Community discussions

 
jjones
just joined
Topic Author
Posts: 18
Joined: Wed Mar 06, 2013 11:42 pm

Problems with mikrotik pppoe/freeradius/sql authentication

Thu Oct 16, 2014 10:55 pm

Greetings all! I'm trying to setup new authentication for end users on our wisp using mikrotiks. Following various walkthroughs I have the mpls/vpls network setup in my lab. Currently I am just masquerading the final route out but eventually the pppoe users will receive routable public ip addresses after authenticating. In the lab I am able to setup pppoe-server on the head mikrotik and have an end client connect over the tunnel and authenticate to get out on multiple profiles. My problem is when I try to get the mikrotik to use AAA to talk to the freeradius server that I have setup on ubuntu 14.04 using mysql. I have verified the freeradius server works using radtest, And i see the mikrotik connect, but the radius server never gives back an accept-accept packet. I'll paste in the responses I get from mysql -X if that helps and cut down versions of mysql configs. I'm going to stuff as much info into this as possible so sorry for the long post.
i'm sure its probably a simple issue but my inexperience with mikrotik is preventing me from seeing it.
Any help would be appreciated! thanks.

mpls/vpls reference: http://mum.mikrotik.com/presentations/US13/kirnak.pdf
severel radius/sql/ppoe walkthroughs here is one of them: http://wiki.mikrotik.com/wiki/RouterOs_ ... ngUp_Mysql

mysql-X response when i try to connect through the mikrotik *local authentication works, and radcheck works on the radius server*
Waking up in 4.8 seconds.
rad_recv: Accounting-Request packet from host 10.2.0.2 port 37228, id=23, length=188
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Port = 15728676
        NAS-Port-Type = Ethernet
        User-Name = "test2"
        Calling-Station-Id = "EC:F4:BB:12:08:8C"
        Called-Station-Id = "PPP1"
        NAS-Port-Id = "r1tor6"
        Acct-Session-Id = "81700024"
        Framed-IP-Address = 0.0.0.0
        Acct-Authentic = RADIUS
        Event-Timestamp = "Oct 16 2014 12:26:31 CDT"
        Acct-Session-Time = 1
        Acct-Input-Octets = 0
        Acct-Input-Gigawords = 0
        Acct-Input-Packets = 0
        Acct-Output-Octets = 0
        Acct-Output-Gigawords = 0
        Acct-Output-Packets = 0
        Acct-Status-Type = Stop
        Acct-Terminate-Cause = NAS-Request
        NAS-Identifier = "MikroTik"
        Acct-Delay-Time = 0
        NAS-IP-Address = 10.2.0.2
# Executing section preacct from file /etc/freeradius/sites-enabled/default
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 15728676,Client-IP-Address = 10.2.0.2,NAS-IP-Address = 10.2.0.2,Acct-Session-Id = "81700024",User-Name = "test2"'
[acct_unique] Acct-Unique-Session-ID = "8b8c659fdd61bf28".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "test2", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[files] returns noop
# Executing section accounting from file /etc/freeradius/sites-enabled/default
+- entering group accounting {...}
[detail]        expand: %{Packet-Src-IP-Address} -> 10.2.0.2
[detail]        expand: /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /var/log/freeradius/radacct/10.2.0.2/detail-20141016
[detail] /var/log/freeradius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /var/log/freeradius/radacct/10.2.0.2/detail-20141016
[detail]        expand: %t -> Thu Oct 16 12:26:35 2014
++[detail] returns ok
++[unix] returns ok
[radutmp]       expand: /var/log/freeradius/radutmp -> /var/log/freeradius/radutmp
[radutmp]       expand: %{User-Name} -> test2
++[radutmp] returns ok
[sql]   expand: %{User-Name} -> test2
[sql] sql_set_user escaped user --> 'test2'
[sql]   expand: %{Acct-Input-Gigawords} -> 0
[sql]   expand: %{Acct-Input-Octets} -> 0
[sql]   expand: %{Acct-Output-Gigawords} -> 0
[sql]   expand: %{Acct-Output-Octets} -> 0
[sql]   expand: %{Acct-Delay-Time} -> 0
[sql]   expand:            UPDATE radacct SET              acctstoptime       = '%S',              acctsessiontime    = '%{Acct-Session-Time}',              acctinputoctets    = '%{%{Acct-Input-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Input-Octets}:-0}',              acctoutputoctets   = '%{%{Acct-Output-Gigawords}:-0}' << 32 |                                   '%{%{Acct-Output-Octets}:-0}',              acctterminatecause = '%{Acct-Terminate-Cause}',              acctstopdelay      = '%{%{Acct-Delay-Time}:-0}',              connectinfo_stop   = '%{Connect-Info}'           WHERE acctsessionid   = '%{Acct-Session-Id}'           AND username          = '%{SQL-User-Name}'           AND nasipaddress      = '%{NAS-IP-Address}' ->            UPDATE radacct SET              acctstoptime       = '2014-10-16 12:26:35',              acctsessiontime    = '1',              acctinputoctets    = '0' << 32 |                                   '0',              acctoutputoctets   = '0' << 32 |      
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql (sql): Released sql socket id: 4
++[sql] returns ok
++[exec] returns noop
[attr_filter.accounting_response]       expand: %{User-Name} -> test2
attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 23 to 10.2.0.2 port 37228
Finished request 22.
Cleaning up request 22 ID 23 with timestamp +577
Going to the next request
Waking up in 4.8 seconds.
Cleaning up request 20 ID 21 with timestamp +577
Ready to process requests.

