Community discussions

MikroTik App
 
nevolex
Member Candidate
Member Candidate
Topic Author
Posts: 167
Joined: Mon Apr 20, 2020 1:09 pm

radius server and AP with Dot1x authentication

Sun Jan 22, 2023 9:31 pm

hi everyone

can somebody please assist, I have a main router with 1 subnet (not mikrotik and does not have radius server built in), it's connected to Wireless access point that I would like to use dot1x for authentications (wpa2 enterprise)

I have a proxmox (hypervisor) connected to the router with a Mikrotik VM 7.7, in Mikrotik I have setup user manager and radius, I can authenticate to mikrotik via aaa (using it's own radius server)

however I cannot use Mikrotik's radius for Wireless access point (with wpa2 enterprise)- get an error "cannot connect" from the clients

can you please advise what else needs to be setup?

do I need to configure Dot1X section on the mikrotik as well?

thank you
You do not have the required permissions to view the files attached to this post.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2983
Joined: Mon Apr 08, 2019 1:16 am

Re: radius server and AP with Dot1x authentication  [SOLVED]

Sun Jan 22, 2023 11:06 pm

The AP IP should be in the clients list (Routers) of the Radius Server (User Manager)
RADIUS (client) setup should be defined/configured in the AP, and point to the User Manager IP.

Radius client/server can be tested with : viewtopic.php?t=185562&hilit=radius+test#p766812 . Radius needs some ports to be open. (I don't know what "proxmox" is filtering)
You might be interested in the certificate limitations and old WIN10 problems in the whole post. viewtopic.php?t=185562&p766812
 
nevolex
Member Candidate
Member Candidate
Topic Author
Posts: 167
Joined: Mon Apr 20, 2020 1:09 pm

Re: radius server and AP with Dot1x authentication

Mon Jan 23, 2023 12:40 am

The AP IP should be in the clients list (Routers) of the Radius Server (User Manager)
RADIUS (client) setup should be defined/configured in the AP, and point to the User Manager IP.

Radius client/server can be tested with : viewtopic.php?t=185562&hilit=radius+test#p766812 . Radius needs some ports to be open. (I don't know what "proxmox" is filtering)
You might be interested in the certificate limitations and old WIN10 problems in the whole post. viewtopic.php?t=185562&p766812

Thank you bpwl,

yes I can test fine with NTRadPing, also I do see when I try to connect to wireless network from my phone that the router in user manager (ip of access point) has access request counts but the radius itself shows not bits, it only shows bits when I login to mikrotik using login function of the radius

also proxmox has no firewall enabled / mikoritk vm does not have any firewall rules




ps:

issue has been resolved I had t generate the certificate for UserManager

https://help.mikrotik.com/docs/display/ ... Manager+v5
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: anav, Bing [Bot], hribowwwc, Nospam, syslog and 103 guests