hs-pool-10 disabled=no interface=ether6 name=hotspot1 \
profile=hsprof1
/ip address
add address=192.16.1.1/24 interface=ether6 network=192.16.1.0
/ip dns
set cache-size=10000KiB servers=8.8.4.4,8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=192.16.1.0/24
/radius
add address=14.0.0.1 secret=secret service=ppp,hotspot timeout=9s
/radius incoming
set accept=yes
hi sir
ReplyDeletesir maine vlan hotspot se configure kiya hai lekin hotspot loging page open nahi ho raha hai
kuch ro bhi settng karna padega sir
please meri hlep karo
thank you