Professional Documents
Culture Documents
Mikrotik Aradial Configuration Guide PDF
Mikrotik Aradial Configuration Guide PDF
Mikrotik Aradial Configuration Guide PDF
2012 Aradial
This document contains proprietary and confidential information of Aradial and Spotngo and shall not be reproduced or
transferred to other documents, disclosed to others, or used for any purpose other than that for which it is furnished,
without the prior written consent of Aradial. It shall be returned to the Aradial upon request.
The trademark and service marks of Aradial, including the Aradial logo, are the exclusive property of Aradial, and may
not be used without permission. The trademark and service marks of Spotngo, including the Spotngo logo, are the
exclusive property of Spotngo, and may not be used without permission. All other marks mentioned in this material are
the property of their respective owners.
http://www.aradial.com
0H
http://www.radius-server.com
1H
http://www.wifi-radius.com
2H
http://www.spotngo.ca
3H
Document Information
Software Version:
Document Version:
Publication Date:
Author
Page 2
5.x
2.0
July 2012
Tomer Shahaf
Contents
Overview....................................................................................................................................................................... 4
General ....................................................................................................................................................................... 4
Sample Network deployments ................................................................................................................................ 5
Centralized Deployment: .................................................................................................................................... 5
Localized Deployment: ....................................................................................................................................... 6
Mikrotik Router OS Initial Configuration ............................................................................................................. 8
IP configuration: .................................................................................................................................................. 8
Winbox GUI configuration. ............................................................................................................................ 9
Hotspot Configuration:........................................................................................................................................... 14
Radius Server Configuration:........................................................................................................................... 15
Hotspot Setup:.................................................................................................................................................... 16
Editing the Hotspot profile: .............................................................................................................................. 20
Walled Garden: .................................................................................................................................................. 23
External Captive portal redirection:................................................................................................................. 24
Aradial URL Redirection links: ....................................................................................................................... 29
Page 3
Overview
General
This document is created to provide a sample deployment guide for a centralized deployment utilizing
Aradial Radius server, Spotngo Payment module and Mikrotik Router OS Network Access Server.
The document contains information relevant to central, localized and distributed network deployments.
Additional documentation for Aradial, Spotngo Payment module and Mikrotik are available in their
respective installations.
Aradial Documentation is located in the 'Docs' folder or can be opened from the 'start', 'programs,'
Aradial, selecting Manual.
Aradial and Spotngo Web Services:
Default Built in Web services:
Aradial Web Admin is available at: http://locahost:8000 (user: admin, password: password).
Aradial Client Web Self Care module is available at: http://locahost:8001
Aradial Hotspot Captive Portal is located at: http://locahost:8002
Spotngo Captive portal is available at: https://localhost
Spotngo Web Admin is available at https://localhost/Payment?page=mainadmin
Using IIS Web Server:
Aradial Web Admin is available at: http://localhost/ardweb/ardadminis.dll (user: admin,
password: password).
Aradial Client Web Self Care module is available at: http://localhost/ardweb/ardwscis.dll
(Login with the end user credentials)
Aradial Hotspot Captive Portal is located at: http://localhost/ardweb/ardportalis.dll
Spotngo Captive portal is available at: http://localhost/ardweb/spngpaymentis.dll
Spotngo Web Admin is available at
http://localhost/ardweb/spngpaymentis.dll?page=mainadmin
This document intended for the configuration of the network assuming Aradial and Spotngo Payment
Modules are installed.
Page 4
Modem
Hotzone n
`
Switch
Wired
Client
AC / AP
AP
PDA
PDA
PC with
Wireless Client
PDA
When the user tries to surf
the Access Controller
redirects him to a SSL
secured login page
Page 5
Hotzone 2
Laptop
Laptop
Page
Redirect
+ Session
control
Notes:
Hotzones are located at a different geographical location each
with their own internet connection. Access controllers will perform
the AAA (Authentication, Authorization and Accounting) through
the centralized Aradial Server.
The network further supports roaming, and custom branding per
location, dealers and affiliates.
Aradial Radius server can be deployed in a redundant high
availability.
Supports a wide range of access controller and access points.
Please Inquire for additional information
ckh
Ba
Link
haul
au
lL
ink
Back
Localized Deployment:
Typically used in stand alone venues including air ports, hotels, small ISP, WISP, call shops,
cyber cafes and corporate. The Aradial radius server, Billing solution and Access controller are all
deployed locally on site.
Page 6
MP l
PT khau
c
Ba
In the sample network diagram above, the Mikrotik will provide session control, captive portal
redirection and authentication for wired clients connected to the switch or wireless clients
connected through the Access points.
Page 7
xDSL / Cable
Etc.
