Centralized Hotspot service in MikroTik: Part 1

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

centralized hotspot service in microtic part 1. in this video centralized hotspot service in microtic part 1. i will try to demonstrate on how to configure a centralized hotspot service in microtic so we will have a main router where we will configure our hotspot service for the purposes of this demonstration we will only configure basic hotspot settings we will have tinker on other settings and just achieve a working hotspot with default templates also our hotspot users will only be configured locally we won't be making use of other features such as user man we will have other routers to serve our end clients but there will be no hotspot service configured on these routers as our objective is to centralize hotspot configuration and user management on our main router only but the end clients of these routers should be able to access the hotspot service authenticate and gain internet access this will be our demonstration topology for our centralized hotspot service in microtic so we have an internet cloud here we're in our main router or main micro is connected via ether1 so we should configure an internet connection to the to this one so basically our hotspot should provide internet to our end users so we will configure the corresponding whether it's a static ip or a dhcp client and the corresponding route and the corresponding network address translation then this microtic device is connected to our manage switch on port number 2 or ether two so as you can see this is a trunk port because it will allow vlans 88 and 99 to traverse to this link we have a sample management pc that is connected on port number three on this microtech router so this will be on the vlan 88 management segment so basically we will try to do some connectivity test see if this pc will be able to ping for example the management ip of this marketing hotspot router ether2 and ether3 will be a part of our bridge and we will create layer 3 vlan interfaces for that bridge and this will be the ip corresponding for those vlan interfaces so for vlan 88 this will be the management ip and for vlan 99 this will be the hotspot ip once we make sure that all of the prerequisites are in place so meaning to say we have created our bridge interface we make this ports as a member of the bridge we have configured our vlan appropriately and added 88 and 99 to this corresponding trunk ports and it's a pvid on e3 and once we determine that it can go to the internet then we will configure the hotspot service for this microtech router as noted on our intro so we will not go through each and every settings of the hotspot minou in micro tick so we would like only to achieve basic hot spot functionality with its default templates so as long as we are sure that it is providing hotspot service then that will be okay since our demo is just to illustrate that we have a main router with the hotspot service configured or installed and it is possible that these other routers or other site routers will be able to share or to communicate to the hotspot server as you may indulge and the clients will be able to authenticate via the hotspot user database in this main router so just in case you are curious on how this manage switch is configured or set up in gns3 obviously we will like to use an actual manage switch so but here on ether 2 and ether 3 they are configured as that one queue and not access port so basically it tells the manage switch that please consider ether1 ether 2 and e3 as a trunk port and finally this is only part 1 of the centralized hotspot video tutorial series so we will only settle or limit ourselves on this left side or left portion of this topology wherein the connection is wired so we will have another continuation for this centralized hotspot but this time we will configure real access points and for example we have a video for our micro disk light in order for our hotspot to traverse let's say if we have a sample site that is connected to our main router but not via wired connection but wireless connection so that will be on part number two or the next video tutorial of the centralized hotspot video tutorial series okay so i powered on our microtech device so if you want to review so we have our picture or screenshot of the topology so we are basically configuring this router empty hotspot and we are configuring from scratch so let's begin so let's click connect to this micro tick using winbox so our objective is this microtech router should be able to connect to the internet bridge will be configured and the corresponding ports will be added and vlan interfaces will also be configured and finally we will configure the hotspot okay so let's take care first of our internet connection so empty dash hotspot is connected to the internet via port 1 or ether 1 and perhaps we should rename or change the identity first of this micro tick router from the default micro tick name to micro tick empty hotspot next is if we take a look so our ether one will be our to the internet or the port towards the internet for simplicity our internet service provider that is somewhere located here is giving us an ip address so meaning to say we will configure our mt hotspot ether1 as a dhep client so you'll need to go to iep dhp client and ether1 is now configured with the dhcp client so if this is not here you just basically add the ether one either you use the peer dns or you have your own dns server or use peer intp or you have your own ntp server for us we will add default route unless you know the gateway or the next hub ip address then you can configure the ip routes from here but for us since this is not the core of our tutorial so let's just leave it as check so basically uh our our okay so let's try to verify if we are able to go to the internet so we can close this dhcp client window and go to tools ping and ping our favorite test ips so we can have the quadruple eight or we could have the