I have a customer that only allows local office users to connect to a special set of pages on a website. Outside of their office network the public can only see general pages. They would like outside users who have an account on a Radius server to be able to authenticate and connect to these special webpages from outside the office.
I’d like to do with using the web page that MikroTik hotspot uses, or something similar that I can customize on a RouterBOARD. I’m trying to think of a way to have a RouterBOARD 600 accept connections when users type in it’s public IP address into their browser, prompt for a username/password, authenticate with an outside Radius server, then allow them access to this web server. The customer will have to handle this authenticated traffic by getting it to the proper web server.
Is what I’m trying to do possible? Is there anyway to setup a RouterBOARD to use a web-based authentication method to connect to a Radius server?
You can edit or add features to this, examples like: Using a proxy server for their connections to ease load on the local servers, adding https authentication to the login page, limiting bandwidth per user etc etc.
P.S. If you’re not confident with doing it from the command line you can quite easily go into winbox and use the hotspot “Setup” to do most of this for you, just have to go in to the profile and tell it to use radius auth after you’re done.