Setting Upward A Mikrotik Router Equally A Hotspot

This document outlines how to configure a MikroTik RouterBoard to endure used every bit a HIB amongst SIMPLer.

General data on the RouterBoard may endure establish inwards the MikroTik Wiki: http://wiki.mikrotik.com/wiki/Category:Manual

Basic Setup

• Do basic setup on the routerboard every bit per http://wiki.mikrotik.com/wiki/Manual:First_time_startup - basic requirement is to configure ether1 amongst the following:
• IP address as well as gateway

Once an IP address is assigned, purpose Winbox (download from the get-go fourth dimension setup page) to practice the balance of the setup.

• Setup the hotspot every bit follows (this information is based on http://www.hotspotsystem.com/en/hotspot/install_guide_mikrotik.html
• Verify that the routerboard DNS settings are right - click on IP -> DNS as well as thus Settings - if the default values are non correct, update them to reverberate the electrical current network. 
• Add the hotspot service to ether2 (or whatever other ether port - merely supersede references to ether2 amongst whatever ethernet port yous are using below) past times going IP -> Hotspot as well as thus clicking Hotspot Setup:

• Select ether2 from the drib downward as well as click Next.
• Pick a suitable IP gain to purpose (192.168.182.1/24 is the default used on HIBs, thus purpose that)

 

• Click Next for the "Address Pool of Network"  

•  Click Next for the "Certificate" - locomote out at "none" 

• Ignore the SMTP server setting, as well as bring the default for the DNS server setting, as well as locomote out the DNS mention blank.
• On the side past times side dialog, practice a password for the "admin" user - this volition permit yous to login to the hotspot amongst this username/password without having to purpose the RADIUS server - this is useful to verify basic performance earlier going whatever further.

• At this signal the basic hotspot should endure upwardly as well as running. Connect a laptop to the ether2 port, as well as verify that yous teach an IP address from the gain 192.168.182.2 - 192.168.182.254. Try to access the cyberspace using a spider web browser, as well as yous should teach the default MikroTik splash page. You tin come inwards the admin username / password yous created higher upwardly inwards guild to teach access to the internet. (if the condition / logout dialog does non popup, yous tin logout using http://192.168.182.1/logout)

Adding RADIUS back upwardly to authenticate against SIMPLer

• Again using winbox, configure RADIUS back upwardly every bit follows:
• In the hotspot profiles (IP -> HotSpot -> Server Profiles), double click the hotspot yous created (should likely endure hsprof1)
• In the Login tab, deselect Cookie as well as direct CHAP as well as PAP: 

• In the RADIUS tab, direct "Use RADIUS", as well as click OK: 

 On the left colum, click Radius, as well as thus the cherry + to add together a novel RADIUS server. On the dialog, click hotspot, as well as come inwards the IP address of the RADIUS server as well as the hole-and-corner (the default, which yous tin teach from the hotspot setup inwards SIMPLer is az0s3cr3t):

• If yous desire to permit access to for certain sites without authentication (e.g. payment gateways, etc), yous tin add together them to IP -> HotSpot -> Walled Garden. For basic setup this should non endure necessary.
• Set the clock on the routerboard past times going to System -> NTP Client, click "Enabled", gear upwardly the Mode to unicast as well as the server to "pool.ntp.org": 

 Set the organisation identity to endure the hotspot mention every bit follows: Go to System -> Identity as well as come inwards the total hotspot mention (for event demowisp_demowisp_hs5 is the i I am using):

• At this signal yous should endure able to login using a token from the selected hotspot. You tin verify which users are logged inwards using IP -> Hotspot -> Active inwards winbox

Updating the login splash page

The login (and logout) splash pages tin endure updated every bit wished. However inwards guild to permit customers to buy a token using the operator's payment gateway, a link to the SIMPLer captive portal buy cast must endure added. The format of the link is every bit follows:

https://xyz.azotel.com/hotspot/register.pl?hs_name=hotspot_name

Where xyz and hotspot_name are replaced amongst the relevant equivalents for the operator.

To teach the html code for the electrical current login page, click on Files inwards winbox, as well as become to hotspot/login.html:

You tin merely drag'n'drop this file to your desktop, update it, as well as thus drag it dorsum into the Files dialog. Or, if yous wish, yous tin re-create the file to your PC using ssh/ftp. The ssh ascendance to re-create it is every bit follows:

    scp admin@<ip of mikrotik>:/hotspot/login.html login.html

To re-create it back, use
   
    scp login.html admin@<ip of mikrotik>:/hotspot/login.html

You tin too drag'n'drop graphics to the hotspot/img directory to endure used on the login page.