quadruple nines so obviously if you want to resolve names so we could put here our dns servers so we have the dns servers already configured so if we will try to check if our router will be able to reach domain names so for instance google.com and ping another set of domain name so youtube.com and yes we are able to resolve names on our empty.hotspot router okay next will be to create the bridge interface and to add the corresponding ports that are members of the bridge so this task can be seen or you can check our video with regards to bridge vlan filtering so for more information so if we go back to our diagram ether2 and e3 are members of the bridge so bridge so let's just for simplicity make use of the default one bridge 1 as the name so ports will be ether2 and ether 3 okay so ether 2 is the one going to the manage switch and e3 is the one is connected or will be connected to the management pc so if you'll see the management pc will have a vlan of 88 so we could from here already configure e3 with the vlan of 88 so i double click the e3 go to the vlan tab and put in a pvid value of 88 for our management vlan for our ether2 we will just stay put with the vlan pv id1 unless there is a requirement to change into a different vlan number so next we'll go to vlans so remember we have two vlans 88 and 99 so we'll add them so bridge here we will add 88 first so the tag interface will be our bridge and also remember we have a connection to the switch this will also be a tag interface so ether2 will be added okay so two will be added here so apply okay and that is for vlan 88 so also vlan 88 is there is an e3 port that is an access port where in our management pc is connected to it so we can go back here and on the end tag portion we will select the ether three and we'll add ether three so apply okay so current and tag and current and tag or current tag or current attack you can change the columns to what is your configured tag and then tag so you can uncheck the current so to see what is the configured tag and and tag interfaces for this particular vlan so next is the hotspot vlan which is vlan 99 so we'll just simply go to vlans and click plus and 99 so the tag will remain the same so bridge one and add the ether to so again so the bridge and the ether two so there are no other ports that is either tag or and tag or access port for the hotspot vlan so this should be the only configuration for vlan id 99 so click apply click ok ok so unless we miss something so all is left here on the bridge menu is to go back to the bridge tab go inside the bridge settings and under the vlan tab check the vlan filtering so we will proceed and check the vlan filtering okay so we will close the bridge menu for now next is we go to the interfaces so remember we have two vlan interfaces so we have a layer 2 portion we're in vlan 88 and vlan 99 will traverse to this link however because it has or it needs to have an ip address so we will create a layer 3 interface so in this case a vlan interface so we need to go to the interfaces menu and from the interface tab we have some options here and we'll select the vlan interface so we'll select the vlan so you could put in a descriptive name you can put mgt for management for vlan number 88 and interface will be bridge okay so apply and okay so we have our first vlan so obviously you don't have any vlan id numbers or you can simply make use of the name to be a descriptive name so mgt vlan 88 okay so we have please have a vlan id number on the name to be descriptive enough next is we add another vlan which is hotspot vlan 99 and the vlan id is 99 and the interface will still be the bridge interface we click apply and we click ok so now we have two vlan interfaces under the bridge interface and all is left is to add or to create ip addresses for their respective vlan interfaces let's configure the ip addresses for our vlan interface so we can close this interface menu and head over to ip addresses so we have our dynamic ip address for our ether one so we will add this particular ip for our management which is vlan 88 10.88 that's 0.1 slash 24. so 10 that 88.0.1 slash 24 on our vlan 88 interface apply okay next will be for our hotspot so we'll just click plus sign then 99 that's 0.1 24. so let's just review and it's correct and let's select the correct interface hotspot the villa 99 interface apply okay so we now have our ip address configured for both of our vlan interfaces so after this is we could configure already our ip hotspot service for our hotspot service in this particular router but we could also do a check first see if our vlan is working and we could check on the management side so i could create a dhcp server for this management vlan 88 interface or for simplicity we could just assign a static ip address on this particular subnet 1088 0 that's 0 24 network and see if we will be able to communicate or connect to this empty dash hotspot router i powered up the pc simulator for our management pc so if we take a look at the current ip address it's not ipconfig or f config but for the simulator is show ip so i statically configured ip address 1088 0 that 100 on the same segment as our management vlan so for simplicity's sake so as just a static ip and now we will test by a pin command if we can be able to reach our vlan 88 interface at the ip address 1088 0.1 so if there is a reply on this ping test meaning to say at least our vlan configuration is working fine okay so let's now hit enter and see the response and yes there is a reply coming from 1088 0.1 so at least on the management side we are okay and we can now proceed further on our configuration of our empty hotspot router we are back here in our microtic router so we will now proceed to configure our hotspot service so we could close this address menu or window so we'll go to ip menu hotspot so if we'll take a look at the tab so there is no configuration yet okay on our hotspot service so again this is a video just to demonstrate how to configure central