Home > Articles > Cisco Network Technology > Wireless/Optical/High Speed > Creating a Hotspot Gateway with RouterOS

Creating a Hotspot Gateway with RouterOS

Article Description

You already turned your PC into an enterprise router and LAN server. In this tutorial, Eric Geier, author of Wi-Fi Hotspots: Setting Up Public Wireless Internet Access, continues by showing how to set up the integrated hotspot gateway. You learn how to get a captive portal working and customized.
Enabling SSL Encryption

Enabling SSL Encryption

If you want to encrypt the hotspot pages because you're requiring payments or accounts on your hotspot, it's best to purchase a certificate signed by a certificate authority (CA) rather than create your own self-signed certificates for free. This is because users will see a warning/error in their Web browser unless your hotspot server is using a certificate issued by a CA recognized by their browser.

To get started, you must create a certificate signing request (CSR) with RouterOS via command-line, either at the server PC or with a new terminal window in WinBox.

Run the following command:

/certificate create-certificate-request

You'll be prompted to enter a name for the file that the CSR and private key will be written to; the default filenames should be fine.

You'll also create a passphrase for the private key. Next, use the default RSA key bits value. Then you'll be asked the general CSR questions.

Now you need to download the CSR and private key files with a FTP client, such as FileZilla, by connecting to the RouterOS IP with your administration account credentials.

You can use the CSR to order your certificate from a CA such as GoDaddy, RapidSSL, or Thawte.

Once you have the signed certificate, upload it via FTP. Then run the following command:

/certificate import file-name=thecertificatesfilename

Then you have to type the password you created when making the CSR.

On WinBox, now you need to click IP > Services. Then you need to double-click the www-ssl entry, select the certificate and click OK.

Back on the IP Service List, click the www-ssl entry and click the checkmark button to enable it.

Now to enable SSL for your hotspot, edit your hotspot server profile to allow HTTPS logins and select your certificate.

3. Change Login and Hotspot Pages | Next Section Previous Section