Ralph, Depending on what your intended use really is, have a end user router that uses PPPOE and connects into your network is by far the easiest. Matter of fact, when I was with Boingo many years ago, we used Mikrotik Hotspot for general users and then run PPPOE on the hotspot interface, that allowed PPPoE clients to still connect and log in and bypass the hotspot interface, which allowed us to service "private clients" or airport concession businesses POS systems.
If you don't want to use PPPoE, Mikrotik's DHCP Server will now radius authenticate and you can still control bandwidth and see who's on. Take a look at the following documentation --- https://wiki.mikrotik.com/wiki/Manual:IP/DHCP_Server All of the radius attributes that are supported are listed. You will need to set something like FreeRadius up or a supported billing system and Mac authenticate your clients. The only issue doing this is that every time a client device changes, you will need to update the database, unless those devices are behind a CPE type router. If I were setting up a new network today, that's the route I would go, using DHCP Radius Auth against a known CPE device you give out. Brian Brian Vargyas Managing Director Baltic Networks USA 2200 Ogden Ave, Suite 240 Lisle, IL 60532 USA [email protected] 630.929.3610 <te:+16309293610> x21 Direct 888.929.3610 <tel:+18889293610> x21 Toll Free www.balticnetworks.com <http://www.balticnetworks.com/> On 1/21/18, 5:46 PM, "[email protected] on behalf of ralph via Mikrotik-users" <[email protected] on behalf of [email protected]> wrote: I have a lot of sites using MT Hotspot with an offsite RADIUS backend that handles billing and customer speed control, etc. This is fine for when the customer has a browser equipped device. They just log in via the portal and away they go. But now there are many new devices that don't use browsers, things like smart thermostats, smart TVs, certain game consoles and who knows what else. MT (and my backend) have MAC Authentication (where you set MAC as one of the login methods in the hotspot) for those sorts of devices. However that only works if the device initiates an HTTP connection. On HTTPS, no auto login and on a lot of these other devices no auto login either. So I end up having to put these device's MACs into an IP Binding table in the MT hotspot. Works great. But I lose all tracking of the user, I can't control their speed, and I don't even know they are on line. But the worst part is that now I have to manually track whether or not their subscription is current. Sometimes I forget to and their devices get free service for months. But I think there must be a way I can do the following: 1. Let their MAC just pass through without going through the hotspot. 2. Limit the device's speed to that of their subscription 3. And optionally, have the rule go away on a certain date (or after a certain period of time) I'd be ecstatic if I could just get #1 and #2. I don't know anything about "Manual Queues", only the ones the hotspot creates upon login. Can someone help me out? Thanks, Ralph _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users _______________________________________________ Mikrotik-users mailing list [email protected] http://lists.wispa.org/mailman/listinfo/mikrotik-users