configs:

radiusd:
prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log/freeradius
raddbdir = /etc/freeradius
radacctdir = ${logdir}/radacct
name = freeradius
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/${name}
log_file = ${logdir}/radius.log
db_dir = ${raddbdir}
libdir = /usr/lib/freeradius
pidfile = ${run_dir}/${name}.pid
user = freerad
group = freerad
max_request_time = 30
delete_blocked_content = no
cleanup_delay = 5
max_requests = 1024
listen {
	type = auth
	ipaddr = *
	port = 0
}
listen {
	ipaddr = *
	port = 0
	type = acct
}
hostname_lookups = no
allow_core_dumps = no
regular_expressions	= yes
extended_expressions	= yes
usercollide = no
log {
	destination = files
	file = ${logdir}/radius.log
	syslog_facility = daemon
	stripped_names = no
	auth = no
	auth_badpass = no
	auth_goodpass = no
}
checkrad = ${sbindir}/checkrad
security {
	max_attributes = 200
	reject_delay = 1
	status_server = no
}
proxy_requests  = no
$INCLUDE proxy.conf
$INCLUDE clients.conf
thread pool {
	start_servers = 5
	max_servers = 32
	min_spare_servers = 3
	max_spare_servers = 10
	max_requests_per_server = 0
}
modules {
	acct_unique {
		key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
	}
	$INCLUDE ${confdir}/modules/
	$INCLUDE eap.conf
	$INCLUDE sql.conf
}
instantiate {
	exec
	expr
	expiration
	logintime
}
$INCLUDE policy.conf
$INCLUDE sites-enabled/
Sql conf
sql {
	database = "mysql"
	driver = "rlm_sql_${database}"
	server = "localhost"
	login = "root"
	password = "thisisacoolpasswordlength"
	radius_db = "radius"
	acct_table1 = "radacct"
	acct_table2 = "radacct"
	postauth_table = "radpostauth"
	authcheck_table = "radcheck"
	authreply_table = "radreply"
	groupcheck_table = "radgroupcheck"
	groupreply_table = "radgroupreply"
	usergroup_table = "radusergroup"
	deletestalesessions = yes
	sqltrace = no
	sqltracefile = ${logdir}/sqltrace.sql
	num_sql_socks = 5
	connect_failure_retry_delay = 60
	lifetime = 0
	max_queries = 0
	readclients = yes
	nas_table = "nas"
	$INCLUDE sql/${database}/dialup.conf
}
Clients conf file
client localhost {
	ipaddr = 127.0.0.1
	secret		= heymanigottapassword4u
	require_message_authenticator = no
}
client 10.0.0.1 {
	secret		=thisisalongpassword4areason
	shortname	=mikrotik
}
client 192.168.1.25 {
	secret		= ntradping
	shortname	= ntradtestingthing
}
database with test entries:
mysql> select * from radacct; select * from radcheck; select * from radgroupcheck; select * from radgroupreply; select * from radpostauth; select * from radreply; select * from radusergroup; select * from nas;
+-----------+---------------+------------------+----------+-----------+-------+--------------+-----------+-------------+---------------------+---------------------+-----------------+---------------+-------------------+------------------+-----------------+------------------+-----------------+-------------------+--------------------+-------------+----------------+-----------------+----------------+---------------+----------------------+
| radacctid | acctsessionid | acctuniqueid     | username | groupname | realm | nasipaddress | nasportid | nasporttype | acctstarttime       | acctstoptime        | acctsessiontime | acctauthentic | connectinfo_start | connectinfo_stop | acctinputoctets | acctoutputoctets | calledstationid | callingstationid  | acctterminatecause | servicetype | framedprotocol | framedipaddress | acctstartdelay | acctstopdelay | xascendsessionsvrkey |
+-----------+---------------+------------------+----------+-----------+-------+--------------+-----------+-------------+---------------------+---------------------+-----------------+---------------+-------------------+------------------+-----------------+------------------+-----------------+-------------------+--------------------+-------------+----------------+-----------------+----------------+---------------+----------------------+
|         1 | 81700021      | cb6c3afe13cac298 | test2    |           |       | 10.2.0.2     | 15728673  | Ethernet    | 2014-10-16 12:22:15 | 2014-10-16 12:22:15 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         2 | 81700022      | cd05bf01a45f3dfb | test2    |           |       | 10.2.0.2     | 15728674  | Ethernet    | 2014-10-16 12:22:23 | 2014-10-16 12:22:23 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         3 | 81700023      | df93b995e6fe57c8 | test2    |           |       | 10.2.0.2     | 15728675  | Ethernet    | 2014-10-16 12:25:34 | 2014-10-16 12:25:34 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         4 | 81700024      | 8b8c659fdd61bf28 | test2    |           |       | 10.2.0.2     | 15728676  | Ethernet    | 2014-10-16 12:26:35 | 2014-10-16 12:26:35 |               1 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         5 | 81700025      | b73a9ab1a25512a6 | test2    |           |       | 10.2.0.2     | 15728677  | Ethernet    | 2014-10-16 12:27:36 | 2014-10-16 12:27:36 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         6 | 8170002a      | fb5db15782f99d61 | test2    |           |       | 10.0.0.1     | 15728682  | Ethernet    | 2014-10-16 12:29:30 | 2014-10-16 12:29:30 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         7 | 8170002b      | cb067dc167ebeca1 | test2    |           |       | 10.0.0.1     | 15728683  | Ethernet    | 2014-10-16 12:30:31 | 2014-10-16 12:30:31 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         8 | 8170002c      | 9de6470a6d49fc53 | test2    |           |       | 10.0.0.1     | 15728684  | Ethernet    | 2014-10-16 12:31:32 | 2014-10-16 12:31:32 |               0 | RADIUS        |                   |                  |               0 |                0 | PPP1            | EC:F4:BB:12:08:8C | NAS-Request        | Framed-User | PPP            | 0.0.0.0         |              0 |             0 |                      |
|         9 | 8170002d      | 6cb3cdc04db3f7e9 | test2    |           |       | 10.0.0.1     | 15728685  | Ethernet    | 2014-10-16 13:18:26 | 2014-10-16 13:18:27 |               0 | RADIUS        |                   |                  |            1363 |              121 | PPP1            | EC:F4:BB:12:08:8C | NAS-Error          | Framed-User | PPP            | 10.3.0.3        |              0 |             0 |                      |
|        10 | 8170002e      | 199ca9eec9376a74 | test2    |           |       | 10.0.0.1     | 15728686  | Ethernet    | 2014-10-16 13:19:18 | 2014-10-16 13:19:18 |               0 | RADIUS        |                   |                  |            1461 |              121 | PPP1            | EC:F4:BB:12:08:8C | NAS-Error          | Framed-User | PPP            | 10.3.0.3        |              0 |             0 |                      |
+-----------+---------------+------------------+----------+-----------+-------+--------------+-----------+-------------+---------------------+---------------------+-----------------+---------------+-------------------+------------------+-----------------+------------------+-----------------+-------------------+--------------------+-------------+----------------+-----------------+----------------+---------------+----------------------+
10 rows in set (0.01 sec)

