MikroTik: HotSpot https (not) working

Home / MikroTik / MikroTik: HotSpot https (not) working

Maybe you are familiar with the problem that sometimes HotSpot won’t show the login page or if it shows it, you can’t access any website that start with “https”.

There are solutions to the problem that involve buying a signed certificate (example: commodo or rapid SSL) and implement it into your HotSpot or to create a self-signed certificate from your MikroTik router. If you use a self-signed certificate, every browser will warn you that you are accessing a website with unknown and insecure certificate. That message could potentially scatteer of all your HotSpot users.

There is a cool workoaround that my MikroTik trainer has taught me. Actually you need to allow preauthenticed HotSpot users to access Google via https and after that users will be redirested to your HotSpot Login Splash page.
Step 1

Redirect your users to Google after successful login -> explained in this tutorial http://www.itino.net/how-to-redirect-user-to-a-specific-url-after-successful-mikrotik-hotspot-login/

Step 2

In your Walled Garden configuration write this:

/ip hotspot walled-garden
add src-address=172.30.16.0/24 (this is optional to put your HotSpot subnet as the source)
add dst-host=:^www.google.*$
add dst-port=443

or

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

Visit Us On LinkedinVisit Us On Google PlusCheck Our Feed