source interface for Radius

mmc · October 22, 2005, 12:33pm

Dear all,
i’m working really successfully with the great loopback idea of eflanery

see http://forum.mikrotik.com/t/loop-back-interface/132/1

So ospf in a meshed network works much better now.

But its still unsolved to specify the source interface for radius.
Eg. from which outbound interface/ip-adress the mikrotik device sends the radius requests to the radius server
Currently you have to setup on the radius server each interface IP of the mikrotik client just for only one box. I’ll never know on which it will try to authorize in a meshed network.

Any Ideas ?

Regards from Austria
Wolfgang

eflanery · November 1, 2005, 12:14am

In 2.9, with the routing-test package, and the route to your radius server being recieved via OSPF (be it default, or whatever, as long as it comes from OSPF), you can do this:

/routing filter add chain=ospf-in set-prefsrc=z.y.x.w

Where w.x.y.z is your “loopback” IP.

Note that the octets of the IP currently need to be reversed, i.e. if your “loopback” IP is 10.20.30.40, you would need to enter 40.30.20.10 for set-prefsrc.

I’ve submitted it as a bug to support, but haven’t heard anything. I suspect it will be mysteriously fixed in the next version.

Also note, that this will set the source IP of any packet from the router, which is being sent via a OSPF learned route, not just Radius packets. It will also affect anything that gets “masquerade-ed” in the firewall src-nat chain.

I don’t think there is a way to do it without routing-test.

–Eric