I can get usermanager to work fine on the router it’s hosted on (say, using it for user authentication as a test), but when I try it on any remote MT routers I get a radius timeout. The routers (both the usermanager host and client router) can see each other, so I’m wondering why it won’t work. In my last test case, I tried it on two routers that are connected to each other via Ethernet in the same building, same situation, no go. Is there some setting that has to be done to turn on the radius server in the host MT router? But it works locally!?
Thanks Serge, but I’ve tried all that again and again. I’ve tried it using two routers in our network that are connected via ethernet, in case it’s some sort of wireless issue (it’s not). Any way I can check connectivity between the systems for ports 1812 and 1813 from Winbox? I’ve been testing using login via Radius on the client router; again it works on the radius/Userman router, but not any remote router, even though the router’s IP is entered as a router with secret in the Userman, and the user is added to Userman. I’m using L4 on the Userman router…does it need to be at L6 to work? (I know for production, I’ll need to go to L6, but I wanted to try it and see how it works first.)
No, level4 is enough.
Probably, you can contact support with attached support files from User-Manager and RADIUS client (support@mikrotik.com), in order to determine problem more faster.
Hey Serge, update. Got usermanager to work (and what a great software it is), but only one hop away from the router’s it’s used on. So far, I’ve only been able to check stuff that is connected by wired ethernet one hop away, and as I said that works great. I’ve been testing by checking the ability of remote routers to RADIUS authenticate to the userman for users, and if that works, I go on to PPPoE. Am I inadvertently blocking some protocol that is necessary for RADIUS communications on my links? I would so love to expand my use of usermanager to the rest of my networks and get away from tying my user authentication to specific hardware.