You need to setup your Mikrotik router by using Winbox. Winbox is the graphical user interface for configuring the Mikrotik Router OS. You can get Winbox via The Dude. Once installed, click on Discover. Once the devices are discovered and displayed, you can right click on the Router OS select tools then select Winbox.
1. First we need to define the first port for WAN connection so the router will connect to the internet via another router with DHCP.
In winbox click IP > DHCP Client and Add DHCP Client to port ether1
2. Let's add the hotspot service to wlan Click IP > HotSpot and the Setup box, choose wlan1 as hotspot interface. You can accept default values but choose none for certificate. Leave the IP as it is (10.5.50.x). If you change this IP, the LOGIN and LOGOUT links will not work on your splash page.
3. The router should be placed in ap bridge mode.
Click interface, double click wlan1, click Mode: and select ap bridge
4. You need to add our radius server as authentication and accounting server.
In the hotspot profiles (IP > HotSpot > Profiles) choose your hotspot profile and allow radius in the radius tab, de-select cookie, allow http pap and chap.
5. You need to define our radius server. Click Radius and the + sign to add our radius server.
Click Servies > Hotspot, enter radius address: 195.228.75.174, Secret: hotsys123
6. You need to add the secondary radius server. Click Radius and the + sign.
Click Servies > Hotspot, enter radius address: 85.25.152.132, Secret: hotsys123
7. We have to allow certain sites and servers for non authenticated users otherwise they can't buy access.
In the section IP > HotSpot > Walled Garden, click on + sign and add the following domains to Dst. Host one by one:
*.hotspotsystem.com
*.worldpay.com
*.paypal.com
*.paypalobjects.com
*.paypal-metrics.com
*.altfarm.mediaplex.com
*.akamaiedge.net
paypal.112.2O7.net
*.moneybookers.com
*.adyen.com
For Hotspot FREE SOCIAL locations: you must add 'www.apple.com' too!
Then in the section IP > HotSpot > Walled Garden > IP List add the following IPs to Dst. Address one by one (if your Mikrotik doesn't allow netmask values (.0/24) you can skip the netmask value):
194.149.46.0/24
198.241.128.0/17
66.211.128.0/17
216.113.128.0/17
70.42.128.0/17
128.242.125.0/24
216.52.17.0/24
62.249.232.74
155.136.68.77
66.4.128.0/17
66.211.128.0/17
66.235.128.0/17
88.221.136.146
195.228.254.149
195.228.254.152
203.211.140.157
203.211.150.204
82.199.90.136/29
82.199.90.160/27
91.212.42.0/24
8. You need to syncronize the router's time with our server.
Click on System > NTP Client. Enter primary and secondary NTP servers. To find NTP servers, go to http://www.pool.ntp.org/ and select the location's continent on the right side of the page. You'll find NTP servers there.
Be sure to leave TimeZoneName: manual, and TimeZone: 00:00 in System > Clock. (Don't set your own timezone, because the router has to show the GMT time!)
9. You need to change the router's NASID. The NASID setting in the Mikrotik is located under System > Identity. Default is 'MikroTik'.
Change this the following way: OPERATORUSERNAME_LOCATIONNUMBER
Example: Operator Username is 'globalhotspot', Location ID: '2', then NASID should be: 'globalhotspot_2'
10. You have to customize Mikrotik's built-in login page. On the side menu go to Files, and find the login.html file under the 'hotspot' directory. Double click on the file and choose Backup.
Open a simple text editor like notepad and copy and paste the following to the editor:
1. First we need to define the first port for WAN connection so the router will connect to the internet via another router with DHCP.
In winbox click IP > DHCP Client and Add DHCP Client to port ether1
2. Let's add the hotspot service to wlan Click IP > HotSpot and the Setup box, choose wlan1 as hotspot interface. You can accept default values but choose none for certificate. Leave the IP as it is (10.5.50.x). If you change this IP, the LOGIN and LOGOUT links will not work on your splash page.
3. The router should be placed in ap bridge mode.
Click interface, double click wlan1, click Mode: and select ap bridge
4. You need to add our radius server as authentication and accounting server.
In the hotspot profiles (IP > HotSpot > Profiles) choose your hotspot profile and allow radius in the radius tab, de-select cookie, allow http pap and chap.
5. You need to define our radius server. Click Radius and the + sign to add our radius server.
Click Servies > Hotspot, enter radius address: 195.228.75.174, Secret: hotsys123
6. You need to add the secondary radius server. Click Radius and the + sign.
Click Servies > Hotspot, enter radius address: 85.25.152.132, Secret: hotsys123
7. We have to allow certain sites and servers for non authenticated users otherwise they can't buy access.
In the section IP > HotSpot > Walled Garden, click on + sign and add the following domains to Dst. Host one by one:
*.hotspotsystem.com
*.worldpay.com
*.paypal.com
*.paypalobjects.com
*.paypal-metrics.com
*.altfarm.mediaplex.com
*.akamaiedge.net
paypal.112.2O7.net
*.moneybookers.com
*.adyen.com
For Hotspot FREE SOCIAL locations: you must add 'www.apple.com' too!
