Multiple Radius servers on one mikrotik

winagain · September 11, 2008, 2:28am

Good Day,

I would like to know how we can use two radius servers to authenticate clients on a single mikrotik.

Basically we have just set up WDS and are having problems with radius not authenticating some clients. Clients should be authenticated by either radius server 1 or radius server 2.

Both servers are setup under radius, but when a client connects that should be authenticated on radius server 2 , radius server does not allow authentication and the authentication request is not passed to the second radius server, thus the client is disconnected with error authentication failure.

We have this kind of setup, as we are two wisps working together to create a local exchange. How can we work around this issue???

Any info would be greatly appreciated.

sergejs · September 11, 2008, 6:54am

winagain,

/radius menu is working in the following way.
At the beginning first RADIUS server is being contacted, if there is no such user second RADIUS isn’t contacted.
Second RADIUS server is contacted only when first RADIUS server isn’t responding.

mapunda · September 20, 2008, 6:11pm

Hi winagain

The best way is to have two domains, one for each ISP. Say a user from ISP1 logs with mmm@xxx.yyy where mmm is username and xxx.yyy is the domain for ISP1. And second ISP uses ttt@ppp.qqq where ttt is username and ppp.qqq is the domain of the second ISP.

Then use the proxy feature of radius to proxy the request for one domain to the second server.

Which radius server are you using?

Stemap