Manual Installation Guide
HotSpotSystem.com Installation Guide for Mikrotik Routerboards
How to Setup Your Own Hotspot with MIKROTIK routers
WARNING!
This manual setup method suggested below is for network professionals only with massive knowledge of Mikrotik routers. It is useful only if you wish to keep your original configuration for some reason.
Please use our SIMPLE INSTALLATION GUIDE FOR MIKROTIK INSTEAD!
If you have important existing config on your router export it using the command:
/export file=myconfig.rsc;
Follow our Simple Guide to setup hotspot on your router.
Test the hotspot. If all good import your exported config in small batches.
Before running a batch try to check if this will conflict with the hotspot config or not. After all batches ran check the result. If errors given analyze the errors. Hopefully irrelevant but you have to make it sure.
Important note: This setup method cover only our core install.
Additional scipts like our PSD2 solution, Secure SSL router pages, etc. are available only for our Simple Install.
You can install them if you go to Location Management page in our Control Center scrolling down to section Router Setup Command just uncheck Base Install script and all other scripts except for the one you want to add to your manual install. Copy the script and fit it to your config.
We don't match it to all possible config combinations. You know your config and using manual setup you declare you have the knowledge to use and manage your special config.
Important note: This solution requires a Hotspot Operator Account at HotSpotSystem.com. You can create an Operator Account here. If you would like to see what features you will be able to use with our solutions, click here. If you already have an Operator Account, then read on...
Please do not use the latest RouterOS versions. v7.x is not working with HTTPS on the splash page. Use latest LTS version which is v6.48.6 by now or up to 6.49.1 if you had any issues.
If your router is new enough to require 7.x (like the RB5009) then you cannot use HTTPS on the splash page yet.
Before starting, reset your router. If you see a message about "Default configuration" press Remove configuration.
You need to setup your Mikrotik router by using Winbox. Winbox is the graphical user interface for configuring the Mikrotik Router OS. You can get Winbox from Mikrotik's website.
1. First we need to define the first port for WAN connection so the router will connect to the internet via another router with DHCP.
In winbox click IP > DHCP Client and Add DHCP Client to port ether1
2. Let's add the hotspot service to wlan Click IP > HotSpot and the hotspot Setup box, choose wlan1 as hotspot interface. You can accept default values but choose none for certificate. Leave the IP as it is (10.5.50.x). If you change this IP, the LOGIN and LOGOUT links will not work on your splash page.
3. The router should be placed in ap bridge mode.
Click interface, double click wlan1, click Mode: and select ap bridge
And make sure the frequency is set to 2.4 b/G.
4. You need to add our radius server as authentication and accounting server.
In the hotspot profiles (IP > HotSpot > Profiles) choose your hotspot profile and click the radius tab, check allow radius. Then click the login tab and de-select cookie, allow https, http pap and chap.
5. You need to define our radius server. Click Radius and the + sign to add our radius server.
Click Services > Hotspot, enter radius address: radius.hotspotsystem.com, Secret: hotsys123
Check the box next to hotspot
Modify the timeout value to 3000
6. You need to add the secondary radius server. Click Radius and the + sign.
Click Services > Hotspot, enter radius Address: radius2.hotspotsystem.com, Secret: hotsys123
Check the box next to hotspot
Modify the timeout value to 3000
7. We have to allow certain sites and servers for non authenticated users otherwise they can't buy access.
In the section IP > HotSpot > Walled Garden, click on + sign and add the following domains to Dst. Host one by one:
*.hotspotsystem.com
*.worldpay.com
*.paypal.com
*.paypalobjects.com
*.paypal-metrics.com
*.altfarm.mediaplex.com
*.akamaiedge.net
paypal.112.2O7.net
*.moneybookers.com
*.adyen.com
*.directebanking.com
*.paysafecard.com
betalen.rabobank.nl
ideal.ing.nl
ideal.abnamro.nl
For Hotspot FREE SOCIAL locations: you need to add several domains/hosts to the allowed field in order to allow users to log in to there favorite social site. Please follow this article to add these domains/hosts to the whitelist.
Then in the section IP > HotSpot > Walled Garden > IP List add the following IPs to Dst. Address one by one (if your Mikrotik doesn't allow netmask values (.0/24) you can skip the netmask value):
194.149.46.0/24
198.241.128.0/17
66.211.128.0/17
216.113.128.0/17
70.42.128.0/17
128.242.125.0/24
216.52.17.0/24
62.249.232.74
155.136.68.77
66.4.128.0/17
66.211.128.0/17
66.235.128.0/17
88.221.136.146
195.228.254.149
195.228.254.152
203.211.140.157
203.211.150.204
82.199.90.136/29
82.199.90.160/27
91.212.42.0/24
Then in the section IP > HotSpot > Walled Garden > IP List add the following IPs to Dst. Host:
www.paypal.com
8. You need to syncronize the router's time with our server.
Click on System > NTP Client. Enter primary and secondary NTP servers. To find NTP servers, go to http://www.pool.ntp.org/ and select the location's continent on the right side of the page. You'll find NTP servers there.
Be sure to leave TimeZoneName: manual, and TimeZone: 00:00 in System > Clock. (Don't set your own timezone, because the router has to show the GMT time!)
9. You need to change the router's NASID. The NASID setting in the Mikrotik is located under System > Identity. Default is 'MikroTik'.
Change this the following way: OPERATORUSERNAME_LOCATIONNUMBER
Example: Operator Username is 'globalhotspot', Location ID: '2', then NASID should be: 'globalhotspot_2'
NOTE: In case you are installing multiple routers in the same location, you should use different NAS IDs. For the second routers you need to add '_wds_1' to the NAS Id, for the third router '_wds_2', etc. So for example if you want to install the second router in location 3, the NASID should be set to 'globalhotspot_3_wds_1'.
10. You have to customize Mikrotik's built-in hotspot pages.
Click on the filenames to download the following files: login.zip (contains 2 files)
On the side menu go to Files, and find these files under the 'hotspot' directory.
Unzip the downloaded files and drag and drop them to your "hotspot" directory in the Winbox program. Be sure to move the cursor under the hotspot directory.
If you wish to use FTP you can FTP to your mikrotik router with the admin userid and password and replace the file there under the 'hotspot' directory.
11. You have to set the Login/Logout URL IP addresses in the Control Center. Log in to the Control Center with your Operator Username and password and go to Manage > Locations. Click on the location, then click on Modify Hotspot Data & Settings. In Splash Page Settings modify the Internal Login/Logout URL Set to Mikrotik. Make sure that 'Display Login Box on Main Splash Page' option is CHECKED.
12. Extend the shared-users limit in your hotspot profile.
Sub-menu: /ip hotspot user profile
or go to IP > Hotspot > User Profiles > default > Shared-Users
Change shared-users to 5.
13. As the last step you have to add hourly checking for up status for the Router Alert feature.
Go to System > Scheduler and add a new task by pressing the plus sign.
Name: up
Interval: 01:00:00
On Event:
Policy: enable all
Press Apply and OK.
That's all. You can setup hotspot service even on a wired connection. In this case you have to choose an ethernet port instead of wlan or you can setup hotspot on both ports.
If you have successfully setup your mikrotik router you have to see a login window when connecting via wireless. You can log in with username admin, blank password.
Should you have any more questions or problems, please read our Knowledgebase or contact Help Desk.
Other docs: Advanced Hotspot Deployment Customization
UPGRADE WARNING: In case you upgrade your router with new firmware you have to hardreset your router after the upgrade and reinstall it with our script. If you have special network settings you can export the settings and import the settings after the reset.