Configuring Mikrotik gateways

Purpose of this document

• This document should be used in conjunction with Mikrotik user guide for configuring your Mikrotik gateways in WiOS. Please refer to WiOS administrator guide and Mikrotik user guide for detail information.It assumes that the user has basic knowledge of networking including configuring subnet mask, RADIUS setting, default gateway and DNS configuration.
• In order to configure Mikrotik you will need a public IP address, Subnet mask, default gateway and DNS information given to you by your Internet Service Provider. Please keep this information handy while setting up your gateway.
• Configuring WiOS you will need the WAN public IP address, MAC address, RADIUS secret and serial number  of your Mikrotik gateway.
• You need an active WiOS account. Please contact Wifi-soft sales to create your WiOS account.

WiOS Setup

Add New Network:

1. Open a web browser and type https://wios.wifi-soft.com/index.php and press Enter. Welcome screen of WiOS Cloud appears.

2. Click the Networks link under Network Administration section.

3. Click on the + sign in the top right corner tab. The New Network page appears.

Fields and Buttons	Description
Network Name	Enter the name of your network/hotspot
Device Type	Select the device type (Mikrotik) of your hotspot gateway or controller
Venue	Select the type of venue
Address	Displays the address of the network. You need to use the map to locate your address on the map. If you know the address, type the address in the search box on the map and click on search button. The map will display the marker for the address. If you unable to find the exact address, drag the map so the marker is pointing to correct location on the map.
Country	The country where the hotspot is located.
Latitude	The latitude of the network location
Longitude	The longitude of the network location

Submit

Click Submit button to save the changes.

Once the network is added, go back to the List Network page and locate the network that you have recently added.

Then, click on the edit button for the given network.

At the bottom of the page, you will find the Enable hotspot option.

Check this option to enable hotspot for this network. The hotspot settings appear below the form.

Fields & Buttons	Description
Enable hotspot	Check this option if you want to enable hotspot service for this network.
Autologin	Enable autologin for this location. Autologin helps end users connect to hotspot automatically without having to login each time. The MAC address of the device is used to identify the device on the network and system automatically validates the MAC address of the device and authenticates it. Please note that you need to enable Mac Authentication feature in the Mikrotik settings.
Validity Period	The time period for autologin to remain active. After the given period, the autologin entry is deleted and user will have to relogin.
Auto MAC Capture	Instructs the system to capture the user's MAC address automatically during first login. This option will ensure that user will remain online even if he has disconnected on the network for some time.
NAS ID	Auto generated NAS ID for the gateway. This NAS Id should be added to the gateway so it can authenticate with the system. You need to copy the NAD ID and enter it in the gateway settings.
Secret	Shared secret between gateway and RADIUS server. You need to add the secret to the gateway. The secret is used to encrypt the communication between gateway and RADIUS server. You need to copy the shared secret and enter it in the RADIUS settings of the gateway.
IP Address	Enter the Public IP address of the gateway if you know it. Otherwise use the default one.
Plan	Select the plan based on your requirements. The plan will restrict the number of concurrent devices allowed on the network.
Interim Interval	Enter the interim interval for the accounting packets in seconds. Sometime this setting needs to be done on the gateway.

Once the hotspot is enabled, WiOS will be ready to start accepting AAA requests from the gateway/controller. When the hotspot is added, WiOS will automatically add a default captive portal for the hotspot. You may go an edit the captive portal and customize it as per your requirements.

Now you will need to design a captive portal for your hotspot and generate a URL that can be configured in the gateway/controller's settings.

Please refer to the captive portal design guide for steps to design your custom captive portal.

 

 Mikrotik Setup

We have assumed that you have properly connected your Mikrotik gateway a broadband connection that has a static public IP address. Additionally, your Mikrotik gateway admin interface is accessible either via the LAN interface or via the public WAN interface as shown in the figure below. 

You need WinBox executable to access the complete Mikrotik configuration.

1. Download Winbox from Mikrotik website, or use the link provided on the web login page of your Mikrotik gateway.

 2. Enter corresponding IP Address in the Connect to field.

  3. Enter the Login name in Login field.

  4. Enter Password in the Password field.

  5. Select all the check boxes.

  6. Click Connect button.

Mikrotik Winbox welcome appears.