+----+----------+--------------------+----+-----------+
| id | username | attribute          | op | value     |
+----+----------+--------------------+----+-----------+
|  4 | test1    | Cleartext-Password | := | custpassw |
|  5 | test2    | Cleartext-Password | := | custpassw |
|  6 | test3    | Crypt-Password     | := | custpassw |
+----+----------+--------------------+----+-----------+
3 rows in set (0.00 sec)

Empty set (0.00 sec)

+----+-----------+--------------------+----+---------------------+
| id | groupname | attribute          | op | value               |
+----+-----------+--------------------+----+---------------------+
|  1 | static256 | Framed-Protocol    | := | PPP                 |
|  2 | static256 | Service-Type       | := | Framed-User         |
|  3 | static256 | Framed-Compression | := | Van-Jacobsen-TCP-IP |
+----+-----------+--------------------+----+---------------------+
3 rows in set (0.00 sec)

+----+----------+------+---------------+---------------------+
| id | username | pass | reply         | authdate            |
+----+----------+------+---------------+---------------------+
|  1 | abc      | 123  | Access-Accept | 2014-10-15 16:38:52 |
+----+----------+------+---------------+---------------------+
1 row in set (0.00 sec)

+----+----------+-------------------+----+---------------+
| id | username | attribute         | op | value         |
+----+----------+-------------------+----+---------------+
|  1 | test1    | Framed-IP-Address | := | 192.168.1.102 |
|  2 | test2    | Framed-IP-Address | := | 10.3.0.3      |
+----+----------+-------------------+----+---------------+
2 rows in set (0.00 sec)

+----------+-----------+----------+
| username | groupname | priority |
+----------+-----------+----------+
| user2    | static256 |        1 |
+----------+-----------+----------+
1 row in set (0.00 sec)

Empty set (0.00 sec)
Mikrotik PPPOE config
# oct/16/2014 14:50:06 by RouterOS 6.20
# software id = FSQH-A2P6
#
/interface bridge
add mtu=1500 name=loopback protocol-mode=none
/interface wireless
set [ find default-name=wlan1 ] ht-rxchains=0 ht-txchains=0 l2mtu=2290 \
    wireless-protocol=unspecified
/interface ethernet
set [ find default-name=ether1 ] l2mtu=4074 mtu=1600
set [ find default-name=ether2 ] l2mtu=4074 mtu=1600
set [ find default-name=ether3 ] l2mtu=4074 mtu=1600
set [ find default-name=ether4 ] l2mtu=4074 mtu=1600
set [ find default-name=ether5 ] l2mtu=4074 mtu=1600
/interface vpls
add advertised-l2mtu=1548 disabled=no l2mtu=1548 mac-address=\
    02:08:3D:99:64:19 name=r1tor6 remote-peer=10.0.0.6 vpls-id=1:0a
/ip neighbor discovery
set wlan1 discover=no
set r1tor6 discover=no
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
    dynamic-keys wpa-pre-shared-key=469A02BF9A35 wpa2-pre-shared-key=\
    469A02BF9A35
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=pppoe-1 ranges=10.3.0.2-10.3.15.254
/ppp profile
add dns-server=67.66.97.5,204.251.219.1 local-address=10.3.0.1 name=Basic-RES \
    rate-limit=512k/1536k remote-address=pppoe-1 use-encryption=yes
add dns-server=67.66.97.5,204.251.219.1 name=Preferred-RES rate-limit=1m/3m \
    use-encryption=yes
add name=Premium-RES rate-limit=1m/4m use-encryption=yes
add dns-server=67.66.97.5,204.251.219.1 name=Basic-CORP rate-limit=512k/2048k \
    use-encryption=yes
add dns-server=67.66.97.5,204.251.219.1 name=Preferred-CORP rate-limit=\
    1024k/3584k use-encryption=yes
