I have posted this some time back also and posting it again with new updates hope somebody might have solved this or can be good for information.
I have a hotspot server, one radius server (tested on freeradius , MT Usermanager , windows based RadTac , Windows IAS server). Users are authenticating on radius. Radius has different profiles to allocate ip based on username. IP’s are all private.
- user gets private ip from dhcp
- user authenticates with radius get new ip (internal one-to-one can see in the host list of MT).
- Hotspot has another external ip address to which clients ip (one which is allocated based on username) is src-nat. (i need it on different ip coz i have a shaper to create bandwidth contention ratios and priority in bridge mode)
- If i set Rate-limit on MT in the user profile it does not create dynamic queue even if i add radius attributs Rate-Limit , Mikrotik-Raie-Limit etc.
- When i try to use PCQ/Simple Queue/Queue Tree that also does not work as customers traffic is still going through default MASQ rule of Hotspot server not the src-nat i have created for new ip range allocated. That i can verify by going to http://www.whatismyip.com.
It is same with all types of radius including Usermanager.
My conclusion is With MT hotspot if you want to use radius you better have huge range of public ip addresses. or authenticate MT local which works fine.
I have written this to support@mikrotik.com and sent the supout.rif file. Let’s see what get from there.