MikroTik

Hello,

I was able to connect the Mikrotik to a Freeradius server, it works fine with PPTP but it does not work with SSTP and L2TP. Is there anyway I can make it work with SSTP and L2TP?

thnak you

i have been successful (as I believe you have) in implementing PPTP VPN authentication using a FreeRadius. However, I have not been able to successfully use the response from FreeRadius to authenticate a WinBox login. For Winbox I needed to implement a Mikrotik User Manager, which was certainly not my preference. Have you been successful in authenticating Winbox Logins using FreeRadius?

I have not had reason yet to attempt SSTP or L2TP authentication.

thanks

We authenticate users for WinBox login and L2TP from FreeRadius with MySQL.

For Winbox, you have to send back a group name as an attribute.

Thanks much for the info that it can be made to work. We'll give it a try. Since there are about 90+ standard attributes, do you remember in which attribute you sent the group name? The only standard Attribute with 'group' in its name that I find is "Tunnel-Private-Group-ID", which does not seem appropriate. Perhaps it is a vendor specific type value? If so, did you find the attribute type number defined some place?
thanks again, and have a great day

Include this as a dictionary in FreeRadius.
http://wiki.mikrotik.com/wiki/Manual:RA ... dictionary

Send Mikrotik-Group back as an attribute with the name of the group you want the user to be in for winbox.
Also, winbox uses CHAP, but console, ssh, telnet, use PAP.

And what about L2TP Mikrotik server and FreeRadius
What attribute should be sent as replay to the mikrotik in order to work?