Radius server on lan side

mikenl · July 13, 2011, 7:37am

Hi,
I’m in the process of learning Routeros.
I do not understand the firewall/nat/chains fully.
I have experience with pfsense though.

Setup :

wan > pfsense box, public lan > rb450g > switch > clients, radius server, monitoring devices

The rb450g functions as a hotspot.

The problems :

The radius server isn’t reachable by the rb450g on the lan side.
2 The monitoring devices aren’t reachable from the pfsensebox lan side.

Someone who can shed some light on this ?

fewi · July 15, 2011, 2:03pm

Are the clients, RADIUS server, and monitoring devices all on the same network?

If yes, change your network design. Put the RADIUS server and monitoring devices on a different network from the customers so the Hotspot doesn’t block traffic (which is, after all, its purpose). Make sure all routers have routes to each other’s networks.
That’s far cleaner than exempting devices through the Hotspot.

mikenl · July 15, 2011, 6:07pm

Hi,
Due to the network design some devices have to be on the same physical network.
The network is several 100’s of meters long.

fewi · July 15, 2011, 7:31pm

That is a really bad design, and I would redesign the entire network.

That said, exempt devices through the Hotspot by adding IP bindings of type “bypassed”.