This name has quite a lot of definitions, and you will now understand why. Let's first understand - what is a hot spot? Hot-spot or in English Hot-Spot consists of two words. The first word means “hot”, and the second means “point”. Here comes “Hot Spot”. This is where confusion immediately begins for an ordinary person, because this name can be used to call anything. And he will be right! – After all, the meaning of this word depends on the context and where it occurs.
At this point in the twenty-first century, this word is more often used in wireless networks. Wi-Fi Hot spot (HotSpot) - in ordinary language, this is a standard access point that distributes WiFi. But I will tell you more about this later in the article.
What is a hot spot
The name of the function comes from the English connection “Mobile Hot Spot”. Translated into Russian, this means “mobile access point.” Hotspot in Windows 10 is an option that allows you to use your computer as a router to connect other devices in your home to the Internet via Wi-Fi.
Typically, this feature works on a laptop, while it is not available on a desktop computer. However, there are exceptions, as evidenced by the characteristics of the device with Windows 10 and the presence of the “Hot Spot” section in the Internet settings.
More details about mobile
Imagine that you have a laptop on which you want to watch a series or a movie. And the provider, as luck would have it, is delayed and will only install an Internet cable to you tomorrow. But you are bored and want to keep yourself busy. But you have a mobile phone with internet.
So, you can easily turn your smartphone into a router and distribute the Internet from it to your laptop to download programs, watch videos, movies, TV series, etc. This is very convenient when other devices urgently need the Internet. You can also distribute a Wi-Fi network with the Internet to share it with your friends.
Principle of operation
Having defined what a mobile hotspot is in Windows 10, we already have a rough idea of how this feature works. A computer running the Microsoft operating system connects to the Internet, and when the Hot Spot option is enabled, it begins to act as a standalone Wi-Fi router. This becomes a universal solution when there is no router in the house and only a wired connection is used. With Hot Spot, you can use your laptop not as a router, but as an Internet sharing device.
Reference. Mobile Hot Spot works with both wired and wireless connections. This means that the laptop can act as an intermediary in the conventional “router-smartphone” chain.
Control
Let's start with the server. It runs a MySQL database, which accumulates information about user registrations in Hotspot, transmitted by router scripts. Information is received and stored in the database via a backend page in PHP, which also generates passwords for users. We created an admin panel for the customer and connected the VPN to the routers (someone needs to administer them). Now more details.
As we remember, routers transmit to us: the router name, the current time and date, the guest’s mac, his ip in the guest network, as well as the current white and gray ip addresses of the router, the client’s phone number, the phone’s host name and status (authorization or deauthorization). All this is accumulated in the registration table. Information about the bars (the name of the MikroTik device and descriptive information about its location) is accumulated in the coffeepoints table (here we know everything right away). At the customer’s request, we introduced a redundant users table, which accumulates information about service users: phone number, and in which bar it first appeared. We created a technical table status, which translates the codes 1 or 2 we came up with into login and logout values. To back up the database, it is better, of course, to set up automatic replication, however, due to the small volumes of information storage in our project, we took a different route: a mysqldump of the database is run weekly in cron, the results are periodically copied manually to the local host.
Database structure
Let's analyze the one-page backend code. In general, everything works like this: the correctness of the APIKEY sent to the server is checked, if everything is correct, then the database is filled. First, information describing the bar is retrieved from the database. Then it is checked whether a new user has come to the bar (in this case, the users table is filled in), or information about him is already contained in the database. Status codes are converted into text. Then all the necessary information is filled into the registrations table. If APIKEY was not transmitted (or is incorrect), then a random password is simply generated.
//Checking the correctness of the key if ( $key_from_get === $api ) { Spam protection passed } else { //Simply displaying a temporary password $pas1d = random_int (0, 9); $pas2d = random_int(0, 9); $pas3d = random_int(0, 9); $pas4d = random_int(0, 9); $password = "$pas1d$pas2d$pas3d$pas4d"; echo $password; }
It remains to talk about the admin panel, which the customer can work with independently. You can, of course, simply install ready-made solutions for working with a database on the server via a web interface (like phpmyadmin or adminer), but we did everything turnkey. Since web design is not our strong point, and there is no particular interest in it, we used our favorite getbootstrap.com. The result is a strict adaptive frontend. The “Registrations” section displays the log of registrations in the service, i.e. registrations database table.
