Community discussions

MikroTik App
 
bcmdevtl
just joined
Topic Author
Posts: 14
Joined: Sat Mar 27, 2021 2:40 am

Remote RADIUS server - auto authenticate ether2

Fri May 07, 2021 1:10 pm

We have a RADIUS server placed on shore, while the MT RB951 is placed onboard a moving vehicle, the internet connection is provided over a satellite connection.
Our customers can create their own users on the server via a self-service portal, and we have the RADIUS setting on the MT pointing to the shore server, today the customers can login via the hotspot directly or they can set up a their WAN port to auto-authenticate with PPPoE.

The customers want to avoid the additional cost of their own router and is asking if we can not set the username/password for authentication directly on our MT, so they can connect their computer/phones directly to our router (i.e. ether2) without the need to type in their user/name password or use an external device. We do need the authentication to take place as they will be deied any service if they've not paid their bill or the subscription has expired. Anybody know if this is possible? If so, any clues on how to achieve? :)
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: Remote RADIUS server - auto authenticate ether2

Fri May 07, 2021 1:38 pm

It depends a bit on the AAA-product used, but in general you could quite easily make a policy to "ACCEPT" if the NAS-Port is "ether2" (or anything else)
Yesterday we've configure similar thing but then on Cisco ISE + Cisco SDN-fabric for put indeed certain ports automagically in a guest whatever MAC or user-is presented.
 
bcmdevtl
just joined
Topic Author
Posts: 14
Joined: Sat Mar 27, 2021 2:40 am

Re: Remote RADIUS server - auto authenticate ether2

Wed Jul 28, 2021 4:56 am

Thanks for the reply. On our AAA server we can only set username and a password combination. It seems like my problem is that the router is unable to direct the request to the server. When connecting with a PC/router to my site router it works fine and we get redirected to the login page or if the PPPoE is set.

WORKING
1. Connecting directly on the site router with PC in DHCP mode get redirected to our captive portal login page
2. Connecting a router to port 2 or 3 on the site router accepts and connects the PPPoE credentials

NOT WORKING
3. Configuring a pppoe-client on the site router itself does not work. It does not seem to be directed to the radius server at all.
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: Remote RADIUS server - auto authenticate ether2

Wed Jul 28, 2021 2:53 pm

A pppoe-client interface does not interact with RADIUS directly, it will supply the configured username and password to whatever PPPoE server it is connecting to. What the PPPoE server does with these credentials is purely down to the server.

Who is online

Users browsing this forum: No registered users and 45 guests