Here is how I enabled WPA2 Enterprise with Radius.
Using Winbox -
- Go to Wireless->Security Profiles. Create a new security profile.
- a. Under the General tab, select Mode=dynamic keys, Authentication Types - only WPA2 EAP (deselect WPA PSK and WPA2 PSK), Unicast Chiper - only aes ccm, Group Chipers - only aes, Enter your Supplicant Identity, Management Protection=Allowed.
b. Under the Radius Tab, Select MAC accounting (as I wanted accouting based on MAC), MAC Mode = as username, MAC Caching time = disabled.
c. Under the EAP Tab, EAP Methods=Passthrough, TLS Mode=no certificates, TLS Certificate=none
-
Under the Radius Menu, Add a new server. Selecte Service - only Wireless, Enter the Radius Server IP Address, and Secret (you need to enter what has been entered in your RADIUS server)
-
Go to Wireless, select the interface, and set the Security profile to the one created in step #1
I configured mine based on http://forum.mikrotik.com/t/wpa2-802-1x-on-mikrotik/20403/1
Best,
Pradeep