hi
i have a mikrotik version 4.9.
i’m sending Framed-Pool attribute to assign pppoe clients ip address and the Framed-Pool value is
the name of pool that created in mikrotik but couldnt assing ip to clients.
please help me on this issue.
Turn on RADIUS debugging and see what the logs say.
I use it for VPN connections authenticated via a 2k8 NPS server. Works fine. Didnt really have to do anything special.. Sorry I couldnt help more. 5.0b2 FWIW.
Hi
thanks for reply
i 've checked the radius log. it seems that Framed-Pool not exist in Access-Request packet but i’m sure that
i sent this attribute cause while i’m testing with RadiusTest, Radius Server send Access-Accept packet and everythings is ok. but when clients pppoe to mikrotik they get error 738 (the server did not assign ip address).
my radius server is steel-belted.
Framed Pool shouldnt be sent in access request, only access reply. The RADIUS server is telling the client what IP pool to assign an IP from.
IE: It isnt a check attribute, it is a reply attribute.
I know that framed-pool should be send in reply procedure but there is no effect in radius log.
i really dont know where the problem is.
please help me step by step on this
I use FreeRADIUS, and it has radtest. I use it to test new return attributes. When you use RadiusTest, do you see the RADIUS server returning the Framed-Pool attribute you expect for that user in the Access-Accept message?
yes here is the log of RadTest while sending username=test and password=test it returns true pool name
but it is not working on mikrotik.
i have also enabled radius logging on mikrotik but there is no information about what happen to Framed-Pool attribute.
Sending Access-Request of id 177 to 192.168.100.55 port 1812
User-Name = “test”
Password = “test”
rad_recv: Access-Accept packet from host 192.168.100.55 port 1812, id=177, length=83
Class = 0x53425232434cf9dfabdacdd8f5e1cb8011802101800281988002800581aa91aab5a012800e81f9dfabdacdd8f5e1cb8080808588
Framed-Pool = “mypool”
That looks ok. Can you post “/ip address” and “/ip pool”? Mask any public ips if you wish,.
[admin@NOC] /ip pool> print
NAME RANGES
0 School_int 192.168.10.1-192.168.10.254
1 Internal_VPN 192.168.121.1-192.168.121.6
2 Valid 80.191.1.0-80.191.1.254
3 OlumP 172.30.0.1-172.30.15.254
[admin@NOC] /ip address> print
Flags: X - disabled, I - invalid, D - dynamic
ADDRESS NETWORK BROADCAST INTERFACE
0 172.16.1.2/24 172.16.1.0 172.16.1.255 Ether10-External
1 D 80.191.1.0/32 172.30.0.9 0.0.0.0
2 D 80.191.1.0/32 80.191.1.37 0.0.0.0
3 D 80.191.1.0/32 80.191.1.19 0.0.0.0
4 D 80.191.1.0/32 80.191.1.7 0.0.0.0
5 D 80.191.1.0/32 80.191.1.16 0.0.0.0
6 D 80.191.1.0/32 80.191.1.18 0.0.0.0
7 D 80.191.1.0/32 80.191.1.20 0.0.0.0
8 D 80.191.1.0/32 80.191.1.249 0.0.0.0
Where is ip pool named “mypool”?
that was just for test i removed it.
i send pool named Valid in reality.
i’m not that newbie man 
I meant no offense. It is difficult to tell a person’s skill level in just a few posts.
Then let’s include it! What is the real Framed-Pool value sent from the RADIUS server? That is presuming the data from "ip pool " and “ip address” are valid.
None of the ip pool ranges shown are assigned to any interface. Something I should know about that?
What device is issuing the 80.191.xx.xx ips?
ADD: Then it is your router’s dhcp server issuing the 80.191.xx.xx ips on the pppoe interface?
you know here is my network topology.
1)the pool name that i want to send via radius is named “Valid”. (80.191.1.x)
2)according to mikrotik documents, we can assign any ip for local address in default profile or any other profile (pppoe clients peer interface).
3)valid range 80.191.1.x is routed over invalid ip (172.16.1.33 → 172.16.1.2) to mikrotik so no need to assign any ip of this range to any mikrotik ethernet interface.
4)currently i use “Framed-IP-Address” instead of “Framed-Pool” and everything works ok.
i assign ip address that retrived from SQl DB to pppoe clients and there is no problem, but now i want mikrotik to handdle ip addresses so need to send Framed-Pool instead of “Framed-IP-Address”.
thats all.
I see your point now. Maybe you have a reason to generate a supout.rif file and email it to support (at) mikrotik.com with a short explanation of the challenge.
ADD: I must admit, I have never tried “Framed-IP-Address” and “Framed-Pool” on the same network.
we’re using such setup on v3.28 - all clients get address from private pool, some client receive their own public addresses. works fine for a long time =)
hi Chupaka
thanks for replying.
dont you think anything special on my problem?
what should i do i really need to use “Framed-Pool” attribute. is this attribute should use as VSA (vendor specefic attribute) or just use as standard?
it’s standard one. in my pptp profile, ‘Remote Address’ is unset, and RADIUS sends Framed-Pool=poolname…
again, v3.28, haven’t checked with v4
i dont have remote address in default profile either.
i just use mikrotik as pppoe BRAS and want to hanndle more than 1k clients.
do u suggest me to downgrade to version 3.28? is it ok and optimized for pppoe?
you may downgrade to 3.28 and check whether it will work with your current RADIUS settings. if v3 works and v4 doesn’t - then write to support@mikrotik.com =)