So you simply put any address you want redirected into a list named 'suspended' and these rules handle the rest.
On Tue, Dec 29, 2015 at 12:19 PM, Cameron Crum <[email protected]> wrote: > and that nat rule needs to be at the top of your rules. > > On Tue, Dec 29, 2015 at 12:19 PM, Cameron Crum <[email protected]> wrote: > >> Here is the setup script...obviously you need to adjust the urls and >> address range on the last line to fit your needs. >> >> /ip firewall filter >> add action=accept chain=input comment=\ >> "Allow Proxy - redirect suspended users" disabled=no dst-port=16099 \ >> protocol=tcp >> add action=jump chain=forward disabled=no jump-target=Suspended \ >> src-address-list=suspended >> add action=accept chain=Suspended disabled=no dst-port=443 protocol=tcp >> add action=accept chain=Suspended disabled=no \ >> dst-port=53 protocol=udp >> add action=log chain=Suspended disabled=no >> dst-address-list=!PaymentGateway \ >> limit=5/1m,10 log-prefix="" >> add action=reject chain=Suspended disabled=no reject-with=\ >> icmp-admin-prohibited >> >> /ip firewall nat >> add action=redirect chain=dstnat comment="Redirect Rule for suspend users >> - chan\ >> ge To Address under action to portal page" disabled=no dst-port=80 \ >> protocol=tcp src-address-list=suspended to-ports=16099 >> >> /ip proxy >> set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 >> cache-on-disk=no enabled=\ >> yes max-cache-size=none max-client-connections=600 max-fresh-time=3d >> max-server-connections=\ >> 600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=16099 >> serialize-connections=no src-address=\ >> 0.0.0.0 >> /ip proxy access >> add action=allow disabled=no dst-host=www.mycompany.com >> add action=deny disabled=no redirect-to= >> https://www.mycompany.com/redirectpage.html src-address=\ >> 10.x.x.x/x >> >> On Tue, Dec 29, 2015 at 12:14 PM, Ken Hohhof <[email protected]> wrote: >> >>> With everyone switching to “devices” and “apps”, some people never see a >>> redirect or in-browser notification. If it doesn’t show up on the Xbox, >>> Roku, Smart TV, or iPhone app, they never see it. >>> >>> *From:* [email protected] >>> *Sent:* Tuesday, December 29, 2015 11:47 AM >>> *To:* [email protected] >>> *Subject:* Re: [AFMUG] redirect customers ip to nonpayment page on >>> miktroik >>> >>> http://www.perftech.com/ >>> >>> *From:* Cameron Crum <[email protected]> >>> *Sent:* Tuesday, December 29, 2015 10:28 AM >>> *To:* [email protected] >>> *Subject:* Re: [AFMUG] redirect customers ip to nonpayment page on >>> miktroik >>> >>> If your customers have static ip assignments you can use an address list >>> and web proxy. If not, then there probably is no other way. >>> >>> On Tue, Dec 29, 2015 at 11:25 AM, Tim Reichhart < >>> [email protected]> wrote: >>> >>>> I am looking to redirect customers ip to non-payment page on miktroik >>>> and I do nat at core router and i dont have radius setup. >>>> >>>> Tim >>>> >>>> >>>> >>>> >>>> >>>> >>> >> >> >
