I have configured two RADIUS Servers in my Mikrotik CapsMan. One uses the default RADIUS Port 1812 and the other one uses 11812, for technical reasons I have to use that port.
The SSIDs are configured with WPA-EAP, one SSID uses the Radius which is available on 1812 and one the other Radius on 11812.
On the SSID which uses the 11812 Radius, Mikrotik will NEVER send EAP Auth requests to our Radius, instead Mikrotik immediately changes to Mac Adress Auth.
On the SSID which uses the 1812 Radius (Default Port), I dont have such a problem.
Can someone confirm that? I already made a support ticket @ Mikrotik, but didn’t get any response until today.
Nobody a Idea?
I did some troubleshooting again and installed a fresh RadSecproxy server for proxy our Eduroam auth requests to the auth services from our central administration and I see exactly the same problem.
The Radius request is NOT a EAP message, it’s just a stupid Mac Auth request… I don’t know why, we also have a FreeRadius (PacketFence) for internal users (not used for eduroam) and it’s working without any problems…
If I send the eduroam Auth request to this internal Radius Server, Mikrotik sent EAP Pakages, but because of a company policy I am not allowed to use this Radius serverd for Eduroam anymore.
We have also a extreme networking wifi infrastructure, which also authenticate Eduroam against the same RadSecproxy server and we do not have any problems with these WIFI Access Points …