Hi,
I’m trying to set up hotspot on mikrotik but it should use freeradius server for authentication. Is it possible to do so without user manager?
I can’t use CHAP because of backend so I assumed if I configure hotspot login with HTTP PAP and put a check mark on the “Use radius” option it will forward user and password in radius packet to the radius server. But when I do it like this my radius server doesn’t recognize the request as PAP so it doesn’t respond.
Also if this is possible how secure is it? If I use HTTPS option on hotspot config I assume the communication between user browser and mikrotik is safe. But after that the radius request from mikrotik to freeradius is plaintext I assume?
I had working wifi deployment with eap-ttls but some requirements changed so I have to use hotspot now and trying to find a way to reconfigure freeradius, get wanted functionality and keep the communication safe end to end