Result
MikroTik User Meeting Larnaca, Cyprus, 12th of June 2015 Hotspot using social accounts Ionas Iona About me Company : JoinMyWifi Position : Co-founder, Chief Technical Officer (CTO) Product : Wifi Marketing Software Telephone number : +357 70009434 Email : ionas@joinmywifi.com Website : http://www.joinmywifi.com CV : http://www.joinmywifi.com/IonasCV.pdf Education : National Technical University of Athens (Ethniko Metsovio Polytecnhio) Electrical & Computer Engineering department BSc & MSc in Computer Science, class of 2009 MikroTik certified : MTCNA, MTCWE, MTCTCE, MTCUME MikroTik consultant : http://www.mikrotik.com/consultants/europe/cyprus Hotspot presentation : http://www.joinmywifi.com/HotspotMUM.pdf "I don't want yes-men around me. I want everyone to tell the truth, even if it costs them their jobs." Samuel Goldwyn JoinMyWifi – Ionas Iona Hotspot using social accounts 2 of 24 Agenda Why use MikroTik Hotspot concepts Hotspot on router vs. access points Pages on server vs. router Security issues Walled garden configuration JoinMyWifi platform Live demo Configurations tested on RouterOS v6.27 JoinMyWifi – Ionas Iona Hotspot using social accounts 3 of 24 Why use MikroTik Features we utilize with hotspot Layer-7 firewall with content filtering Dynamic bandwidth allocation (using PCQ) Prioritize traffic (QoS) Transparent web proxy (http traffic caching) Transparent DNS server VLAN (multiple SSIDs) openVPN (secure connection with server) Simple Network Management Protocol (SNMP) Value for money JoinMyWifi – Ionas Iona Hotspot using social accounts 4 of 24 Hotspot concepts (1/2) Hotspot Provides authentication for wired/wireless clients, via captive portal, before accessing the internet Captive portal A special web-page (e.g. a login web-page) or a series of web-pages that are shown to unauthenticated users, to provide means of authentication. Only authenticated users gain full access to the internet. Unauthenticated users gain access only to the internet resources that are specified in the walled garden Walled garden Specifies which HTTP and HTTPS resources can be accessed by unauthenticated users JoinMyWifi – Ionas Iona Hotspot using social accounts 5 of 24 Hotspot concepts (2/2) Default MikroTik hotspot’s login web-page JoinMyWifi – Ionas Iona Hotspot using social accounts 6 of 24 Hotspot on router vs. access points (APs) We recommend hotspot on router Centralized management Advanced operating system Less hardware required (Large enterprises require many APs for wifi coverage) No need to replace/reconfigure current infrastructure Easier/faster deployment Cost effective JoinMyWifi – Ionas Iona Hotspot using social accounts 7 of 24 Pages on server vs. router We recommend pages on server. Although this approach lacks in speed, the benefits are described below No need for massive updates on routers when new versions of the software are released No need for router update when a client decides to change platform configuration Almost all pages reside in one domain (avoiding cross side scripting issues) Pages are created dynamically – Flexibility to customize pages for each user specifically Source code is more manageable Painless debugging Smooth transition to global scale Joi