Aaron Forbes

How to configure a MikroTik router for HotSpot gateway functionality

At Minim, we field questions from customers on configuring their MikroTik routers for various functions. In this blog, we'll be covering how to set up MikroTik routers for HotSpot Gateway functionality.

HotSpots are great for small businesses that want to provide WiFi to their customers without worrying about having their network become compromised. It can also be a useful tool for companies in a WFH employee situation. Whatever the reason is that you’re looking to set up your MikroTik with the HotSpot gateway functionality activated, we’ll provide the steps necessary for you to do so. Our guide below pulls from Mudasir Mirza’s MikroTik HotSpot server setup, which we also recommend reading—we've added some helpful details too.

If you haven’t checked out our blog on initially configuring your MikroTik router yet, start there. Otherwise, read on to learn how to configure your MikroTik router for HotSpot gateway.

How to configure your MikroTik router for HotSpot Gateway functionality

HotSpot purpose and features

The MikroTik HotSpot gateway provides authentication for clients before access to public networks. A HotSpot only works reliably when the IPv4 protocol is used; the HotSpot relies on Firewall NAT rules which aren’t supported with IPv6.

The HotSpot gateway features:

  • Different authentication methods of clients using local client database on the router or remote RADIUS server
  • Users accounting in the local database on the router or on the remote RADIUS server
  • Walled-garden system, access to some web pages without authorization
  • Login page modifications for companies
  • Automatic and transparent change any IP address of a client to a valid address

MikroTik HotSpot Setup

The simplest way to set up a HotSpot server on the MikroTik router is through the WebFig portal. Log in to your router by pasting its IP address into the search bar and entering your admin credentials.

You should arrive at the home screen. Find the buttons at the top right that read Quick Set, WebFig, and Terminal. Click on the Terminal button.

First, we need to configure the interface connected to the WAN. Type the below into the terminal and press enter:

ip address add address= network= broadcast= interface=ether1

Note: you won’t be able to copy and paste the code into the terminal. You’ll need to type it out, so be careful not to make a mistake!

Now we need to configure the second interface for our Local Network. Type the below into the terminal and press enter:

ip address add address= network= broadcast= interface=ether2

Both interfaces are now configured.

DNS setup

Next, we will set up the DNS server.

  1. Click on the button at the top that says WebFig. You should come to a screen with several buttons at the left side of the screen.
  2. Select the IP drop-down arrow, then click DNS. Fill in the appropriate information provided by your ISP, and make sure the Allow Remote Requests option is checked.
  3. Apply your settings, then navigate to the Routes button on the left side of the screen.

Routes setup

  1. Click the Add New button at the top of the screen.
  2. Under Gateway, type the IP address of the gateway of your WAN interface. Apply your settings, then navigate to the HotSpot button on the left side of the screen.

HotSpot setup

  1. Click the button that says HotSpot setup at the top of the screen. Select ether2, as this is the interface connected to the local network.
  2. The next screen will ask for the local address of the network. You won’t need to change anything here, so just click Next.
  3. The next page will ask for the IP range to be used by the DHCP server for providing IPs to clients. Make certain the IP range is acceptable for the server. When you’re finished, click Next.
  4. Select “none” for the certificate. Click Next.
  5. Click Next.
  6. We don’t need to make any changes to this screen because we’ve already configured this in an earlier step. Click Next.
  7. Now you’ll need to define your server’s name by which clients can access the HotSpot’s login page through a web browser. Type the name you’d like and click Next.
  8. The last step is to create a user. By default, it creates a user admin with no password. Here you can set the password and user name for the default user. Change the values if you'd like, then click Next.

Your HotSpot server is now configured. Try logging in to make sure it works properly.

Minim is a Made for MikroTik software partner and provides tools for easily configuring these routers. Check out the default configurations Minim provides for MikroTik router security.

Like this blog?

Subscribe to our newsletter.