Configure Hotspot

Click Hotspot option under IP link (in the left pane).

Hotspot popup window will appear. Click Hotspot Setup button.

Hotspot Setup pop up appears.

1. Select hotspot interface to run hotspot from Hotspot Interface drop down menu (Ethernet or Bridge port). All your WiFi network should be connected to this port.  Click Next.
2. Enter hotspot address for the interface in Local Address of Network Click Next.
3. Enter the pool address for hotspot in Address Pool of Network Click Next.
4. Select hotspot SSL certificate from Select Certificate drop down menu. Click Next.
5. Enter SMTP server IP address in IP Address of SMTP Server Click Next.
6. Enter DNS configuration in DNS Servers Click Next.
7. Enter DNS name of local hotspot server in DNS Name field. Click Next. You will receive a message Setup has completed successfully.

Radius Server configuration

1. Click the Radius link (in the left pane). New Radius Server pop up window appears.

 2. In General tab, select the hotspot check box.

  3. Enter the RADIUS server IP address in the Address field. Default : 3.20.135.30. Please note that if you have separate instance, the IP will be different.

  4. Enter secret in the Secret field. The secret should match the secret in WiOS. You will find the secret configured for the network under the Network Administration -> Networks -> Edit Network settings.

  5. Enter Authentication port number as 1812 in Authentication Port field.

  6. Enter Accounting port number as 1813 in Accounting Port field.

  7. Enter timeout as 10000 in the Timeout field.

  8. Click Apply button.

Server Profiles

1. Click Server Profiles under Hotspot. Click + in the left corner. New Hotspot Server Profile pop up appears.

2. Enter DNS name for hotspot in General tab.

  3. Enter the IP address of your Mikrotik gateway in the Hotspot Address field.

  4. Click OK button.

Click Login tab

1. Select the HTTP PAP check box.
2. Click OK.

Click RADIUS tab

1. Click Use RADIUS check box.
2. Select the MAC Format from the MAC Format drop down menu which will be separated by -.
3. Click OK button.

 

Wall Garden links for your hotspot

To add Wall Garden links

1. Click the Wall Garden tab.
2. Click the + button in the top left corner.

 

3. Enter the Wall Garden URL in the Host field. You can enter as many Wall Garden links to your hotspot.Add the following URLs to the wall garden links under Dst Host field -

wios.wifi-soft.com

portal.wios.wifi-soft.com

www.wifi-soft.com

4. Click Apply button, and click OK.

Changing NAS ID

Next you need to change the NAS ID for the Mikrotik to match the NAS ID for the hotspot. To change the NAS ID for Mikrotik -

1. Go to System -> Identity section in Mikrotik.

2. Copy the WiOS Hotspot NAS ID under Edit Network section and paste it in the text field.

Editing login.html

Next you need to edit the login.html file and put the code for redirection to an external captive portal (login page). 

To edit login.html,

1. Go to Files section in the left menu. You will see the list of files in the right window.

2. Select the file login.html and drag the file on your windows desktop or folder.

3. login.html will be saved on your local computer.

4. Edit the file and replace all the content of the file with the html source below.

<html>
<head>
<title>Please wait...</title>
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="cache-control" content="no-cache">
<meta http-equiv="expires" content="-1">
</head>
<body>
<form name="redirect"
action="http://captive-portal-url"
method="post">
<input type="hidden" name="mac" value="$(mac)">
<input type="hidden" name="ip" value="$(ip)">
<input type="hidden" name="username" value="$(username)">
<input type="hidden" name="link-login" value="$(link-login-only)">
<input type="hidden" name="link-orig" value="http://welcome-page-url">
<input type="hidden" name="error" value="$(error)">
</form>
<script language="JavaScript">
<!--
document.redirect.submit();
//-->
</script>
</body>
</html>

Note: Please replace the highlighted text with the captive portal URL and  welcome URL specific to your hotspot.

5. Save the changes and drag the edited file back into the files section. Please upload it on the same file.

6. To make sure that the file is correctly uploaded, check the size of the file. It should change.

7. If you connect to hotspot, you should get the captive-portal-url you have specified in the code above.