Community discussions

MikroTik App
 
hamed5034
newbie
Topic Author
Posts: 30
Joined: Mon Jul 18, 2016 5:13 pm

RADIUS server is not responding

Sat Oct 23, 2021 6:51 pm

Hello,

I have a RB951Ui-2HnD, and Hostspot & user-manager is configured on it.
When I am trying to connect to Router with IP address, I cannot login by user manager users (I see "RADIUS server is not responding." message), But local users of Hotspot works.

Please help me.

Regards
Hamed
 
hamed5034
newbie
Topic Author
Posts: 30
Joined: Mon Jul 18, 2016 5:13 pm

Re: RADIUS server is not responding

Sat Oct 23, 2021 8:34 pm

Image
Please see the picture. Each time I am trying to connect, I see the message "RADIUS server is not responding." and a number is added to the timeout field.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: RADIUS server is not responding

Sun Oct 24, 2021 12:33 am

Did you define 127.0.0.1 as "router" in User Manager ?
 
hamed5034
newbie
Topic Author
Posts: 30
Joined: Mon Jul 18, 2016 5:13 pm

Re: RADIUS server is not responding

Sun Oct 24, 2021 7:58 am

Did you define 127.0.0.1 as "router" in User Manager ?
Hi, Please see the pics:

Image

Image
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: RADIUS server is not responding

Sun Oct 24, 2021 1:11 pm

Looks OK.
Router cannot talk to itself ? (try tools Ping, Telnet, SSH, ....)

I would just try replacing 127.0.0.1 with 192.168.88.1, and also check firewall rules.
Other way to debug is add Radius and Manager to the system -> logging.
 
hamed5034
newbie
Topic Author
Posts: 30
Joined: Mon Jul 18, 2016 5:13 pm

Re: RADIUS server is not responding

Sun Oct 24, 2021 1:36 pm

Looks OK.
Router cannot talk to itself ? (try tools Ping, Telnet, SSH, ....)

I would just try replacing 127.0.0.1 with 192.168.88.1, and also check firewall rules.
Other way to debug is add Radius and Manager to the system -> logging.
replacing 127.0.0.1 with 192.168.88.1 did not work.
I have shared a log with you, please check.

Image
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: RADIUS server is not responding

Sun Oct 24, 2021 2:08 pm

Test your User manager RADIUS server

viewtopic.php?t=185562&hilit=ntradping#p766812

viewtopic.php?t=185562&hilit=ntradping#p788452

Don't forget to add the test PC to the "Routers" table.
 
hamed5034
newbie
Topic Author
Posts: 30
Joined: Mon Jul 18, 2016 5:13 pm

Re: RADIUS server is not responding

Sun Oct 24, 2021 7:16 pm

Test your User manager RADIUS server

viewtopic.php?t=185562&hilit=ntradping#p766812

viewtopic.php?t=185562&hilit=ntradping#p788452

Don't forget to add the test PC to the "Routers" table.
Unfortunately test result is:
Status: Timeout
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: RADIUS server is not responding  [SOLVED]

Sun Oct 24, 2021 8:12 pm

OK. Problem area halved. It's User Manager, or it is the firewall not allowing "input" access to UDP port 1812.
 
hamed5034
newbie
Topic Author
Posts: 30
Joined: Mon Jul 18, 2016 5:13 pm

Re: RADIUS server is not responding

Sun Oct 24, 2021 11:23 pm

OK. Problem area halved. It's User Manager, or it is the firewall not allowing "input" access to UDP port 1812.
YES!
I added a line in the firewall about adding port 1812, and the problem was solved.

