HSNM Hotspot Manager-Walled Garden

Walled Garden

It allows you to define the free URLs and, in other words accessible, by users even without registration nor authentication.
Defined URLs are dynamically added, on the basis of the value defined in the “Minutes for the update ” field in the configuration data of the HGW gateway, if the HGW gateways have been configured through the script compatible with MikroTik RouterOS generated by the system.

If you want to add some Walled Gardens specific and exclusive for the domain or for the HGW gateway, press the  properties button of the domain or HGW gateway and select “ Walled Garden“.

Warning! The walled gardens managed by HSNM, work only on MikroTik and LigoWave Infinity appliances. If you are not using MikroTik or LigoWave Infinity appliances, you have to enter the walled gardens directly in the configuration of the appliance in use.

The Context Dropdown Menu

By clicking on the context properties button of the URL, you expand the context dropdown menu with a range of options grouped by: edit

Adding or Editing

To add a new host, select “ Templates” and press “Add host” in the command bar. While to modify a template, press the context button of the image and select “ Edit”. In both cases, a page appears that allows you to manage the following fields:

General data

Field	Description
Code	Code assigned to the template
Address of the host	Host to be considered free. It is usually inserted in the form *.domainname.com It is possible to enter a host in the resolve:HostName form. In this way, the IP address will be resolved dynamically and add to the Walled Garden IP list (compatible only with MikroTik-type gateway).
Port	Destination port.
Allow	If active, it enables the host. If not active, it blocks the host. It can be useful for example to disable some “akamai” type of hosts, automatically entered in the system.

Warning! Improper insertion of Walled Gardens could compromise the functioning of the CNA for Apple, Android and Windows Phone. If you want to use the CNA, please avoid to enter the URLs stated in the “Walled Garden for CNA” paragraph.

Walled Gardens for non-MikroTik and non-LigoWave Infinity appliances

MikroTik and LigoWave Infinity devices are fully integrated with the management of the walled gardens of HSNM. For non- MikroTik and non-LigoWave Infinity appliances, walled gardens should be entered manually in the configuration of the same appliances.
The simplest procedure for deriving the Walled Gardens based on the current configuration is as follows:

Open the context dropdown menu on the Gateway;
Select “ Download Walled Garden” to download the TXT file which contains all the necessary Walled Gardens;
Copy the content in the gateway configuration.

If you want to manually define the Walled Gardens, the following information describes the URLs and/or the IPs that you have to enter according to the enabled options.
For proper functioning of the system, you have to enter the following URL or IP:

Domain of the HSNM
IP of the HSNM
URL or IP of the Round Robin 1 host
URL or IP of the Round Robin 2 host
URL or IP for the click of the Intro defined in the template
URL of the header image in the “Info” App
URL of the bottom image in the “Info” App

Walled Gardens for CNA (Captive Network Assistant)

If you want to disable the CNA, you have to enter the following URLs.
For Android:

clients1.google.com
clients3.google.com
connectivitycheck.gstatic.com

For Apple:

gsp1.apple.com
www.apple.com
apple.com
www.appleiphonecell.com
*.apple.com
www.itools.info
www.ibook.info
www.airport.us
www.thinkdifferent.us
*.apple.com.edgekey.net
*.akamaiedge.net
*.akamaitechnologies.com

For Windows Phone:

ipv6.msftncsi.com
ipv6.msftncsi.com.edgesuite.net
www.msftncsi.com
www.msftncsi.com.edgesuite.net
teredo.ipv6.microsoft.com
teredo.ipv6.microsoft.com.nsatc.net

Walled Gardens for Social Login

If you want to enable social login, you have to enter the following URLs

For Facebook:

*facebook.com*
*akamai*
*akamaihd*
*akamaiedge.net*
*edgesuite.net*
*edgekey.net*
*fbcdn*
*.mediaplex.com

For Twitter:

*twitter.com*
*twimg*
api.twitter.com*

For Google+

accounts.google.com
*.google.com
*.googlesyndication.com
*.googleadservices.com
*.googletagservices.com
*.akamai.net
*.gstatic.com*
*googleapis*
apis.google.com

For LinkedIn

*linkedin*
*licdn*

For VKontakte
*vk.com*

For Amazon
*amazon.com*
*ssl-images-amazon.com*

For OAuth Custom
Domain included in the URL of the redirect server
Domain included in the URL of the server for the access token.

Walled Gardens for Welcome Portal

For the functioning of the Welcome Portal, you have to enter the following URLs:

Flickr

*.staticflickr.com*

Youtube

*.youtube.*
*.google.com
*.l.google.com
*ytimg*
*.googlevideo.com
*.google.com

Google maps & API

*.google.com
*.gstatic.com*
*googleapis*
*googleusercontent*

Open weather

api.openweathermap.org*

Walled Gardens for Payment Gateways

If you want to enable the payment gateways, you have to enter the following URLs:

PayPal:

*.paypal.com
*.paypalobjects.com
paypal.112.2O7.net
*.paypalobjects.com
*akamai*
*.mediaplex.com

PayFast

*.payfast.co.za
*.google-analytics.com

Mollie

*.mollie.nl

Authorize.NET

*.authorize.net

Payment Express

*.paymentexpress.com

Pesapal

*.pesapal.com
*.googleapis.com
*.gstatic.com
*.google-analytics.com

EWay

*.eway.com.au
*eway.io

PayUBiz

*.payu.in
*securecode.com
*mastercard.com*

Walled Gardens for Custom Apps

If you enter external custom Apps or internal custom Apps that require outside connections, you have to manually add the required URLs or IPs.

Walled Garden for Advertising

If you enter Ad campaigns, you have to manually add the URLs or IPs of the banners.

The Context Dropdown Menu