Modem
Router
Static IP: 192.168.5.10
xDSL / Cable
Switch
Page
Redirect
+ Session
control
PDA
Aradial
Radius
Server +
Login Page
Web Server
Page
Redirect
+ Session
control
Modem
Integrated Mikrotik
Access Controller &
Access Point
PC Computer with
Wireless Card
Remote
Locations
PDA
Laptop
***Note: All IP assignments in this diagram are for example only and should be replaced with existing network IPs. The
Mikrotik LAN IP will be assigned during the Hotspot setup.
***Note: All IP assignments in this diagram are for example only and should be replaced with existing network IP addresses. The Mikrotik
LAN IP will be assigned during the Hotspot setup and the hotspot DHCP server will assign IP to the clients. Static IP Clients out of the
range of the hotspot will be assigned local IP which will bind to the client preset IP to support service to any IP.
Page 8
Page 9
Open a web browser and type the address assigned to the router:
Then click on Download it link on the top left to download the Winbox.
See router page below.
Once downloaded, you can run it to access the router, enter the device IP address,
username and password. The default credentials are username: admin and no password.
Page 10
Page 11
Page 12
Once the devices are discovered and displayed as below, you can right click on the Router OS
select tools then select Winbox.
The Winbox GUI:
Winbox is one of the main tools used in deploying and configuring the router OS.
In this portion of the manual we will concentrate on the hotspot configuration, additional
deployment types will be added in the future.
Page 13
Hotspot Configuration:
The hotspot configuration includes the following settings:
1.
2.
3.
4.
5.
Page 15
Hotspot Setup:
On the Left hand menu go to IP then Hotspot.
Then click on the + sign to add an hotspot interface.
Page 16
Click on Setup
Select the hotspot interface typically ether2 or Wlan1
Page 17
If you have an SSL certificate for the Mikrotik Already, enter it now or you can add it later.
If you would like to offer SMTP server to your hotspot clients, enter it now, or you can enter it later.
Most Hotspot providers will not add their SMTP server to avaid clients registering for short period
and using their servers for spam.
Page 18
Enter the local DNS name for the Mikrotik. This is used for the Aradial Radius server Portal
posting. It can further be changed in the Aradial and Spotngo Portal to match the service
providers choice for the local DNS name.
Aradial Default setting is: wireless.aradial.com
Enter an admin hotspot user for local account in case you have to get in through the captive portal
when to correct a miss configuration.
This users credentials will be stored on the router and the authorization requests will not be sent
Aradial.
Page 19
In the main hotspot menu, click on Server Profiles and double click the profile you would like to
edit.
On the Tab menu on top, go to Login
Page 20
In the Login menu, uncheck the HTTP CHAP and Cookie and check the HTTP PAP
Page 21
Walled Garden:
Walled garden is the allowed sites which can be accessed prior authentication by the hotspot
clients. Typically used for the service providers captive portal, their site, additional information
about the venue, terms and conditions, etc
In Order for External Captive portal redirection to work, it has to be added to the Walled garden list
of allowed IP.
In the Hotspot window, click on the Walled Garden IP Listin the top menu.
Then click on IP List.
Page 23
Note:
1. The check mark on the side of the setting means NOT (!), if checked the rule will apply to
all other hotspot except hotspot1.
2. For website URL or redirection using URL and SSL Certificate such as:
https://secure.aradial.com , Use the Dst. Host instead of Dst. Address for example:
Then drag the newly created login.html from your desktop and drop it under the hotspot directory.
The file will reposition itself to /hotspot/login.html.
Login.html for Spotngo Payment Module portal:
<html>
<head>
<title>Aradial Hotspot</title>
<meta http-equiv="refresh" content="0; url=https://r01.spotngo.net:8025/Payment?AP=MT">
<meta http-equiv="pragma" content="no-cache">
<meta http-equiv="expires" content="-1">
</head>
<body>
</body>
</html>
Page 25
Page 26
Page 27
Page 28
http://192.168.8.34/ardweb/ardadminis.dll?AP=MT&Portal=Example1&MT_Error=$(error)
If the MT did not do a captive portal redirection then it could be one of the following reasons:
1. IF the DNS does not resolve, the MikroTik hotspot does not know if the user is allowed to go to
the destination/url requested, then will not know if the allow through or block access and redirect
to the portal.
Symptom: The URL in the browser will still point to the original requested URL. Most likely
with page cannot be displayed.
Possible Cause: Check to make sure the DNS servers primary and secondary are configured
properly in the Mikrotik. And make sure your PC received a DNS from the MikroTik.
Symptom: If the url changes to Aradial IP / URL but page does not load.
Possible Cause: Check:
- The IP >> Hotspot >> Walled Garden IP List has a rule to accept traffic to the Aradial
Server IP Address and / or URL.
- Aradial portal is reachable from outside the server on that URL. And that no firewall is
blocking access to the service.
Page 30