add dns-server=67.66.97.5,204.251.219.1 name=Premium-CORP rate-limit=1m/5m \
    use-encryption=yes
/routing ospf instance
set [ find default=yes ] distribute-default=if-installed-as-type-1 \
    mpls-te-area=backbone mpls-te-router-id=loopback redistribute-connected=\
    as-type-1 redistribute-other-ospf=as-type-1 router-id=10.0.0.1
/system logging action
set 0 memory-lines=100
set 1 disk-file-name=log disk-lines-per-file=100
set 2 remember=yes
set 3 src-address=0.0.0.0
/interface pppoe-server server
add authentication=chap,mschap1,mschap2 disabled=no interface=r1tor6 max-mru=\
    1500 max-mtu=1500 mrru=1600 service-name=PPP1
add authentication=chap,mschap1,mschap2 disabled=no interface=ether2 max-mru=\
    1500 max-mtu=1500 mrru=1600 service-name=PPP2
/ip address
add address=10.0.0.1/32 interface=loopback network=10.0.0.1
add address=10.0.1.1/32 interface=ether1 network=10.0.1.2
add address=10.0.1.1/32 interface=ether2 network=10.0.1.3
add address=10.0.1.1/32 interface=ether5 network=10.0.1.10
add address=10.2.0.2/30 interface=ether3 network=10.2.0.0
/ip dhcp-client
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no \
    interface=ether4
/ip dns
set allow-remote-requests=yes
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether4
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
/ip upnp
set allow-disable-external-interface=no
/mpls interface
set [ find default=yes ] mpls-mtu=1550
/mpls ldp
set enabled=yes lsr-id=10.0.0.1 transport-address=10.0.0.1
/mpls ldp interface
add interface=ether1
add interface=ether2
add interface=ether5
/ppp aaa
set interim-update=5m use-radius=yes
/ppp secret
add disabled=yes local-address=10.254.0.1 name=preferredres password=password \
    profile=Preferred-RES remote-address=10.254.0.2 service=pppoe
add disabled=yes local-address=10.254.0.1 name=basiccorp password=password \
    profile=Basic-CORP remote-address=10.254.0.3 service=pppoe
add disabled=yes local-address=10.254.0.1 name=premiumres password=password \
    profile=Premium-RES remote-address=10.254.0.4 service=pppoe
add disabled=yes local-address=10.254.0.1 name=basicres password=password \
    profile=Basic-RES remote-address=10.254.0.5 service=pppoe
add disabled=yes local-address=10.254.0.1 name=preferredcorp password=\
    password profile=Preferred-CORP remote-address=10.254.0.6 service=pppoe
add disabled=yes local-address=10.254.0.1 name=premiumcorp password=password \
    profile=Premium-CORP remote-address=10.254.0.7 service=pppoe
/radius
add address=10.2.0.1 secret=thisisalongpassword4areason service=ppp \
    src-address=10.0.0.1
/routing ospf interface
add authentication=simple authentication-key=dsvj46a3 interface=ether1 \
    network-type=ptmp
add authentication=simple authentication-key=dsvj46a3 interface=ether2 \
    network-type=ptmp
add authentication=simple authentication-key=dsvj46a3 interface=ether5 \
    network-type=point-to-point
/routing ospf network
add area=backbone network=10.0.0.1/32
add area=backbone network=10.1.0.0/30
add area=backbone network=10.0.1.0/24
/snmp
set trap-community=public
/system clock
set time-zone-name=America/Chicago
/system leds
set 0 interface=wlan1
/system logging
add action=echo topics=ospf,ldp
/system ntp client
set enabled=yes primary-ntp=129.250.35.250 secondary-ntp=208.53.158.34
/system ntp server
set enabled=yes
/tool traffic-generator packet-template
add header-stack=ip interface=loopback name=packet-template1
 
