MikroTik Hotspot is an awesome service that can be customized widely. When MikroTik Hotspot is enabled on an interface, it adds dynamic destination NAT rules which will redirect all HTTP and HTTPS requests from unauthorized users to the Hotspot authentication proxy. So, no user can get internet access in Hotspot network without authentication. MikroTik Hotspot also uses one to one NAT providing an IP address from selected IP Pool and this IP address handles user’s data and limitation. Sometimes we may feel that this second IP address is completely IP wasting or sometimes we see that our network block has few IP addresses to serve new clients. So, in this article we will see how to solve this MikroTik Hotspot issue in our Hotspot network.     

What is HotSpot One to One NAT? 

In a Hotspot network, a client has to get an IP address to get Hotspot Login page because without authentication client will not be able to get internet access. The IP address may be set on the client statically or may be leased from a DHCP server. The DHCP server may provide ways of binding lent IP addresses to clients MAC addresses, if required. The HotSpot system does not care how client get an address before he/she gets to the HotSpot login page.

HotSpot server automatically and transparently assigns a new IP address for an authenticated client from unused address of IP pool selected in Hotspot user profile. The users will not notice the translation because there will not be any changes in the users’ network configuration but the router itself will see completely different source IP addresses on packets sent from the clients even the firewall mangle table will see the translated address. This technique is called Hotspot one-to-one NAT or Universal Hotspot NAT. It was also known as Universal Client in earlier RouterOS version. This one to one NAT technique is completely maintained by Hotspot Server.

How to Keep Same Host and Hotspot NAT IP Address  

We usually configure Hotspot Server with Hotspot Setup wizard which will configure DHCP Server and Hotspot Server on same IP Pool and same network. So, when a client gets authenticated, he/she usually uses two IP addresses, one for Host IP address and another for Hotspot NAT IP address (Hotspot NAT IP address is denoted as to-address in MikroTik Hotspot). If we feel this is a waste of IP address, MikroTik Hotspot provides opportunity to set same Host and Hotspot NAT IP address.

The following steps will show how to setup same Host IP address and to-address in MikroTik Hotspot.

• Login to MikroTik Router using Winbox software with full permission user.
• Go to IP > Hotspot menu item. Hotspot window will appear.
• Click on User Profiles tab and then double click on any created user profile.
• Under General tab, choose none from Address Pool drop down menu.
• Click Apply and OK button.
• Do this for all your created user profiles including default profile.

As we have set no IP Pool for Hotspot user, Hotspot Server will assign same Hotspot NAT IP address (to address) that was assigned for the Host. 

It is also possible to define separate IP network for both DHCP Server and Hotspot Server. In the next article we will see how to configure Hotspot Server with separate IP Network.

If you curious to know more about MikroTik Hotspot, search MikroTik Hotspot Server in System Zone search box and get your desired topics instantly. 

What is Hotspot one to one NAT and how to keep same Host and to-address have been discussed in this article. I hope you are now able to customize Hotspot server yourself. However, if you face any confusion about MikroTik Hotspot one to one NAT, feel free to discuss in comment or contact me from Contact page. I will try my best to stay with you.