Hello there,
i am asking if there is an way to setup for the MT on OS 2.9.X an loopback interface.
if yes, can i tell the MT which source IF he should take for MAC-authentication to the radius-server?
background:
Recently i have setup an l3-ring (OSPF), means each AP has 2 internet uplinks, so if one fails, may he
try to authenticate with the source-IP which is not longer UP (because IF down)
any help would be appreciated!
thanks!
chris
you may look here,
http://wiki.mikrotik.com/wiki/Routing_Questions#Question:_I_have_a_.2F22_.28say_10.0.0.0.2F22.29_assigned_IP_space.2C_split_internally_down_into_.2F30.27s.2C_.2F28.27s.2C_etc._Is_it_possible_just_to_announce_the_.2F22_space_via_BGP_with_routing-test_package.3F
Could you be more specific about second question (do you asking about communication between RouterOS and RADIUS trough specific connection) ?
well, i just ment how can i tell the radiusclient on MT to use the LO interface - it seems to be easy to setup an LO
(thanks for the help for this issue)
so how can i bind the radiusclient from the MT to the Loopbackinterface that the requests comes only from this interface-source on
MT to the radius-server?
thank you for your help!
chris
Well, what is the problem with data required to RADIUS ?
If you will look at Data flow diagram,
http://www.mikrotik.com/testdocs/ros/2.9/ip/flow.php
local-process-out is field, where RADIUS client data is appeared and go to the ouput → routing → postrouting.
hi again,
there is actual no problem with that.
no, i know there is a way with postrouting to do that. - i just compare it with cisco IOS
you can tell here to use “ip radius-source interface xxx” - i wanna ask if this is possible
without postrouting?
chris
here is what you are looking for..
/ ip firewall nat
add chain=srcnat dst-address=radius-server-IP protocol=udp dst-port=1812-1813
action=src-nat to-addresses=source-ip-addrress to-ports=1812-1813 comment=“”
disabled=no