All,

I'm probably missing something simple, but here it goes. I have a working Hotspot setup with my Radius server authenticating users with user/password. I wanted to change the hotspot/Radius setup so that certain business customers would never see the login, since they would be authenticated by their MAC.

On the hotspot site: I changed the hotspot from https, chap only by checking the MAC authentication too. The MAC password is blank.

On my radius server, I created a username: 00:1A:4D:DB:5E:1F with a blank password. I made this user a member of one of the existing hotspot groups (bandwidth limits).

When I power up this system, the hotspot complains that it tried to login by MAC but, "login failed: RADIUS server is not responding" I then open up a browser on the machine and login with a user/password and the same radius server without problem. Should the radius server reply to the hotspot with some special attribute or something? Thanks in advance,
marshall

Post your HotSpot configuration, radius server configuration, enable radius,debug logs and post information when user sees that error.

I have a fully functioning system, radius, hotspot, etc.(for 2 years) I just Checked the MAC authentication box and kept the password box empty on the mikrotik hotspot. I set the radius server with username <MAC addr> and password empty. Is something more required on the radius server?

if I create a user on the radius server for "test" with a password of "password" the radius server responds and login is successful.

Thanks

By default it's enough to have MAC-address as username and blank password. You may test the same configuration with 'ip hotspot user' add user with MAC-address as name without a password and check it.

Research 'radius,debug' logs to find out where is the problem with blank password.

if you using mikrotik hotspot,then what you can do is add their mac address under /ip hotspot bindings and select bypassed.That will bypass them from using the login page and give them direct internet access.

We had a similar problem when we would auto login our business clients. MAC Address as a username and password blank. This did not work. The work around we did, was that we created the Username by their MAC Address e.g xx:xx:xx:xx:xx:xx Then we added a password "business" on the radius server.

On the RouterOS 3.10 we did /ip hotspot profile
name="hsprof1" hotspot-address=10.17.102.1 dns-name=""
html-directory=hotspot rate-limit="" http-proxy=0.0.0.0:0
smtp-server=xxx.150.xxx.5 login-by=mac,cookie,http-pap
mac-auth-password="business" http-cookie-lifetime=1w
split-user-domain=no use-radius=yes radius-accounting=yes
radius-interim-update=5m nas-port-type=wireless-802.11
radius-default-domain="" radius-location-id="" radius-location-name=""

And it worked - so try to add a standard password on the radius user and on the ROS hotspot too

With your MAC Auth: how do you tell the MT from your Radius to use different user profiles for different speeds?

Also can you set bursting?

MikroTik-Rate-Limit has the following syntax,

rx-rate[/tx-rate] [rx-burst-rate[/tx-burst-rate] [rx-burst-threshold[/tx-burst-threshold] [rx-burst-time[/tx-burst-time] [priority] [rx-rate-min[/tx-rate-min]]]]

As you may see, there is bursting available.

For the HotSpot user profile, the following attribute should be used,

Mikrotik-Group - Router local user group name (defines in /user group) for local users. HotSpot default profile for HotSpot users

For the HotSpot user profile, the following attribute should be used,

Mikrotik-Group - Router local user group name (defines in /user group) for local users. HotSpot default profile for HotSpot users

I got the bursting to work.
I am having issues with the profile. Can someone put in an example for the attribute?