If I understood you correctly, in second router under radius tab I should put 192.168.88.1? And in User-manager in main router, under section Routers I should add ip 192.168.88.2(the second router)?
Perfectly Correct : two entries for the 2 routers with RADIUS authenticated services, one each
For the first router : - in first router under RADIUS tab put 127.0.0.1 for the services you want to be RADIUS authenticated, e.g. Hotspot
- and in User-manager in that first router, under section Routers add 127.0.0.1
For the second router: - in second router under RADIUS tab put 192.168.88.1 for the services you want to be RADIUS authenticated
- and in User-manager in main router, under section Routers add ip 192.168.88.2 (the second router) defining a second RADIUS client
If the Hotspot is only on the first router, I see no need for a RADIUS record on the second router for a hotspot service that is not there.
I assume that then the Hotspot service on the main router is also defined for ether1. ( the router interconnect)
You could also use 192.168.88.1 instead of 127.0.0.1 in your setup, if ether1 is member of the LAN interface list. (see Firewall rules)
E.G. my setup for wifi WPA2/enterprise (EAP) authentication
Klembord-2.jpg
You do not have the required permissions to view the files attached to this post.