We have a RADIUS server placed on shore, while the MT RB951 is placed onboard a moving vehicle, the internet connection is provided over a satellite connection.
Our customers can create their own users on the server via a self-service portal, and we have the RADIUS setting on the MT pointing to the shore server, today the customers can login via the hotspot directly or they can set up a their WAN port to auto-authenticate with PPPoE.
The customers want to avoid the additional cost of their own router and is asking if we can not set the username/password for authentication directly on our MT, so they can connect their computer/phones directly to our router (i.e. ether2) without the need to type in their user/name password or use an external device. We do need the authentication to take place as they will be deied any service if they’ve not paid their bill or the subscription has expired. Anybody know if this is possible? If so, any clues on how to achieve?
It depends a bit on the AAA-product used, but in general you could quite easily make a policy to “ACCEPT” if the NAS-Port is “ether2” (or anything else)
Yesterday we’ve configure similar thing but then on Cisco ISE + Cisco SDN-fabric for put indeed certain ports automagically in a guest whatever MAC or user-is presented.
Thanks for the reply. On our AAA server we can only set username and a password combination. It seems like my problem is that the router is unable to direct the request to the server. When connecting with a PC/router to my site router it works fine and we get redirected to the login page or if the PPPoE is set.
WORKING
Connecting directly on the site router with PC in DHCP mode get redirected to our captive portal login page
Connecting a router to port 2 or 3 on the site router accepts and connects the PPPoE credentials
NOT WORKING
3. Configuring a pppoe-client on the site router itself does not work. It does not seem to be directed to the radius server at all.
A pppoe-client interface does not interact with RADIUS directly, it will supply the configured username and password to whatever PPPoE server it is connecting to. What the PPPoE server does with these credentials is purely down to the server.