Thanks a lot.
 
kayomboemmanuel
just joined
Posts: 1
Joined: Tue May 24, 2022 10:31 am

Re: RADIUS server is not responding

Tue May 24, 2022 10:34 am

Hello @Hamed5034. i am receiving Similar Issue. kindly share how to add port 1812 on the Firewall
 
EmadBeh
just joined
Posts: 2
Joined: Sat Jun 18, 2022 2:17 pm

Re: RADIUS server is not responding

Sat Jun 18, 2022 4:54 pm

I have same problem.
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: RADIUS server is not responding

Sun Jun 19, 2022 2:52 pm

Hello @Hamed5034. i am receiving Similar Issue. kindly share how to add port 1812 on the Firewall
Just check your firewall for the rule that is blocking (drop) in the input chain.
For the default config it probably is the rule to drop input from every interface (or bridge) that is not in the LAN interface list.
Klembord-2.jpg
So possibilities are
-) add explicit rule for UDP port 1812 that accepts input, and comes before that drop rule in the firewall
-) add interface or the bridge the interface is port of, to the "LAN" interface list

FW rules for input are limited by SRC IP address(-range), interface, interface list, UDP/TCP protocol, port number , or to any other filter you place in the rule.
The first rule that matches the filter is used.
You do not have the required permissions to view the files attached to this post.
 
yekhaung
just joined
Posts: 4
Joined: Mon Jul 06, 2015 5:46 am

Re: RADIUS server is not responding

Wed Jul 13, 2022 1:10 pm

In my case, at first i added LAN interface masquerade in Firewall/NAT without source network. For hotspot network , source network is add in NAT. Result is "Radius server is not responding.
I tried to add port 1812 in firewall but still not responding.
After adding source address in masquerade of LAN interface, radius server is working perfectly.
Hello @Hamed5034. i am receiving Similar Issue. kindly share how to add port 1812 on the Firewall
 
morhne
just joined
Posts: 9
Joined: Sat Aug 01, 2020 10:23 pm

Re: RADIUS server is not responding

Sat Mar 25, 2023 5:33 am

OK. Problem area halved. It's User Manager, or it is the firewall not allowing "input" access to UDP port 1812.
Radius Server is not responding for hospot configuration.
Please @bpwl How to sort out this issue definitly in routerOS 7 ?

Please help! Thanks. (WhatsApp : +226 05 28 42 65)
 
User avatar
risi
just joined
Posts: 4
Joined: Thu Mar 30, 2023 10:32 am
Location: Eilat Israel
Contact:

Re: RADIUS server is not responding

Sat May 20, 2023 8:57 pm

Hi All,

same problem... Radius Server not responding and I have a very simple config, RoS7.9, below my configuration, nothing to do for fix the issue.

Can anyone help ? Please MikroTik can you fix this issue ?