jjones
just joined
Topic Author
Posts: 18
Joined: Wed Mar 06, 2013 11:42 pm

Re: Problems with mikrotik pppoe/freeradius/sql authenticati

Mon Oct 20, 2014 7:44 am

anyone?
 
jjones
just joined
Topic Author
Posts: 18
Joined: Wed Mar 06, 2013 11:42 pm

Re: Problems with mikrotik pppoe/freeradius/sql authenticati

Mon Oct 27, 2014 8:57 pm

i was hoping this would be a more common setup, using mikrotik with a freeradius/sql backend doesnt seem that odd. Anyone ever get this setup to work?
 
jjones
just joined
Topic Author
Posts: 18
Joined: Wed Mar 06, 2013 11:42 pm

Re: Problems with mikrotik pppoe/freeradius/sql authenticati

Tue Nov 04, 2014 6:57 pm

did i ask the question wrong? or is this in the wrong spot.
 
lambert
Long time Member
Long time Member
Posts: 533
Joined: Fri Jul 23, 2010 1:09 am

Re: Problems with mikrotik pppoe/freeradius/sql authenticati

Wed Nov 05, 2014 9:03 am

You are doing things which are more complicated than most forum members get into. The forum members who know what you are doing tend to be busy doing these things and don't always have time to help out.

The radiusd -X snippet you posted shows FreeRADIUS handling an accounting packet received from 10.2.0.2. That does not help us to see what is wrong with your auth request handling. 10.2.0.2 is not in your clients.conf file. So, why/how did RADIUS accept the accounting packet?

Your test MikroTik should be sending its RADIUS packets from the source IP of 10.0.0.1. You have that client configured. The secrets match in what you posted. I hope you search and replaced the real secret. If you manually replaced them, double-check that the originals are spelled exactly the same. It should work if there are not network issues between the MikroTik and FreeRADIUS.

However 10.2.0.2 is an IP on this MikroTik. Did you add the src-address config item to the radius client config on the MikroTik after you took the debug output? 10.2.0.2 is not in your posted clients.conf file. Maybe it's in your nas table?

Enable RADIUS debug logging on the MikroTik.

You need to compare RADIUS debug packet logging from the MikroTik with the auth packet logging from radiusd -X.
 
jjones
just joined
Topic Author
Posts: 18
Joined: Wed Mar 06, 2013 11:42 pm

Re: Problems with mikrotik pppoe/freeradius/sql authenticati

Wed Nov 05, 2014 8:36 pm

thanks for the reply. i have the pppoe connection connecting fine now. Turns out i had an operator wrong on one of my configurations. It was defaulting to the wrong authentication mode i believe. Working now. All i need to do is find an easy way to turn off users in the database.

Who is online

Users browsing this forum: No registered users and 30 guests