Administrator for the service (section “Registrations”)
In the “Users” section we see information from the users table, in the “Bars” section from coffeepoints, in the “Statuses” section from status, and the “Connections” section is entered for debugging. The date and time fields are transmitted by routers in a not very beautiful format, which can be converted on our backend, but this does not greatly affect the functionality. Added the ability to filter output, as well as export to MS Excel. And in general, here you can write code for your own pleasure, with purpose and just like that. Do not judge strictly.
Administrator for the service (section “Users”)
A few words about setting up a VPN. Of course, the VPN server runs right here on a rented server (this is the kind of machine that came out), OpenVPN was chosen as the protocol, as it is the most flexible, secure and stable. There are no problems with setting it up: we created a public key infrastructure, generated certificates, and self-signed them. RouterOS, however, can only work with a TCP connection for OpenVPN for now, but that doesn’t matter. In general, the connections install and work for years without problems. As a result, we have remote access to routers from anywhere in the world, the most important thing is not to forget to work in “Safe mode” (MikroTik mode, in which, in the event of a long break in the control channel, the router automatically cancels the last change in its configuration), because setting up a firewall remotely is the right thing to do a sign for a long trip. We also draw your attention to the fact that due to our mistake, when transferring configured configurations between routers, the mac addresses of the network interfaces may coincide, which can cause a little trouble.
How to find out if you can use a hotspot
Mobile hotspots are quite common, but at the same time not ubiquitous. Therefore, there is a possibility that your specific Windows 10 device does not support this feature. For the hotspot to work, your computer must have a Wi-Fi module installed with the latest drivers and the latest version of the operating system. If checking these parameters manually is not possible, we recommend doing the following:
- Click on the Start icon in RMB.
- Launch a command prompt with administrator privileges.
- Enter the command “netsh wlan show drivers”.
- Press the Enter key.
After completing all the steps in the instructions, information about the hardware driver will appear in the Command Line interface. The user should pay attention to the line “Hosted network support”, which may contain the value “yes” or “no”. The first means that the access point is supported, and the second means that it is not compatible.
How to set up a hotspot
There are quite a lot of programs that are needed to activate the distribution of a wireless access point. A fairly prominent representative of this family is the mhotspot .
Mhotspot is a fairly easy- to-use utility that allows you to turn any portable gadget into a portable access point (for this you must have a Wi-Fi module).
IPv4 and IPv6 protocols - what they are and why they are used
The main advantage of the program is its simple interface , smooth operation and many settings (they are all located in the system curtain, from where they can be easily called up). To activate the software, the user only needs to come up with a name for his hotspot and enter a password , or leave the hotspot as an open type. You can also specify the allowed number of connections (no more than 10 devices).
When you open the application, the number of connected gadgets, information about the total amount of data used, as well as information about speed .
What problems can you encounter?
When setting up a mobile hotspot, various problems may arise due to user inattention, system failure and a number of other reasons. Below we will look at the main difficulties that stand in the way of setting up an access point, and also indicate troubleshooting options.
Cannot configure. Turn on Wi-Fi
This usually happens if you are using an old Wi-Fi network driver. You need to update it by referring to the user manual:
- Click on the Start icon in RMB.
- Launch Device Manager.
- Open the Network Adapters tab.
- Click on the device that is not working or is causing an error.
- Click on the "Update Driver" button.
You can also try uninstalling and then installing the driver again. You can download the program using the device manager or manually through the official website of the developers.
No connection to mobile network
This error occurs if you installed a hotspot while connected to 3G or 4G internet. Your mobile operator may have imposed traffic restrictions. This fact may be causing the problem. Another possibility is that there are insufficient funds in your personal account.
No connection
In this case, the access point does not turn on due to a problem with the network card or anti-virus blocking. Try updating drivers for all types of computer hardware and temporarily disabling Kaspersky Internet Security or other antivirus software.
Devices do not connect
If the problem is that external devices see the access point, but the Internet connection does not work, it means that you entered the wrong password or there is an IP address conflict. In the second case, it is recommended to reset the network card settings.
