Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
technical:mikrotik-hotspot-advanced [2025/05/14 07:19] systemtechnical:mikrotik-hotspot-advanced [2025/05/14 08:09] (current) system
Line 12: Line 12:
  Although the instructions on this page makes use of the RB751, the same principles should also apply to other Mikrotik Routerboards.  Although the instructions on this page makes use of the RB751, the same principles should also apply to other Mikrotik Routerboards.
 The following advanced configurations will be covered in this document: The following advanced configurations will be covered in this document:
-  * Central Dynamic login pages+  * Central Login pages
  
 -------- --------
  
-==== Central Dynamic Login pages ==== +==== Central Login Pages ==== 
-   * RADIUSdesk allows you to have one centrally managed location to serve a dynamic login page to many Mikrotik devices.+   * RADIUSdesk allows you to have one centrally managed location to serve the same Login Page to many Mikrotik devices.
    * This allows you to    * This allows you to
      * Group Mikrotik devices together and serve one common login page to them all.      * Group Mikrotik devices together and serve one common login page to them all.
-     Include company info and slideshows with the login page which are determined by the device from which a user connects. +     Serve a modern login page (Bootstrap based) that makes use of AJAX techniques to connect and display session details.
-     * Have a modern login page that makes use of AJAX techniques to connect and display session details.+
    * To enjoy this enhancement you will need to:    * To enjoy this enhancement you will need to:
      * Ensure the Hotspot configuration on the Mikrotik includes PAP support.      * Ensure the Hotspot configuration on the Mikrotik includes PAP support.
      * **Replace some static hotspot login pages located and served from the Mikrotik router.**      * **Replace some static hotspot login pages located and served from the Mikrotik router.**
 +     * Enable HTTPS (Certificates required) on the Hotspot.
  
 === Include PAP support on Hotspot === === Include PAP support on Hotspot ===
Line 62: Line 62:
 ------ ------
  
-=== Add dynamic key to a Dynamic login page entry ===+=== Link Dynamic Key to a selected Login Page ===
   * On your local machine (or where you have the replacement files), change directory to the **rdcore/cake4/cake4/rd_cake/setup/mikrotik/** folder and edit the **login.html** file to redirect to your RADIUSdesk server.   * On your local machine (or where you have the replacement files), change directory to the **rdcore/cake4/cake4/rd_cake/setup/mikrotik/** folder and edit the **login.html** file to redirect to your RADIUSdesk server.
-  * Also ensure there is an item which you can use as a dynamic key to specify the dynamic login page's info which should be displayed. +  * Pick an item which you want to use as a Dynamic Key to link to on a Login Page. 
-  * In the sample page we include the nasid item and give it a value of $(identity). +  * When this link is established, the detail of that specific Login Page will be displayed to the user. 
-  * This will be automatically substituted with **za-gp-jhb-001**. +  * The presentation of that Login Page in turn depends on the config of that Login Page
-  * We will subsequently have to add a Dynamic key to one of the items in the Dynamic login pages applet that will tie this a item in the query string to an item in the Dynamic login pages applet. +  * In the sample code we for instance have the **nasid** item and give it a value of $(identity). 
-  * If we have deployed 15 of these Mikrotik devices in Gauteng; we can simply include an item like ssid=Gauteng with the login.html's redirect instruction and use ssid as a Dynamic key.  +  * This is dynamic (sort of like PHP) and will be automatically substituted with **za-gp-jhb-001**. 
-  * In this way we group these 15 devices to all show the Gauteng dynamic login page.+  * Another use case is if we have deployed 15 of these Mikrotik devices in Gauteng; we can simply include an item like **ssid=Gauteng** with the login.html's redirect instruction and use **ssid** as a Dynamic key.  
 +  * In this way we group these 15 devices to **all show** the one Login Page.
  
 <file html login.html> <file html login.html>
Line 116: Line 117:
 </panel> </panel>
  
-When you are done editing the **login.html** page and also added the Dynamic key to the Dynamic login page which you want to serve on the Mikrotik; you can copy the replacement pages to the Mikrotik router. +When you are done editing the **login.html** page and also added the Dynamic key to the Login Page which you want to serve on the Mikrotik; you can copy the replacement pages to the Mikrotik router. 
  
 ------ ------
 === Enable HTTPs support on Mikrotik === === Enable HTTPs support on Mikrotik ===
   * To Enable HTTPS support on the Mikrotik you need to configure the following:   * To Enable HTTPS support on the Mikrotik you need to configure the following:
-    * Install a valid SSL certificate onto the Mikrotik. +    * We first upload the cert and key files. 
-    * Specify a DNS name in the Hotspot setup that matches the certificate +<panel type="primary"> 
-    * Enable Login By option HTTPS.+{{:technical:mikrotik:upload_cert_and_key.png?nolink|}} 
 +</panel> 
 +    * Then we can import the SSL certificate onto the Mikrotik. (We select the uploaded cert and key files we copied over) 
 +<panel type="primary"> 
 +{{:technical:mikrotik:cert_and_key.png?nolink|}} 
 +</panel> 
 +    * Specify a DNS name in the Hotspot setup that matches the certificate. Here we used uam.mesh-manager.com 
 +<panel type="primary"> 
 +{{:technical:mikrotik:dns_name.png?nolink|}} 
 +</panel> 
 +    * Enable Login By option HTTPS (Deselect HTTP PAP) and also select the SSL Certificate you imported along with HTTPS Redirect. 
 +<panel type="primary"> 
 +{{:technical:mikrotik:ssl_cert.png?nolink|}} 
 +</panel>
  
 ----- -----
Line 130: Line 144:
   * You need to open the Mikrotik to serve the central login page from a server that is usually outside your network.   * You need to open the Mikrotik to serve the central login page from a server that is usually outside your network.
   * Connect to the web interface of the Mikrotik router.   * Connect to the web interface of the Mikrotik router.
-  * Select IP → Hotspot +  * Select **IP → Hotspot** 
-  * Select the Walled garden IP List sub-tab to add an entry.+  * Select the **Walled garden IP List** sub-tab to add an entry.
   * The destination IP Address will be the IP Address of the RADIUSdesk server.   * The destination IP Address will be the IP Address of the RADIUSdesk server.
   * The screenshot below assume the RADIUSdesk server has an IP Address of 178.32.59.137   * The screenshot below assume the RADIUSdesk server has an IP Address of 178.32.59.137
 +
 +<panel type="primary">
 +{{:technical:mikrotik:mikrotik_walled_garden_ip_list.png?nolink|}}
 +</panel>
  
 ----- -----
  
 === Replace the existing pages on the Mikrotik === === Replace the existing pages on the Mikrotik ===
-  * Copy these files over to the Mikrotik router's hotspot folder. (You may want to back-up the old files first).+  * Copy these files over to the Mikrotik router'**hotspot** folder. (You may want to back-up the old files first).
   * Everything should now be in place.   * Everything should now be in place.
   * Try to connect to the Mikrotik hotspot.   * Try to connect to the Mikrotik hotspot.
   * You should be redirected to the server serving the Central login pages.   * You should be redirected to the server serving the Central login pages.
- 
- 
-<panel type="primary"> 
-{{:technical:mikrotik:mt_hs_identity.png?nolink|}} 
-</panel> 
- 
  
  • technical/mikrotik-hotspot-advanced.1747199990.txt.gz
  • Last modified: 2025/05/14 07:19
  • by system