So this is my virgin post, hoping to make many more
We have a location with the following setup. A netgear adsl router authenticating on our adsl network behind this netgear there is a RB433AH, with a 90 degree sector for a client connecting with a 2.4 CPE and a 411 from a different location. So we have routed the ADSL IP to our radius manager in order for the client connecting to the dist to then authenticate on radius so we can keep track of usage etc. The problem is then that whenever the ADSL IP changes the client cant authenticate via the wireless link. Is there any way around this?
Why have you limited the route to the radius manage to only accept the DSL IP?
Anyway, either make the route accept any address… or write a script to periodically update the IP address in the route automatically. Scripts like that are all over these forums.
I might have explained incorrectly. Route was maybe the wrong word to use. We have a client with an adsl connection and VPN to us. (Firstly the VPN seems to just go down randomly) There is another client connecting wirelessly to the client with the adsl connection. When that ADSL ip address changes the client connecting wirelessly can not authenticate. How to get around this without having to change the IP in RadMan?
Why are you hard-coding the IP address? You should allow the connection from any IP address. If you do require the IP address somewhere in Mikrotik, then use a script and put dyndns on the client’s router. Your radius should authenticate based on username and password instead of IP address though.
It does authenticate on user and password, but for it to authenticate the VPN needs to run and for that to happen the program we wrote requires the current IP of the adsl router. So whenever that adsl IP changes the VPN drops and the client cant authenticate.
So use a dynamic IP service like dyndns or no-ip.com and then put that hostname into your program. Put a script into the mikrotik that updates the dyndns everytime it changes.
*edit
I see now where I made the mistake in my explanation. I made the local IP adress 10.10.10.7 and remote 10.10.10.8 and there is then a username and radius secret for this.