hotspot service so we will have a separate video in order to go to this menus or these tabs to further configure our hotspot but for this demonstration i will just make use of the hotspot setup or a wizard for us to be able to make a basic hotspot up and running all right let's proceed so click on the hotspot setup so under the hotspot interface so we will select our hotspot vlan 99 interface so click next it should display correctly what you configured as an ip address for your hotspot so in this case it should display 1099 0.1 24. we will masquerade the network okay so we will click next so this is the address pool again for simplicity i could change the range or address pull of our hotspot and we could also create our own set of pools but again this is not the time for detailed configuration of our hotspot so basically i'll just click next we don't have any certificate or ssl certificate for our hotspot let's click next we don't have any smtp server so we'll leave it as the default one or the given one so let's click next the dns servers okay i'm content with just having this one or quadruple eight or you could have your own dns servers so next dns name so that will be our domain name or name for our hotspot again so we'll just uh make use of this and as an example in crevinity dot wi-fi or perhaps even inquirinity.hotspot okay for our example so click next so the local hotspot user so you could perhaps change the admin to a different user and the password for this user again for simplicity sake is one two three four five six seven eight so once we click next so it should be completing or our setup unless there are some issues with what we have chosen or configured so click next and setup has completed successfully obviously you have again additional changes for example your templates for your design but again this is not the time for the detailed configuration for our hotspot okay so let us just go through to the what is configured by the hotspot setup so basically you have a hotspot server now under the hotspot villa 99 interface with the following timeouts addresses per mac you could change this one to what is the appropriate number okay address pool you can also change that one server profiles you now have a new server profile wherein you can change your name and obviously you could change any settings on here and if you are using a radio server and next is the users so we don't have any other extra users yet we will create one but we will just come back for this users tab so user profiles you could create your own user profiles whether it's shared user or not and their corresponding limits and if there are any active hotspot connection or connected to your hotspot network but not yet authenticated so so there are some things here to take a look at but again we are just making sure our hotspot is up and running and see to it if we can authenticate an example or sample hotspot user on a remote router also just a side note so by doing a hotspot setup so aside from what is created here on the hotspot menu so there are other extra settings that are added on your micro tick on the different facilities so namely if you will check your ip firewall filter so these are rules that are related to your hot spot okay so under the n80 or nat you'll also have the hotspot related nut rules and you could see some masquerade rule here on your hot spot network 10.9900 24. okay so we'll close this one and discuss that on future or later time okay so what we can do here is to add sample or test users so that we could assign it or provide it on our site one pc user which is connected on our mt-1 empty site 1 router so we will still configure this after we configure this router then we will connect the pc and see if it could see what we call the hotspot service on this particular router so for that we'll just go to the users tab again there is another way on adding or creating users so this is just the local user database which is built in already on the hotspot again there are more options to choose from okay so just uh add a user so for simplicity user one is one two three four five six seven eight okay so for simplicity sake i will not create any limits for us we'll just be able to determine if the hotspot service is extended to here and our site pc will be able to authenticate this particular user okay so apply okay so for our part two we will perhaps create another or extra user user number two but we will leave this user for now okay so i powered up the second router or the empty site one router so again there is no configuration yet so we'll click on this one and click connect so we'll maximize this one so for our microdeep so we will change the identity first so empty site number one okay so if you'll notice there is no bridge configured there are no ip addresses configured so pretty much this is a blank router without any configuration so we will now start configuring this empty site one router so basically we will just configure the interfaces to be a member of a bridge and corresponding vlan for the management because it has a management ip of 1088 0.2 other than that we will not configure any hotspot service here because again that's the objective of our tutorial that the hotspot service is centralized so ether1 and ether4 will be our members for our bridge so let's minimize this for a moment let's go to bridge menu add a new bridge so let's accept the defaults apply okay go to ports tab add the ether one apply okay add another one which is ether four apply and okay okay then i can go into ether four and go to the vlan tab and change the pv id to the hotspot vlan apply okay so if you notice here the ether 4 is connected to a site pc directly but obviously uh if we were having to have a hotspot interface you'll have an access point here so instant access point will be connected on the ether four rather than directly a pc so that our wireless clients such as laptop or a mobile device should be able to connect to that particular access point which has