Freeradius 1.1.0 + Mikrotik v2.9.7

Recently i`ve configured freeradius with mikrotik to connect users via pppoe, pptp or l2tp.
The problem is that, when one user is connected, the other user is unable to connect.
Here are the logs.


--------------------------------------First user connects -------------------------
(46 messages discarded)
echo: radius,debug,packet Calling-Station-Id = “00:50:8D:68:DB:20”
echo: radius,debug,packet Called-Station-Id = “service1”
echo: radius,debug,packet NAS-Port-Id = “bridge1”
echo: radius,debug,packet Acct-Session-Id = “81000000”
echo: radius,debug,packet Framed-IP-Address = 10.194.244.149
echo: radius,debug,packet Acct-Authentic = 1
echo: radius,debug,packet Acct-Status-Type = 1
echo: radius,debug,packet NAS-Identifier = “MikroTik”
echo: radius,debug,packet NAS-IP-Address = 10.194.23.248
echo: radius,debug,packet Acct-Delay-Time = 0
echo: radius,debug,packet received Accounting-Response with id 124 from 10.194.2
3.246:1813
echo: radius,debug,packet Signature = 0x16c0ffe781452ce6261046058ecf4f61
[admin@MikroTik] >
echo: radius,debug received reply for 53:00
echo: radius,debug request 53:00 processed
[admin@MikroTik] >
(8 messages discarded)

---------------------------------- Second user is trying to connect --------------

echo: radius,debug,packet User-Name = “toxie”
echo: radius,debug,packet Calling-Station-Id = “00:C0:26:6D:16:09”
echo: radius,debug,packet Called-Station-Id = “service1”
echo: radius,debug,packet NAS-Port-Id = “bridge1”
echo: radius,debug,packet MS-CHAP-Challenge = 0xc87049d986b943c7773272b9f6c0
76dd
echo: radius,debug,packet MS-CHAP2-Response = 0x0100820169c2908c12b7cfbe01f2
55ef
echo: radius,debug,packet c1c200000000000000004320c48df468
echo: radius,debug,packet 8a58f84d8d4727c73ee24d4a4e886258
echo: radius,debug,packet e85c
echo: radius,debug,packet NAS-Identifier = “MikroTik”
echo: radius,debug,packet NAS-IP-Address = 10.194.23.246
echo: radius,debug could not receive packet for 53:04: Connection refused
[admin@MikroTik] >
(7 messages discarded)
echo: radius,debug,packet User-Name = “toxie”
echo: radius,debug,packet Calling-Station-Id = “00:C0:26:6D:16:09”
echo: radius,debug,packet Called-Station-Id = “service1”
echo: radius,debug,packet NAS-Port-Id = “bridge1”
echo: radius,debug,packet MS-CHAP-Challenge = 0xc87049d986b943c7773272b9f6c0
76dd
echo: radius,debug,packet MS-CHAP2-Response = 0x0100820169c2908c12b7cfbe01f2
55ef
echo: radius,debug,packet c1c200000000000000004320c48df468
echo: radius,debug,packet 8a58f84d8d4727c73ee24d4a4e886258
echo: radius,debug,packet e85c
echo: radius,debug,packet NAS-Identifier = “MikroTik”
echo: radius,debug,packet NAS-IP-Address = 10.194.23.246
echo: radius,debug could not receive packet for 53:04: Connection refused
[admin@MikroTik] >
(7 messages discarded)
echo: radius,debug,packet User-Name = “toxie”
echo: radius,debug,packet Calling-Station-Id = “00:C0:26:6D:16:09”
echo: radius,debug,packet Called-Station-Id = “service1”
echo: radius,debug,packet NAS-Port-Id = “bridge1”
echo: radius,debug,packet MS-CHAP-Challenge = 0xc87049d986b943c7773272b9f6c0
76dd
echo: radius,debug,packet MS-CHAP2-Response = 0x0100820169c2908c12b7cfbe01f2
55ef
echo: radius,debug,packet c1c200000000000000004320c48df468
echo: radius,debug,packet 8a58f84d8d4727c73ee24d4a4e886258
echo: radius,debug,packet e85c
echo: radius,debug,packet NAS-Identifier = “MikroTik”
echo: radius,debug,packet NAS-IP-Address = 10.194.23.246
echo: radius,debug could not receive packet for 53:04: Connection refused
[admin@MikroTik] >
echo: radius,debug timeout for 53:04
[admin@MikroTik] >

The usernames and the passwords are ok.
When i tried to connect one user to one MT and the second user to another mikrotik everything works fine.But when im using only 1 MT, only one user can be logged in. Does anybody had some issues like this before ? Its really annoying me, cause i can`t figure it out where could be the problem.

P.S. While the first user is connected and the 2nd user initiate the connection, the packets simply does not reach the radius server.
I started radius with radiusd -X .

Stupid question, but maybe you have L1 license which does not allow more than one user?

Im having L6 license.So i dont think that could be the problem.The problem is somewhere else.Thats why i`m asking on the forum.

This might help : On the pppoe server interface you should take out mshap1 and mschap2

eXeBuG

Same thing happens.I noticed that when nobody is connected to radius, radius server can ping mikrotik and mikrotik can ping radius too.When somebody connects to radius, radius can`t ping mikrotik anymore, neither the user, but mikrotik can ping the radius server and the user too without no problem.

In pppoe server, did you buy any chance put on in max sessions? That is the total number of people that can log in at one time.

I solved the problem, when ive changed in the ppp profile the local address from 10.194.23.246 to 10.194.26.246.And now it works fine.Max session ive left empty and unchecked.In profiles too in limits tab i`ve left on default the ONLY ONE option.

My users are on the 10.194.23.0/24 subnet and when they connect they should be on the 10.194.26.0/24 subnet.
I dont get this: My radius server has the 10.194.23.246 address i have nothing on 10.194.26.246. How can this actually work ? When im connected and i try to ping ie. http://www.google.com i`m getting this

Pinging http://www.l.google.com [209.85.129.147] with 32 bytes of data:

Reply from 10.194.26.246: Destination net unreachable.
Reply from 10.194.26.246: Destination net unreachable.
Reply from 10.194.26.246: Destination net unreachable.
Reply from 10.194.26.246: Destination net unreachable.

Ping statistics for 209.85.129.147:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

What should i put on 10.194.26.246 ?