/interface bridge
add name="CAPTIVE PORTAL BRIDGE"
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether2 ] comment="CAPTOVE PORTAL BRIDGE"
set [ find default-name=ether3 ] comment="CAPTOVE PORTAL BRIDGE"
set [ find default-name=ether4 ] comment="CAPTOVE PORTAL BRIDGE"
set [ find default-name=ether5 ] comment=MANAGEMENT
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
comment="CAPTOVE PORTAL BRIDGE" country=no_country_set disabled=no \
frequency-mode=manual-txpower mode=ap-bridge ssid="Free WiFi Here !"
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40mhz-Ce \
comment="CAPTOVE PORTAL BRIDGE" country=no_country_set disabled=no \
frequency-mode=manual-txpower mode=ap-bridge ssid="Free WiFi Here !"
/interface wireless nstreme
set wlan1 comment="CAPTOVE PORTAL BRIDGE"
set wlan2 comment="CAPTOVE PORTAL BRIDGE"
/interface wireless manual-tx-power-table
set wlan1 comment="CAPTOVE PORTAL BRIDGE"
set wlan2 comment="CAPTOVE PORTAL BRIDGE"
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
add dns-name=hotspot.daviderisi.com hotspot-address=10.0.0.1 html-directory=\
flash/hotspot login-by=http-chap,https,mac-cookie name=hsprof1 \
ssl-certificate=certificate.crt_0 use-radius=yes
/ip pool
add name=hs-pool-8 ranges=10.0.0.20-10.0.0.200
/ip dhcp-server
add address-pool=hs-pool-8 interface="CAPTIVE PORTAL BRIDGE" lease-time=1h \
name=dhcp1
/ip hotspot
add address-pool=hs-pool-8 addresses-per-mac=1 disabled=no interface=\
"CAPTIVE PORTAL BRIDGE" keepalive-timeout=6h login-timeout=1d name=\
hotspot1 profile=hsprof1
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/user-manager user
add name=a
/interface bridge port
add bridge="CAPTIVE PORTAL BRIDGE" ingress-filtering=no interface=ether2
add bridge="CAPTIVE PORTAL BRIDGE" ingress-filtering=no interface=ether3
add bridge="CAPTIVE PORTAL BRIDGE" ingress-filtering=no interface=ether4
add bridge="CAPTIVE PORTAL BRIDGE" ingress-filtering=no interface=wlan1
add bridge="CAPTIVE PORTAL BRIDGE" ingress-filtering=no interface=wlan2
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface ovpn-server server
set auth=sha1,md5
/ip address
add address=10.0.0.1/24 interface="CAPTIVE PORTAL BRIDGE" network=10.0.0.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=10.0.0.0/24 comment="hotspot network" gateway=10.0.0.1
/ip dns
set allow-remote-requests=yes servers=10.0.0.1
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=10.0.0.0/24
/ip hotspot service-port
set ftp disabled=yes
/ip hotspot user
add name=admin
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set www-ssl certificate=certificate.crt_0 disabled=no
set api disabled=yes
set api-ssl disabled=yes
/radius
add address=127.0.0.1 service=ppp,login,hotspot
/radius incoming
set accept=yes
/system clock
set time-zone-name=Asia/Jerusalem
/system identity
set name="CAPTIVE PORTAL SERVER"
/system note
set show-at-login=no
/user-manager router
add address=127.0.0.1 name=router1
 
User avatar
bpwl
Forum Guru
Forum Guru
Posts: 2978
Joined: Mon Apr 08, 2019 1:16 am

Re: RADIUS server is not responding

Sat May 20, 2023 10:27 pm

I expected a common secret string defined for
/radius
add address=127.0.0.1 service=ppp,login,hotspot
and for
/user-manager router
add address=127.0.0.1 name=router1
Not specifying this "secret" may give it some common value, I don't know if it does, and what this value would be.
The RADIUS server/client connection and authorisation doesn't care if this is on the same ROS device or not.

Don't forget to check firewall filter, if following is needed.
add action=accept chain=input comment="defconf: accept to local loopback (for RADIUS)" dst-address=127.0.0.1
.
Enable system logging topics "radius,packet,debug" and "manager", to see what happens.
 
User avatar
kvee
newbie
Posts: 38
Joined: Mon Feb 13, 2023 7:59 pm

Re: RADIUS server is not responding

Mon Aug 28, 2023 2:05 pm

I had this problem before. Beside bpwl's answer that added the rules to firewall, I was added NAT masquerade to log the traffic but did not specify `out-interface`. After I set it then it is working fine.
/ip firewall nat
add action=masquerade chain=srcnat comment="masquerade NAT" log=yes out-interface=ether1-gateway
Change `ether1-gateway` to your port name that going out to the internet.
 
davoxardo
just joined
Posts: 1
Joined: Thu Nov 23, 2023 12:49 am

Re: RADIUS server is not responding

Thu Nov 23, 2023 12:54 am

In my case, at first i added LAN interface masquerade in Firewall/NAT without source network. For hotspot network , source network is add in NAT. Result is "Radius server is not responding.
I tried to add port 1812 in firewall but still not responding.
After adding source address in masquerade of LAN interface, radius server is working perfectly.
Hello @Hamed5034. i am receiving Similar Issue. kindly share how to add port 1812 on the Firewall
Me podrías ayudar como hiciste la configuración ya que ya intenté de varias maneras y nada

Who is online

Users browsing this forum: No registered users and 42 guests