hotspot service connected via vlan 99 connected to our main router but if you are planning to have an access point that will carry multiple ssids other than this hotspot service then that will be another configuration and you'll have some tag configuration on the ether 4 as well so let's go to vlans and we'll add the vlan 88 for our management so again the tag interface will be ether1 as well as the bridge interface so let's tag the ether1 or the bridge first and the ether one interface apply and okay and we'll change the columns so that we will see what are really configured as the tag and the and tag ports or interfaces so let's add the vlan 99 so 99 here so we don't we will not be having an ip for our hotspot interfaces or hotspot interface so just add the ether1 as the tag interface okay so let's try this first apply and click ok so also we have an untagged interface on ether four okay so we'll also add the ether for but this time on the end tag interface apply and ok ok so we will just come back here if there are some settings that we need to adjust but for now let's leave it that way okay so on the bridge one vln88 bridge one ether one bridge one on villa 99 hotspot the tag is ether one the end tag is ether four now you go to the bridge menu or bridge tab and double click the bridge and on the vlan tab we enable the vlan filtering apply okay so we'll close the bridge window or breach menu for now let's add the management vlan interface so we go to interface menu add a vlan interface so again mgt 88 and this is vlan number 88 on the bridge menu apply okay next is we'll add an ip address for that management interface which is 10 88.0.24 okay so apply okay so we could now perhaps test from the management pc here see if our vlan configuration are is working by testing or issuing a ping command so this is also in 1088.00 network so it should be able or this pc should be able to reach the management ip of this empty site one router so let's try this time so we are back at our management pc so this one so again it still carries an ip of 1088 0 that 100 so let's us confirm again if we will be able to reach the empty hotspot router and yes so but our objective is can we now reach our second router which has a management ip of 1088.002 from the management pc that is actually connected on this router and not on this router okay so here we go and yes we have successfully reached or connected to our second router so now all what's left is to turn on this sample pc so it has a browser here which we could test if first we could acquire a hotspot network ip so we should be able to acquire 10990. something on our pc here and next we should be able to see the hotspot page or default page and finally we will issue the username and password or type in the username and password and see if it can authenticate to this hotspot network and for final verification if this site pc will be able to go or access the internet so i powered up the site one dash pc so if you take a look and review the diagram so the site one pc is connected to the ether four interface okay so in this simulator so use dhcp so there's no static ip and we'll check on the terminal see if it obtains an ip so remember we don't have any dhcp server here on our mt site one so meaning to say the dhcp server or the provider of the ip address is coming from this router so the empty dash hotspot when you configure a hotspot setup it will also create a dhcp server here on this particular router so that is what we are expecting or what we are aiming that we can get an ipv from that particular router so let's now if config so you'll notice that yes indeed we got an ip 10.99.0 and if we'll try to perform a ping on our hotspot interface so 10.99.0.1 we don't have any response yet okay so because we need in hotspot we need to authenticate first and issue that particular username and password for our hotspot interface i just want to show quickly that on the hotspot router under the hotspot menu under the host tabs so you could see that our pc1 is indeed displayed or listed here as it acquires an ip address 1099 0.254 however we are not yet on the active table so we will now issue this user one and the password is one two three four five six seven eight for our example and we will use these credentials to log into our hotspot service now let's try to log in or to access that hotspot page we'll close this for now and type in the dns name of our hotspot so including the dot hotspot and yes indeed we now have the beautiful default hotspot template or page by micro tick of course you are free to change to the hotspot design appropriate for your business or for your company so but this one is only a demonstration so user one one two three four five six seven eight so we'll now authenticate based on this particular user so let's click connect and indeed we are now connected and if we take a look at the active table so we are now also here so once you authenticate you are not only in this host table but also you are now on the active table so one final verification is let's test our connection to our router and to the internet sites or to internet addresses so let's begin with the 99.0 that one so a while ago that we haven't authenticated yet this could not be rich and now we have a response let's ping some public eyepiece and yes there is a response and let's try to ping www.youtube.com and yes indeed there is a response as a summary we successfully configured a centralized hotspot service so we have a main router where we configure hotspot and we make use of vlan to our main router manage switch and site routers as tested our hotspot end user was able to get an ip address reach or open the hotspot page authenticate and gain internet access so see you on our upcoming video for the next part of this tutorial thank you for watching

Info

Channel: Inquirinity

Views: 1,574

Rating: undefined out of 5

Keywords:

Id: 5Vp4M_tn7_0

Channel Id: undefined

Length: 40min 14sec (2414 seconds)

Published: Thu Jul 01 2021