I have a hot spot configured with one WiFi network, all OK until the login part.
When i press login button the message i have is "Radius server is not responding". But i can see the requests in the status of radius.
I cant find the solution, i have tried changing radius ip and userman/router ip, i have tried firewall filter allow 127.0.0.1, increased radius timeout, etc...
A lot of stuff and nothing....
Any help is appreciated, thanks
Code: Select all
# dec/21/2021 09:18:49 by RouterOS 7.1
# software id = A4W7-3RQB
#
# model = RB4011iGS+
/interface bridge
add name=bridgeAdm
add name=bridgeHotspot
/interface ethernet
set [ find default-name=ether1 ] comment=WAN
set [ find default-name=ether10 ] comment=toCapsman
/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
frequency=2412,2437,2462 name=2Ghz
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=eCee \
frequency=5180,5280,5320 name=5Ghz
/caps-man datapath
add bridge=bridgeAdm bridge-horizon=10 client-to-client-forwarding=yes \
local-forwarding=no name=datapathAdm
add bridge=bridgeHotspot bridge-horizon=10 client-to-client-forwarding=no \
local-forwarding=no name=datapathHotspot
/caps-man configuration
add channel=2Ghz country=portugal datapath=datapathHotspot installation=any \
name=cfgHotspot2Ghz ssid=Wifi@CampingAve2
add channel=5Ghz country=portugal datapath=datapathHotspot installation=any \
name=cfgHotspot5Ghz ssid=Wifi@CampingAve-5Ghz2
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
name=securityAdm
/caps-man configuration
add channel=2Ghz country=portugal datapath=datapathAdm installation=any mode=\
ap name=cfgAdm2Ghz security=securityAdm ssid=Adm@CampingAve2
add channel=5Ghz country=portugal datapath=datapathAdm installation=any mode=\
ap name=cfgAdm5Ghz security=securityAdm ssid=Adm@CampingAve-5Ghz2
/interface list
add name=wan
add name=lan
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool_adm ranges=192.168.9.50-192.168.9.254
add name=dhcp_pool_Hotspot ranges=10.2.2.2-10.2.2.254
/ip dhcp-server
add address-pool=dhcp_pool_adm interface=bridgeAdm lease-time=1d name=dhcpAdm
add address-pool=dhcp_pool_Hotspot interface=bridgeHotspot lease-time=30m \
name=dhcpHotspot
/ip hotspot profile
add dns-name=campingave.hotspot hotspot-address=10.2.2.1 login-by=http-chap \
name=hotspot_profile smtp-server=xxx.xxx.xxx.xxx use-radius=yes
/ip hotspot
add address-pool=dhcp_pool_Hotspot addresses-per-mac=1 disabled=no interface=\
bridgeHotspot name=hotspot1 profile=hotspot_profile
/port
set 0 name=serial0
set 1 name=serial1
/user-manager profile
add name=prof1 name-for-users=1
/user-manager user
add name=admin
add name=user1
/caps-man access-list
add action=accept allow-signal-out-of-range=10s disabled=no mac-address=76:DD:7D:86:3B:1A ssid-regexp=""
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes package-path=/upgrade \
require-peer-certificate=yes upgrade-policy=suggest-same-version
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=ether10
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=cfgAdm2Ghz \
name-format=prefix-identity slave-configurations=cfgHotspot2Ghz
add action=create-dynamic-enabled master-configuration=cfgAdm5Ghz \
name-format=prefix-identity slave-configurations=cfgHotspot5Ghz
/interface bridge port
add bridge=bridgeAdm interface=ether4
add bridge=bridgeAdm interface=ether5
/interface list member
add interface=ether1 list=wan
add list=lan
/ip address
add address=192.168.9.1/24 interface=bridgeAdm network=192.168.9.0
add address=10.2.2.1/24 interface=bridgeHotspot network=10.2.2.0
add address=10.1.1.1/29 interface=ether6 network=10.1.1.0
/ip dhcp-client
add interface=ether1
/ip dhcp-server network
add address=10.2.2.0/24 dns-server=10.2.2.1 domain=hotspot.local gateway=\
10.2.2.1 ntp-server=10.2.2.1
add address=192.168.9.0/24 dns-server=192.168.9.1 domain=camping.local \
gateway=192.168.9.1 ntp-server=192.168.9.1
/ip dns
set allow-remote-requests=yes servers=10.2.2.1
/ip firewall filter
add action=accept chain=input comment="allow userman to work" src-address=127.0.0.1
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=input connection-state=established,related
add action=drop chain=input in-interface=ether1
add action=accept chain=forward connection-state=established,related
add action=drop chain=forward in-interface=ether1
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat out-interface-list=wan
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=10.2.2.0/24
/ip hotspot user
add name=admin
/radius
add address=127.0.0.1 service=hotspot
/radius incoming
set accept=yes
/system clock
set time-zone-name=Europe/Lisbon
/system identity
set name=Camping
/system logging
add topics=dhcp
/tool graphing interface
add
/tool romon
set enabled=yes
/user-manager
set enabled=yes use-profiles=yes
/user-manager router
add address=127.0.0.1 name=router1
