Hi there,
I realize this might be more of a Freeradius related question but I figured there must have been many people before me that did what I’m trying to do. I’m still very new with RouterOS, Freeradius and MYSQL. Please bear with me.
The goal is to have multiple locations equipped with a hotspot that will authenticate against one Freeradius server. The idea is that this way there will be central control and logging.
So Router A in location A must only check/allow users from the user database for location A. Same for Location B, C etc. Eventually there might be over a thousand locations.
Question one:
What would be the best way to identify the NAS?
For my test I’ve used IP’s but eventually I want to move away from that because not all locations will have static IPs. If I understand correctly I can use the NAS-Identifier attribute instead but I’ve read that in case of Mikrotik this will limit you to one hot spot per router? Currently that isn’t a problem but I would like to make sure this is possible without having to rearrange the whole database if at some point one router needs to run multiple hot spots.
Question two:
What would be the best way to set this up in Freeradius?
What I’ve figured out so far is that you can use unlang and a lot of listen/if commands but that doesn’t seem very efficient to me? Not to mention it might be very prone to config errors if there are lots of NAS’.
I don’t know anything about databases but I would like to keep things separate as much as possible. Eventually I want to have a custom web interface which can be used by the local admin for each location to do fairly basic things such as delete/create users and groups and their attributes. Though I’m no programmer either so maybe dumping everything in the same database is not a problem.
Anybody could point me in the right direction? I did find some info on the forum but most of it was a decade old.
