Умер Hotspot после обновления 6.44.6 -> 6.45.8 (long term)

Тема в разделе "Беспроводные технологии", создана пользователем Stawros IT, 5 фев 2020.

  1. Stawros IT

    Stawros IT Новый участник

    После обновления прошивки 6.44.6 (long term) -> 6.45.8 (long term) Hotspot перестал перенаправлять устройства на html страницу авторизации.
    Пробовал и чистую настройку Hotspot с версией 6.45.8 (long term), результат тот же.
    Помогите пожалуйста разобраться, может в настройке накосячил.

    # feb/04/2020 14:26:04 by RouterOS 6.44.6
    # software id = 664P-LBHZ
    #
    # model = RB941-2nD
    # serial number =
    /interface bridge
    add admin-mac=74:4D:28:F4:A4:41 auto-mac=no comment=defconf name=bridge
    /interface list
    add comment=defconf name=WAN
    add comment=defconf name=LAN
    /interface wireless security-profiles
    set [ find default=yes ] supplicant-identity=MikroTik
    add authentication-types=wpa2-psk disable-pmkid=yes eap-methods="" \
    management-protection=allowed mode=dynamic-keys name="profile Coffee" \
    supplicant-identity="" wpa2-pre-shared-key="password"
    /interface wireless
    set [ find default-name=wlan1 ] band=2ghz-b/g/n country=ukraine disabled=no \
    distance=indoors frequency=auto frequency-mode=regulatory-domain \
    installation=indoor mode=ap-bridge security-profile="profile Coffee" \
    ssid=Coffee wireless-protocol=802.11 wps-mode=disabled
    /interface pppoe-client
    # Client is on slave interface
    add add-default-route=yes disabled=no interface=wlan1 name="PPPoE ISP" \
    password=1 use-peer-dns=yes user=1
    /interface wireless
    add arp=reply-only disabled=no keepalive-frames=disabled mac-address=\
    76:4D:28:F4:A4:45 master-interface=wlan1 multicast-buffering=disabled \
    name=hs-wlan2 ssid="FREE WIFI" wds-cost-range=0 wds-default-cost=0 \
    wps-mode=disabled
    /ip hotspot profile
    add hotspot-address=10.5.50.1 login-by=http-chap,trial name=hsprof1 \
    trial-uptime-reset=1s

    /ip pool
    add name=default-dhcp ranges=192.168.88.10-192.168.88.254
    add name=hs-pool-8 ranges=10.5.50.2-10.5.50.254
    /ip dhcp-server
    add address-pool=default-dhcp disabled=no interface=bridge name=defconf
    add add-arp=yes address-pool=hs-pool-8 disabled=no interface=hs-wlan2 \
    lease-time=1h name=dhcp1
    /ip hotspot
    add address-pool=hs-pool-8 disabled=no interface=hs-wlan2 name=hotspot1 \
    profile=hsprof1
    /interface bridge port
    add bridge=bridge comment=defconf interface=ether2
    add bridge=bridge comment=defconf interface=ether3
    add bridge=bridge comment=defconf interface=ether4
    add bridge=bridge comment=defconf interface=pwr-line1
    add bridge=bridge comment=defconf interface=wlan1
    /ip firewall connection tracking
    set tcp-established-timeout=1h
    /ip neighbor discovery-settings
    set discover-interface-list=LAN
    /interface list member
    add comment=defconf interface=bridge list=LAN
    add comment=defconf disabled=yes interface=ether1 list=WAN
    add interface="PPPoE ISP" list=WAN
    /ip address
    add address=192.168.88.1/24 comment=defconf interface=bridge network=\
    192.168.88.0
    add address=10.5.50.1/24 comment="hotspot network" interface=hs-wlan2 \
    network=10.5.50.0
    /ip cloud
    set ddns-enabled=yes
    /ip dhcp-client
    add comment=defconf dhcp-options=hostname,clientid interface=ether1
    /ip dhcp-server network
    add address=10.5.50.0/24 comment="hotspot network" gateway=10.5.50.1
    add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
    /ip dns
    set allow-remote-requests=yes servers=10.5.50.1
    /ip dns static
    add address=192.168.88.1 name=router.lan
    /ip firewall address-list

    /ip firewall filter
    add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
    add action=accept chain=input dst-port=8291 in-interface-list=WAN protocol=\
    tcp src-address-list="Allow WAN List"
    add action=accept chain=input comment=\
    "defconf: accept established,related,untracked" connection-state=\
    established,related,untracked
    add action=drop chain=input comment="defconf: drop invalid" connection-state=\
    invalid
    add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
    add action=drop chain=input comment="defconf: drop all not coming from LAN" \
    in-interface-list=!LAN
    add action=accept chain=forward comment="defconf: accept in ipsec policy" \
    ipsec-policy=in,ipsec
    add action=accept chain=forward comment="defconf: accept out ipsec policy" \
    ipsec-policy=out,ipsec
    add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
    connection-state=established,related
    add action=accept chain=forward comment=\
    "defconf: accept established,related, untracked" connection-state=\
    established,related,untracked
    add action=drop chain=forward comment="defconf: drop invalid" \
    connection-state=invalid
    add action=drop chain=forward comment=\
    "defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
    connection-state=new in-interface-list=WAN
    /ip firewall nat
    add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
    add action=masquerade chain=srcnat comment="defconf: masquerade" \
    ipsec-policy=out,none out-interface-list=WAN
    add action=masquerade chain=srcnat comment="masquerade hotspot network" \
    src-address=10.5.50.0/24
    /ip firewall service-port
    set ftp disabled=yes
    set tftp disabled=yes
    set irc disabled=yes
    set h323 disabled=yes
    set sip disabled=yes
    set pptp disabled=yes
    set udplite disabled=yes
    set dccp disabled=yes
    set sctp disabled=yes
    /ip hotspot user
    add disabled=yes name=admin
    /ip service
    set telnet disabled=yes
    set ftp disabled=yes
    set www disabled=yes
    set ssh disabled=yes
    set api disabled=yes
    set api-ssl disabled=yes
    /system clock
    set time-zone-name=Europe/Kiev
    /tool mac-server
    set allowed-interface-list=none
    /tool mac-server mac-winbox
    set allowed-interface-list=LAN
    /tool mac-server ping
    set enabled=no
     
    Последнее редактирование: 5 фев 2020
  2. Илья Князев

    Илья Князев Администратор Команда форума

    А если назад окатиться работает?
     
  3. Stawros IT

    Stawros IT Новый участник

    Работает.
     
  4. Илья Князев

    Илья Князев Администратор Команда форума

    Значит откатиться и отправить Bug Report производителю не забыв приложить Suppout.rif