Hotspot
It's time to configure Hotspot technology directly on routers. MikroTik supports the technology itself out of the box, but we customized it for “Coffee Cup” and also complied with all the requirements of Russian legislation. In the process, we found a useful resource (https://mikrotik-training.ru/) dedicated to setting up MikroTik equipment, the developments of which we used in our project. Let's start with the description. Created a profile for Hotspot. When connected to the free network, the router displays authorization web pages in the Hotspot service on behalf of the site coffeecuptogo.com, the cookie lifetime is set to 4 hours (after which the user is sent to reconnect). Hotspot technology, of course, only applies to the guest network.
/ip hotspot profile set [ find default=yes ] dns-name=coffeecuptogo.com hotspot-address=192.168.10.1 html-directory=flash/hotspot http-cookie-lifetime=4h name=coffeecup /ip hotspot add address-pool= pool_guest addresses-per-mac=1 disabled=no idle-timeout=none interface=bridge_guest name=hotspot_coffeecup /ip hotspot user profile set [ find default=yes ] keepalive-timeout=1h mac-cookie-timeout=4h
Here, in the user profile, we created scripts that are automatically triggered when users connect and disconnect. The logic for both scripts is the same. First, information is collected on the router, then it is sent using the http-get method to our server, where all this is accumulated into a database (we will analyze it later). To protect their server from spam, they came up with a key, which is also transmitted and, first of all, checked on the server. The following is collected on the router: the name of the router (it was set individually for each bar), the current time and date on the router (it’s convenient to get them here, and not get them on the server, so as not to bother later in the backend with time zones in different bars), mac guest, his ip in the guest network, as well as the current white and gray ip addresses of the router (we take the white address through an external service, although there is no problem getting it on our server through the $_SERVER array in PHP, in which our backend is written), phone number client, which we will later receive through the authorization form in Hotspot and assign its value as the username (sent to the server with the first digit 7), as well as the hostname of the phone (may later be useful somewhere in marketing or statistics). By the way, new versions of iOS, when connecting to an access point without a password, do not transmit the host name, which is implemented in order to maintain confidentiality. To the LOGIN variable we pass whether the client has disconnected (LOGIN=2) or whether it has connected (LOGIN=1). The authentication script looks like:
#Out interface to internet :local INTERNETINTERFACE pppoe-out1; :local APIKEY 12345; #status —> log in :local LOGIN 1; :local SITE oursite; :local PORT 1500; :local nas [/system identity get name]; :local today [/system clock get date]; :local time1 [/system clock get time ]; :local ipuser [/ip hotspot active get mac-address] :local hour [:pick $time1 0 2]; :local min [:pick $time1 3 5]; :local sec [:pick $time1 6 8]; :set $time1 [:put ({hour} . {min} . {sec})] :local mac1 [:pick $usermac 0 2]; :local mac2 [:pick $usermac 3 5]; :local mac3 [:pick $usermac 6 8]; :local mac4 [:pick $usermac 9 11]; :local mac5 [:pick $usermac 12 14]; :local mac6 [:pick $usermac 15 17]; :local USERLONG "7$user"; :set $usermac [:put ({mac1} . {mac2} . {mac3} . {mac4} . {mac5} . {mac6})] #ip addresses: :local whiteip ([/tool fetch url=»https: //site_for_white_ip/" output=user as-value]->"data"); :local grayip [/ip address get do={ :if (($i->"address")=$ipuser) do={ :set $host [($i->"host-name")]; } } do {/tool fetch url=»https://$SITE:$PORT/\?api=$APIKEY&device=$nas\ &tel=$USERLONG\ &status=$LOGIN\ &ipgray=$grayipshort\ &ipnat=$ipuser\ &mac=$usermac\ &date=$today\ &time=$time1\ &host=$host»\ keep-result=no} on-error={};
The deauthentication script looks like this:
