Community discussions

MikroTik App
 
igpetkov
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 52
Joined: Thu Oct 09, 2014 10:27 pm

Hotspot Radius Help

Tue Mar 08, 2016 8:14 am

Hi,All!
I have a problem with configuring of my Hotspot system.
I deploy two UniFi UAP devices and one UniFi Outdoor+. They broadcast two wireless networks – one secured with password and one open. The open network have assign VLAN (VLAN ID:10).
I use Mikrotik RB 2011 UiAS-RM for Gateway router and for Hotspot management. The secured and open network use the same interfaces of Mikrotik (eth6, 7, 8, 9, 10).
Eth1 – WAN: 192.168.1.123/24
Eth2,3,4,5 – Free Ports
Eth6,7,8,9,10 – LAN : 10.10.10.1/24 and VLAN:ID 10
DHCP: 10.10.10.2-10.10.10.250 on eth6
VLAN 10: 172.16.0.1/24
DHCP: 172.16.0.2-172.16.0.254
----------------------------------------------------------------------------------------------
Here is my configure:
# mar/07/2016 11:02:10 by RouterOS 6.34.2
# software id = QQK1-CQRP
#
/interface ethernet
set [ find default-name=ether1 ] comment=WAN:
set [ find default-name=ether2 ] comment="Free Ports:"
set [ find default-name=ether6 ] comment=LAN:
set [ find default-name=ether7 ] master-port=ether6
set [ find default-name=ether8 ] master-port=ether6
set [ find default-name=ether9 ] master-port=ether6
set [ find default-name=ether10 ] master-port=ether6
/ip neighbor discovery
set ether1 comment=WAN:
set ether2 comment="Free Ports:"
set ether6 comment=LAN:
/interface vlan
add interface=ether6 name="VLAN Hotspot" vlan-id=10
/ip hotspot profile
add dns-name=hotspot.hot hotspot-address=172.16.0.1 name=hsprof1 use-radius=\
yes
/ip pool
add name=dhcp_pool1 ranges=10.10.10.2-10.10.10.250
add name=hs-pool-12 ranges=172.16.0.2-172.16.0.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether6 name=dhcp1
add address-pool=hs-pool-12 disabled=no interface="VLAN Hotspot" lease-time=\
1h name=dhcp2
/ip hotspot
add address-pool=hs-pool-12 disabled=no interface="VLAN Hotspot" name=\
hotspot1 profile=hsprof1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/tool user-manager profile
add name="One Week" name-for-users="2 Weeks 2MB/2MB" override-shared-users=\
off owner=admin price=0 starts-at=logon validity=2w
/tool user-manager profile limitation
add address-list="" download-limit=0B group-name="" ip-pool="" name=2MB/2MB \
owner=admin rate-limit-min-rx=2097152B rate-limit-min-tx=2097152B \
rate-limit-rx=2097152B rate-limit-tx=2097152B transfer-limit=0B \
upload-limit=0B uptime-limit=0s
/ip address
add address=192.168.1.123/24 comment="WAN Network:" interface=ether1 network=\
192.168.1.0
add address=10.10.10.1/24 comment="LAN Network:" interface=ether6 network=\
10.10.10.0
add address=172.16.0.1/24 comment="hotspot network" interface="VLAN Hotspot" \
network=172.16.0.0
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1
add address=172.16.0.0/24 comment="hotspot network" gateway=172.16.0.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=172.16.0.0/24
/ip hotspot user
add name=admin password=1234
/ip route
add distance=1 gateway=192.168.1.2
/radius
add address=127.0.0.1 secret=12345 service=hotspot
/radius incoming
set accept=yes
/system clock
set time-zone-name=Europe/Sofia
/tool user-manager database
set db-path=user-manager
/tool user-manager profile profile-limitation
add from-time=0s limitation=2MB/2MB profile="One Week" till-time=23h59m59s \
weekdays=sunday,monday,tuesday,wednesday,thursday,friday,saturday
/tool user-manager router
add coa-port=1700 customer=admin disabled=no ip-address=127.0.0.1 log=\
auth-fail name=HotspotVLAN shared-secret=12345 use-coa=no
/tool user-manager user
add customer=admin disabled=no password=user01 shared-users=1 username=user01 \
wireless-enc-algo=none wireless-enc-key="" wireless-psk=""

--------------------------------------------------------------------------------------------------------------------------------------------------
On eth 8,9,10 are connected UNiFi devices and with UniFi controller I set two wireless. First free connected to eth6 and corresponding DHCP and second with VLAN 10 to Hotspot system.

But when I connect to hotspot wireless and enter username and password the system respond: RADIUS server is not responding
Can someone say me where I am wrong, and what to do to correct this malfunction.

When I start this system without Radius server and enter users in Hotspot everything works fine. Here is this case:
----------------------------------------------------------------------------------------------------------------------------------------
# mar/07/2016 10:50:30 by RouterOS 6.34.2
# software id = QQK1-CQRP
#
/interface ethernet
set [ find default-name=ether1 ] comment=WAN:
set [ find default-name=ether2 ] comment="Free Ports:"
set [ find default-name=ether6 ] comment=LAN:
set [ find default-name=ether7 ] master-port=ether6
set [ find default-name=ether8 ] master-port=ether6
set [ find default-name=ether9 ] master-port=ether6
set [ find default-name=ether10 ] master-port=ether6
/ip neighbor discovery
set ether1 comment=WAN:
set ether2 comment="Free Ports:"
set ether6 comment=LAN:
/interface vlan
add interface=ether6 name="VLAN Hotspot" vlan-id=10
/ip hotspot profile
add dns-name=hotspot.hot hotspot-address=172.16.0.1 name=hsprof1
/ip pool
add name=dhcp_pool1 ranges=10.10.10.2-10.10.10.250
add name=hs-pool-12 ranges=172.16.0.2-172.16.0.254
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=ether6 name=dhcp1
add address-pool=hs-pool-12 disabled=no interface="VLAN Hotspot" lease-time=\
1h name=dhcp2
/ip hotspot
add address-pool=hs-pool-12 disabled=no interface="VLAN Hotspot" name=\
hotspot1 profile=hsprof1
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/ip address
add address=192.168.1.123/24 comment="WAN Network:" interface=ether1 network=\
192.168.1.0
add address=10.10.10.1/24 comment="LAN Network:" interface=ether6 network=\
10.10.10.0
add address=172.16.0.1/24 comment="hotspot network" interface="VLAN Hotspot" \
network=172.16.0.0
/ip dhcp-server network
add address=10.10.10.0/24 gateway=10.10.10.1
add address=172.16.0.0/24 comment="hotspot network" gateway=172.16.0.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=172.16.0.0/24
/ip hotspot user
add name=admin password=1234
/ip route
add distance=1 gateway=192.168.1.2
/system clock
set time-zone-name=Europe/Sofia
/tool user-manager database
set db-path=user-manager
---------------------------------------------------------------------------------------------
Thank You

Who is online

Users browsing this forum: Baidu [Spider] and 53 guests