Hello.
I need some help with finding a radius solution.
What I want is a server to control access to a large wireless network.
Am locking for these features:
-Individual bandwith setting (groups and clients)
-Captive portal
-Web interface (adding ,remowing, blocking etc clients)
Any tips for software and setup?
Over here I’ve got FreeRADIUS running on a Linux Fedora box, sitting in my office, serving three separate networks in three different towns.
RADIUS queries MySQL for user info and bandwidth settings etc,
and got a very simple PHP interface to alter the SQL database - add users, remove them, change bandwidth settings, disable them etc.
SQL server daemon runs on the same system as the RADIUS in my case.
http://www.freeradius.org
For Bandwidth settings for Groups, there are some things you need to fiddle with in “radgroupreply” table in SQL to facilitate that.
If you get to that point, google it, or ask again. I can’t remember the specifics now.
If you need some help on the specifics, I’ll be happy to consult. But the documentation helps you through most of what you need to know.
Mikrotik is simply set to Use Radius and Use Accounting,
and points to the Radius server.
I’m not all that familiar with User Manager, but I’m sure there are some options available there as well. Anyone want to elaborate on that? Then I’ll learn something too. 
As for Captive portal - Mikrotik’s Hotspot service should solve that problem. It comes with Captive Portal built in. See RouterOS documentation.
Good luck! Took me a couple of days to get it running…
-Krige
Thank you krigevr 
So what I need is…
-a box with a Linux distro.
-install free RADIUS
-Install MySQL
-Connect free RADIUS and MySQL
What web interface do you use?
I’m running Linux Fedora core 7 on my server, just for reference.
For editing/adding/removing the tables/rows/databases in SQL, I use PHPMyAdmin.
See section 2 of this How-To for PHPMyAdmin installation:
http://www.howtoforge.com/virtual_hosting_with_proftpd_and_mysql_fedora7
This how-to is designed for - as the name states - Virtual Hosting with Proftp and MySQL.
But you can use the phpmyadmin simply to administrate mysql, regardless of what you’re using mysql for.
And I use a custom-made little PHP thingy to add/edit/disable users.
I’ll give the source to you if you like, I don’t mind sharing my stuff.
However, RADIUS comes with a nifty web-based application called Dialup_Admin.
http://wiki.freeradius.org/Dialup_admin for more information.
(My custom PHP thingy doesn’t have a Remove User option, dialup-admin does.)
I recommend looking into dialup-admin to administrate your Groups.
(i.e. the IP-pools and it’s parameters) I use 10 separate IP Pools, works great.
Just a note - When installing FreeRADIUS - do it using YUM Install.
Compiling it from source will work fine, but it’s a MAJOR mission getting it running.
I spent 4 days trying - and failed. Then turned to YUM, and got it running in a few hours.
Save yourself the heart- and headache, use YUM.
If you need more help, just yell.
P.S. Before you go overboard with this option, check out User Manager as well. I’m just not mentioning it because I know nothing about it. But it seems to be highly praised.
Best of luck.
FreeBSD (w/o GUI for max performance)
Apache
MySQL
FreeRadius
Dialup-Admin
Great thing about FreeBSD, you can run on old 486 with 128M RAM and 10GB hard drive. Seems much more secure out of the box than Linux.
User Manager can do all that, and I’d guess it’s even easier. I’m not sure what you mean by Captive Portal.
Captive Portal is when you attempt to open a website using your browser, but automatically get redirected to the Hotspot Login page.
I’m trying to get User Manager running, to serve as a Failover database -
but the web interface is very buggy.
Struggled for 15 mins trying to add a user - just keeps freezing out -
Have to close browser and re-open and retry.
Nifty functions though.
I like it. Except for the bugs. (Maybe it’s just Internet Explorer.)
Thank you for many good tips
The choises are now:
-Apache
-Radius
-My sql
-PHP my admin
-Dialup admin
or
-Apache
-User Manager
But witch is the most stable solution?
Anybody been running both solutions?
Seems like User Manager might be the most smooth solution, as it`s all in one…
I’ve now started running User Manager as well -
Works very nicely.
Here is my opinion of FreeRadius vs. UserManager
FreeRadius, although far more complicated to set up than UserManager, offers Complete Versatility. However, to utilize this versatility to the fullest, you need to be either quite an advanced user, or you need to be good at Google.
User Manager is quick and painless to set up, although one thing that confused me was what IP address to use in ‘/radius’ on Mikrotik to point the Radius to itself - meaning that the User Manager is running on the same machine as the PPP server - since it seems that MT does not have a loopback interface - which is what I used to let Fedora point to itself as the Radius server.
With PHP/SQL, you can write some scripts to let users log in and view their own usage stats (if you have throughput limits and stuff), view their account details etc, where this is a feature that I would really like in User Manager. I’ve written such a script, if anyone wants to check it out.
User Manager, however, makes Managing Users a breeze though. Quick and easy,
with rate-limit and burst settings - the works. Generating the reports on Hotspot usage is a BIG plus - a bit more difficult to achieve with PHP/SQL, but in php/sql it’s not too difficult to generate reports for PPPoE logins. (i.e. those with no time limits)
In Radius, you have to manually insert the additional attributes and values for different user profiles in the SQL tables. But once they’re in, you can just call on them wth your Group settings.
In short, I’ve been running Radius for over a year now, with Zero problems.
I’ve been running User Manager for about a week now, also with Zero problems.
Personally, I want the versatility that Radius/SQL/PHP offers.
But if User Manager suits all your needs - Go User Manager!
It saves time. Lots of time.
Good Luck!
-Krige