Please note: Three guides are provided using Mikrotik Winbox program as an interface with the RouterOS. The Winbox program can be obtained from the MikroTik website:
Start by logging into you Mikrotik device
Basic Router Setup
Before you follow the instructions in this guide it’s important that you decide which port you will assign the role of WAN, and whether you plan to use the inbuilt WiFi for the hotspot or one of the LAN ports in conjunction with additional APs.
The WAN port is where you connect the MikroTik to your existing router, for our guide we use Ethernet port 1 on the router
Click on IP > DHCP Client
Click on the “+” and enter the below settings:
Click on Radius on the left menu
Then in the Radius dialoge box, click on the “+”
And enter the below settings:
On Radius window, click on the “+” again, and enter the following settings:
Click on IP > Hotspot on the left menu and then, Hotspot Setup to start the Hotspot set up ‘wizard’ and configure with the below settings: (after each one, click Next)
Click on OK to complete
On the Hotspot Window, on the Server tab, double-click the hotspot you’ve just created to load the Hotspot Server Window.
Change the Name to the MAC address of your Mikrotik as printed on the bottom of the device. This is the first MAC address on the label. If you cannot find it, go to “Interfaces” on the left menu and then click on “ether1-gateway” and use the MAC listed there. Note: the format of the MAC should be as shown, i.e.: AA-BB-CC-DD-EE-FF (all capitals with hyphens between each two digits)
Supplemental WLAN Set up details:
If you chose WLAN for your hotspot during your setup the Interface on Hotspot Server above will say WLAN for your Interface. You will now need to enable the SSID you intend to use: On the left hand menu, click on “Wireless” and on the Wireless Tables window press the Tick icon to enable the WiFi.
To define the SSID double-click on the wlan1entry in this view and click on the Wireless tab.
Below check: Default Authenticate, Default Forward
Hotspot Server Profile Settings
Returning to setting up the Hotspot service setup: on the Hotspot Window, (IP > Hotspot) click on the Server Profiles Tab.and double-click on the newly created Profile.
On the Hotspot Server Profile dialogue window; set the following:
On the General tab:
- Hotspot Address: 10.1.0.1
On the Login tab:
- HTTP PAP: Ticked
- All others: Unticked
On the RADIUS tab:
- Use RADIUS: Ticked
- MAC Format: XXXXXXXXXXXX (In uppercase)
- Accounting: Ticked
- Interim Unpdat: 00:15:00 Click OK to save
On the Hotspot Window click on User Profiles and double click on the default entry.
Set the following:
- Session Timeout: 24:00:00
- Idle Timeout: 00:30:00
- Keepalive Timeout: blank (click the up arrow to wipe the value)
Click OK to Save
Setting Up the Wall Garden:
On the main Winbox interface, click New Terminal to open the Terminal Window
- Copy the following text:
/ip hotspot walled-garden
add dst-host=*insert access_domain here*
- and Paste this into the Terminal Window (press Control+Shift+Insert on your keyboard)
- Press Enter to run command
If you wish to support social network logins, you also need to copy and paste the blocks below for each network you plan to support, in the terminal window
This will create the Walled Garden settings; this can be reviewed from the main Winbox interface, click IP, then Hotspot and select the Walled Garden tab.
Creating the Login Journey Parameters:
The final step is to upload two files to the router which handle the redirection to your customised splash page.
- Click on “Files” on the left menu.
- Save the two HTML files below
- Drag and drop the two .html files you downloaded into the “hotspot” folder in the File List window
In the login box displayed during the login, it is possible to connect a Foursquare account to an existing Facebook account. In order to allow this operation, it is necessary to add also the walled garden entries for Facebook.
In the login box displayed during the login, it is possible to connect a Pinterest account to an existing Facebook, Google+ or Twitter account. In order to allow this operation, it is necessary to add also the walled garden entries for Facebook, Google+ or Twitter.