I have a Chateau 5G ax (RouterOS 7) with two SSIDs - one for 2.4GHz and one for 5GHz. It currently is setup so that users connect with a pre-shared key. I want to instead have users authenticate with Active Directory credentials. I have a RADIUS proxy running in a VM, and want to have the Chateau use the RADIUS proxy for authenticating users. I’ve been trying to get that to work for around a month, but haven’t had any luck. Some of the materials I used for reference:
- http://forum.mikrotik.com/t/radius-wireless-login-to-active-directory/127064/1
- http://forum.mikrotik.com/t/eap-peap-mschapv2-as-station-with-v7/162453/1
- https://mivilisnet.wordpress.com/2018/10/01/how-to-integrate-your-mikrotik-router-with-windows-ad/
- http://forum.mikrotik.com/t/mikrotik-wifi-eap-by-nps-windows-2019-server/159337/1
From the limited testing that I’ve done so far, the mode=dynamic-keys and eap-methods=passthrough don’t appear to work anymore. They aren’t available via GUI on my end. When I try to use them from the command line, I receive error messages. Many configuration options mentioned in previous tutorials and threads I’ve seen online aren’t available with WiFi Wave2 security profile.
Has this been done with newer RouterOS 7 devices (using Wave2 wireless) before? Something tells me that I’m missing something obvious. I’m still reviewing the settings on the Chateau. I can also post my current configuration here if necessary.