Hiu,
USERS ====> eth0 MT PPPoE eth1 ====> ISA SERVER (10.0.0.1)
I want to authenticate all users with my MT PPPoE Server. then all request from pppoe client should be forwarded to ISA SERVER.
Do I have to setup BRIDGE (br0) & create pppoe on br0 ? & setup a forward rule to allow only pppoe clients to access ISASERVER ?
You can not authenticate users in MT PPPoE server and then forward it to the next PPPoE server.
Either you authenticate PPPoE users on MikroTik, in the place of ISA server install RADIUS server, which will be responsible for Authentication and accounting.
Or create bridge on MikroTik router and remove any PPPoE server, setup PPPoE server on ISA server.
I dont want to setup 2 pppoe server.
I jsut want that users should authenticate with MT pppoe server, then all internet related request should be fullfilled by ISA Server, I dont want to use MT to be served as internet gateway, MT should work as authentication gateway only, so only logged in users should goto ISA Server.
Currently my setup is like this
users === LINUX BRIDGE with mac-ip binding === ISA SERVER
so only users with specific MAC-IP are allowed to contact ISA SERVER, if ip mac is not matched they denied to forward.
this doesn’t make any sense. why do you need two authentication servers? either leave the MT PPPoE server do it’s task, or let the ISA server do it. Having both don’t make sense, unless the ISA can be used as a RADIUS only.