#Out interface to internet :local INTERNETINTERFACE pppoe-out1; :local APIKEY 12345; #status —> log out :local LOGIN 2; :local SITE oursite; :local PORT 1500; :local nas [/system identity get name]; :local today [/system clock get date]; :local time1 [/system clock get time ]; :local hour [:pick $time1 0 2]; :local min [:pick $time1 3 5]; :local sec [:pick $time1 6 8]; :set $time1 [:put ({hour} . {min} . {sec})] :local USERLONG "7$user"; #ip addresses: :local whiteip ([/tool fetch url=»https://site_for_white_ip/» output=user as-value]->»data»); :local grayip [/ip address get do={ :do {:local content [/log get $line message]; :local pos1 [:find $content " (" 0]; :if ($pos1 != " ") do={ :local uname ""; :set uname [:pick $content ($pos1-10) ($pos1 -0)]; :local unameforsms "7$uname"; #Cheks user from spam :local sendtest yes; :foreach i in=[/ip firewall address-list print as-value where list=spam_cheks_list] do={ :if (($i->"address")=$uname) do={ :set $sendtest no; } } :if ($sendtest=yes) do={ /ip firewall address-list add list=spam_cheks_list address=$uname timeout=00:05:00; #Password generation local pass ([/tool fetch url=»https://$SITE:$PORT» output=user as-value]->»data) #Add hotspot user do { /ip hotspot user add name=$uname} on-error={}; do {/ip hotspot user set password=$pass numbers=} on-error={}; #SMS do {/tool fetch url=”https: //sms.ru/sys/send.php\?AUTH_DATA&phones=$unameforsms&mes=$pass" keep-result=no} on-error={}; :delay 1; } } } } #Clear hostpot log /system logging action set hotspot memory-lines=1; :delay 1; /system logging action set hotspot memory-lines=1000;
Russian legislation obliges us to maintain the volume of provision of communication services to users, so we set up a connection between the collector and the “Net-flow” client. On a server with a backend:
apt install flow-tools nano /etc/flow-tools/flow-capture.conf #comment all #IMPORTANT Traffic Flow Version need 5 !! -w /var/log/flow -n 275 -N 3 192.168.15.1/0/1234
On MikroTik (pay attention to version 5 of the protocol, since the collector works with it):
/ip traffic-flow set enabled=yes interfaces=bridge_guest /ip traffic-flow target add dst-address=192.168.15.1 port=1234 version=5
In addition, in order to maintain confidentiality from third parties (including the Internet provider), “Net-flow” traffic is transmitted via a VPN channel (its width is completely sufficient for this task). It's time to figure out the authorization form in the service. When you create a Hotspot in RouterOS, a set of directories and files appears that are responsible for its operation. We are interested in the files /flash/hotspot/login.html and /flash/hotspot/alogin.html. The first is the authorization page for the service, and the second is the page that will be shown to the user after successful authorization. You can read more about this here https://wiki.mikrotik.com/wiki/Manual:Customizing_Hotspot.
"Native" Hotspot directory and file structure on MikroTik
We created (redesigned) login.html for the customer and retained the required RouterOS web page structure. The privacy policy has been described in detail.
Redesigned login page for Hotspot service
I really wanted to simply redirect to the customer’s website on the alogin.html page, but this solution has a big disadvantage: the site does not load instantly (there is a time delay for the redirect, and the Internet speed does not always reach excellent values). If you create this page and put it in the router’s memory, it will be shown to the user instantly. That's what we did. The only limitation is the page size, because our router has only 16 MB of memory and the lion’s share of it is taken by the Hotspot file and directory structure created by RouterOS. You can, of course, attach a USB flash, but you don’t really want to take up the free (not always) only USB port on MikroTik. We fit alogin.html with all links into 500 kb. With this the Hotspot setup is complete, it’s time to disassemble the backend.
Flaws
The main disadvantage is the drop in speed. And again, an example: if the standard speed of your Internet connection is 2 Mbit/s, then when you distribute access to another user, the speed will be divided by two. Now when downloading data the speed will be 1 Mbit. If other users also connect to your smartphone, the speed will drop even more. Of course, this is all very approximate, but in theory this is how it works.
The more devices connected to your Internet channel, the slower the Internet will be. And if the Internet bandwidth is already low, then using Hot Spot will be unbearable.
Another drawback is traffic pricing. Many telecom operators have a tariff in which the subscriber must pay for each downloaded megabyte. The cost may increase if the permitted volume is exceeded. Therefore, when distributing the Internet to Hot Spot Wi-Fi, it is worth remembering that connected users can load large amounts of traffic. And you will have to pay for it or whatever this Internet distributes. Of course, with an unlimited tariff this disadvantage does not exist.