Then in the section IP > HotSpot > Walled Garden > IP List add the following IPs to Dst. Address one by one (if your Mikrotik doesn't allow netmask values (.0/24) you can skip the netmask value):
194.149.46.0/24
198.241.128.0/17
66.211.128.0/17
216.113.128.0/17
70.42.128.0/17
128.242.125.0/24
216.52.17.0/24
62.249.232.74
155.136.68.77
66.4.128.0/17
66.211.128.0/17
66.235.128.0/17
88.221.136.146
195.228.254.149
195.228.254.152
203.211.140.157
203.211.150.204
82.199.90.136/29
82.199.90.160/27
91.212.42.0/24
8. You need to syncronize the router's time with our server.
Click on System > NTP Client. Enter primary and secondary NTP servers. To find NTP servers, go to http://www.pool.ntp.org/ and select the location's continent on the right side of the page. You'll find NTP servers there.
Be sure to leave TimeZoneName: manual, and TimeZone: 00:00 in System > Clock. (Don't set your own timezone, because the router has to show the GMT time!)
9. You need to change the router's NASID. The NASID setting in the Mikrotik is located under System > Identity. Default is 'MikroTik'.
Change this the following way: OPERATORUSERNAME_LOCATIONNUMBER
Example: Operator Username is 'globalhotspot', Location ID: '2', then NASID should be: 'globalhotspot_2'
10. You have to customize Mikrotik's built-in login page. On the side menu go to Files, and find the login.html file under the 'hotspot' directory. Double click on the file and choose Backup.
Open a simple text editor like notepad and copy and paste the following to the editor:
Quote
<html><head>
<title>HotSpot System Login</title>
</head>
<body>
<form name="redirect" action="https://customer.hot...tspotlogin.php" method="GET">
<input type="hidden" name="res" value="notyet" />
<input type="hidden" name="mac" value="$(mac)" />
<input type="hidden" name="user" value="$(username)" />
<input type="hidden" name="uamport" value="mikrotik" />
<input type="hidden" name="userurl" value="$(link-orig)" />
<input type="hidden" name="nasid" value="$(identity)" />
<input type="hidden" name="uamip" value="$(server-address)" />
<input type="hidden" name="error" value="$(error)" />
<input type="hidden" name="chap-id" value="$(chap-id)" />
<input type="hidden" name="chap-challenge" value="$(chap-challenge)" />
</form>
<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script>
</body>
</html>
<title>HotSpot System Login</title>
</head>
<body>
<form name="redirect" action="https://customer.hot...tspotlogin.php" method="GET">
<input type="hidden" name="res" value="notyet" />
<input type="hidden" name="mac" value="$(mac)" />
<input type="hidden" name="user" value="$(username)" />
<input type="hidden" name="uamport" value="mikrotik" />
<input type="hidden" name="userurl" value="$(link-orig)" />
<input type="hidden" name="nasid" value="$(identity)" />
<input type="hidden" name="uamip" value="$(server-address)" />
<input type="hidden" name="error" value="$(error)" />
<input type="hidden" name="chap-id" value="$(chap-id)" />
<input type="hidden" name="chap-challenge" value="$(chap-challenge)" />
</form>
<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script>
</body>
</html>
Save it as login.html to your Desktop.
Drag and drop this login.html to your "hotspot" directory in the Winbox program.
If you wish to use FTP you can FTP to your mikrotik router with the admin userid and password and replace the file there under the 'hotspot' directory.
If you don't wish to redirect users to our nice splash page you can continue to use the router's built-in login page but in this case it is important to add a link to the internal page where your users can buy access or activate their prepaid cards. Click here for more information.
11. You have to set the Login/Logout URL IP addresses in the Control Center. Log in to the Control Center with your Operator Username and password and go to Manage > Locations. Click on the location, then click on Modify Hotspot Data & Settings. In Splash Page Settings modify the Internal Login/Logout URL Set to Mikrotik. Make sure that 'Display Login Box on Main Splash Page' option is CHECKED.
12. As the last step you have to add hourly checking for up status for the Router Alert feature.
Go to System > Scheduler and add a new task by pressing the plus sign.
Name: up
Interval: 01:00:00
On Event:
Quote
/tool fetch keep-result=no mode=http address=tech.hotspotsystem.com src-path=("up.php?mac=".[/interface ethernet get 0 mac-address]."&nasid=".[/system identity get name]."&os_date=Mikrotik&uptime=".[/system clock get time]."%20up%20".[/system resource get uptime].",%20load%20average:%20".[/system resource get cpu-load]."%")
Policy: enable all
Press Apply and OK.
That's all. You can setup hotspot service even on a wired connection. In this case you have to choose an ethernet port instead of wlan or you can setup hotspot on both ports.
If you have successfully setup your mikrotik router you have to see a login window when connecting via wireless. You can log in with username admin, blank password.
Sumber: ICO FORUM
Hello would you mind letting me know which webhost you're utilizing? I've loaded your blog in 3 different browsers and I must
ReplyDeletesay this blog loads a lot quicker then most. Can you recommend a
good hosting provider at a reasonable price? Many thanks, I appreciate
it!
Look into my website - technology books for teachers
Greetings! Very helpful advice within this post! It's the little changes that produce the greatest changes. Thanks for sharing!
ReplyDeleteHere is my webpage - number one weight loss product
I've only seen a couple of articles but am already hooked. Need to spend a whole evening going over the forums on here.
ReplyDeleteAlso visit my page: best loan deals