Page 1 of 1

ROS 6.45+ Dot1X support with User Manager?

Posted: Mon Jul 29, 2019 3:54 am
by Amm0
The new Dot1X supports being a 801.1X "server" (secures a port/interface by requiring EAP auth). But was hoping the User Manager would work as the RADIUS server for it...since Dot1X doesn't seem to support using non-RADIUS like local/ROS users or PPP/VPN "secrets" users (e.g. ones used by L2TP etc.)

Thought User Manager, being Mikrotik's RADIUS support, would be able to enable Dot1X authentication. But not so sure after trying it out...

Is it possible to use User Manager for new ROS Dot1x auth support? Or any other way to provide a list of users to Dot1X in ROS?

Re: ROS 6.45+ Dot1X support with User Manager?

Posted: Mon Jul 29, 2019 4:34 am
by Sob
So far the answer is "no". But you're not the only one who had the same idea. AFAIK nothing have been promised by MikroTik, but I think it will happen eventually, because it's the logical thing to add next. And it would be good to make the solution as real RADIUS server, not some local-only alternative, because I'd like to also use it for 802.1x with external switches.

I'm just not sure about current User Manager, I never got that thing. It looks big, so I though that it would be usable for this and possibility to come up with correct config would be hidden somewhere inside. But it was like deja vu of previous experience, when I wanted WPA2 EAP for wireless few years back. I mean, customers, subscribers, payments, ability to connect with Paypal, what the... ?! I just want to have user "joe" with one password and user "bob" with another! :)

Re: ROS 6.45+ Dot1X support with User Manager?

Posted: Thu Nov 14, 2019 11:25 am
by leemans
Dear,
Yes we hope that Mikrotik will add this feature to User Manager. Would be logic.. why you should need 2 radius servers or why should you replace userman by Freeradisu or Windows NPS if this feature could be added to Userman.
Hope Mikrotik will add this feature soon.

Re: ROS 6.45+ Dot1X support with User Manager?

Posted: Fri Jun 26, 2020 1:12 am
by arash88
+1 for a full RADIUS server implementation and Dot1X support of userman.