How to connect your Mikrotik with Powerlynx (Advanced setup):
Connect Mikrotik hotspot with Powerlynx (text version)
In this manual, we will guide you on how to add a Mikrotik router as a hotspot in Powerlynx. In our example, we are using a MikroTik router with wireless interfaces. Customers will connect to the Wi-Fi provided by the router.
There are two types of setups: Simple and Advanced. We will go through both.
Simple setup
Navigate to the desired location, open the "Hotspots" tab, and click on the "Add" button:
Title - title for your router;
NAS type - select Mikrotik as a NAS type;
Physical address - address of your router (optional).
Here, you can choose the setup type:
Setup Type: Simple or Advanced.
- Simple - Use this option if you're not confident with Mikrotik. It will generate a script that you simply copy and paste into your Mikrotik device.
- Advanced - Choose this if you're comfortable with Mikrotik and prefer more control over the setup process.
Setup Options: Full Setup or VPN Setup.
- Full Setup - Generates a script to configure a hotspot server, RADIUS server, WireGuard connection, and other components on your router.
- VPN Setup - Generates a script to set up only a WireGuard connection between your router and Powerlynx.
INFO
Pre-Script Configuration:
- Clean Router Configuration: The router must have no default or existing configuration. It should be a clean router. To achieve this, reset the router to its default state, ensuring no prior settings are applied.
- Remove any previously created:
- WireGuard interfaces for PowerLynx.
- IP addresses for the WireGuard connection.
- Hotspot servers.
- Hotspot HTML files.
- RADIUS servers.
Post-Script Configuration:
- Add the distribution interfaces (interfaces customers will connect through) to the bridge.
- If the distribution interface is wireless, configure the wireless interface to operate in access mode without authentication.
By following these steps, you will ensure the router is properly prepared and configured for the script to execute successfully.
This is the result of the Simple setup with the Full Setup option. As you can see, the script has been generated. You just need to click the "Copy Script" button and open your Mikrotik router, open a "New terminal" and insert this script:
Go back to Powerlynx and click the "Check Status" button to ensure the connection has been established:
WARNING
IMPORTANT! During the simplified setup, the script will create a bridge interface and run the hotspot server on that interface, as we cannot identify the correct interface on your router.
Add your interface to this bridge, or change the interface on which the hotspot server will run. If you're unsure what to do, contact support at support@powerlynx.app.
If you select the VPN Setup option, it will generate a script to create only the VPN connection. However, you'll need to manually set up the hotspot server, RADIUS, and hotspot files (steps 3-7 from the Advanced Setup guide below).
Advanced setup
During the advanced setup, you will need to configure everything manually. Simply follow this part of the guide:
Create a hotspot, complete step 1, and proceed to step 2 by selecting the "Advanced" setup type:
We will create a hotspot with the "Wireguard" connection type, as it's the recommended and secure option. After selecting of the "Wireguard" connection type you will see the "Generate Wireguard keys" button - you should click on it. After that, you will see this window:
WARNING
Please copy and use these keys to configure the Wireguard connection immediately. The private key is shown only once. We recommend to store all these values somewhere in a safe place.
Click the 'Next' button to create a new hotspot in Powerlynx. Now, let's link this router with Powerlynx.
1. Wireguard
Create a Wireguard interface - log in to your router using Winbox, navigate to Wireguard section, and create a new Wireguard with the following settings:
Name - the name of your interface;
Listen port - leave it empty. The system will detect this port automatically;
Private key - set the "Client private key" value that you received during the hotspot creation in Powerlynx.
Save the configuration and proceed to the "Peers" tab in the "Wireguard" section to add a new peer:
Interface - previously created Wireguard interface
Public key - always use this value -
lPYDyIwk5X4tyUMNT9ny/nyPSyHwk31mzm2ahOH7iV0=
Endpoint - vpn.powerlynx.app
Endpoint port - 443
Allowed Address - 172.16.0.0/12
Persistent Keepalive - 00:00:05
2. IP/Addresses
On Mikrotik, under IP -> Addresses create a new entry for Wireguard IP of your router (in our example we were given the 172.16.5.148 address during the hotspot creation in Powerlynx):
Afterward, your Wireguard peer should display live values in the "Last Handshake" field. If it remains frozen or shows static data, there might be an issue, and there's likely no connection between Powerlynx and this router and you should double-check steps #1 and #2.
3. Hotspot server setup
Next step is to create a Hotspot server under IP/Hotspot. The simplest way to setup HotSpot server on a router is by /ip hotspot setup
command. Router will ask to enter parameters required to successfully set up HotSpot. When finished, default configuration will be added for HotSpot server. Also, you can create it manually.
Once created, let's change some settings:
Name - set name for your hotspot server. You will use it later in Powerlynx setup;
Interface - select interface to run your hotspot server;
Address Pool - select the IP/Pool to assign IPs from;
Profile - select hotspot profile;
Idle timeout - recommended value = 1m;
Keepalive timeout - recommended value = 1m;
Addresses Per MAC - recommended value = 1.
after that modify the hotspot profile that is use by the hotspot server:
"Login By" - MAC, HTTP CHAP
MAC Auth. Mode - MAC as username and password
Use RADIUS - enabled
Accounting - enabled
NAS Port Type - depends on what type of port do you use to run a hotspot server
4. Hotspot files
Next step is to replace the login.html
file that can be found under the Files section with a special login.html file (click to download). There are only 2 points to change:
Replace the highlighted values, as shown in the screenshot above, with your Powerlynx URL.
5. RADIUS server
Next step is to create a RADIUS server on the router:
Pay attention to:
Address - if you use Wireguard connection type - use this value: 172.16.0.1;
Secret - RADIUS secret - must be the same in Powerlynx Hotspot and here;
Timeout - recommended value 3000 or more;
Require Message Auth - "no"
Src.Address - IP address of the router in Powerlynx. It must be the same IP address added in step #2 under IP/Addresses.
6. Walled Garden
Next important step is to configure Walled Garden hosts. It is crucial to add your Powerlynx URL as well as bunch of other hosts:
One more host to add is *.digitaloceanspaces.com
(this host is required to display the logos on the captive portal page).
You will also need to add additional Walled Garden hosts depending on what payment system you are going to use. The list of Walled Garden hosts to add to allow payment systems can be found in this post on our forum.
7. Powerlynx SSIDs
Add the hotspot server name into the SSID field under your location and under your splash page:
It is crucial to add the hotspot server name in both places mentioned. It's not enough to add the hotspot server name only under Location details or only under the splash page details.