I just took yesterday a leap of faith and I just installed ROS 7.1.5 on my Router ( RB450gx4)
SO, here is current setup:
1. router+ UM : IP: 192.168.90.3
-
Code: Select all
/user-manager profile
add name=prof1 name-for-users=prof1
/user-manager user group
add inner-auths=peap-mschap2 name=tsa outer-auths=mschap1,eap-peap
/user-manager user
add group=tsa name=pikacku
add group=tsa name=raichu
/user-manager
set enabled=yes
/user-manager router
add address=192.168.90.1 name=AP2
add address=192.168.100.170 name=sles1
/user-manager user-profile
add profile=prof1 user=florin
[admin@core-router] > /user-manager/user/print
Flags: X - disabled
0 name="pikachu" password="cucurigu" otp-secret="" group=tsa shared-users=1 attributes=""
1 name="raichu" password="cucurigu" otp-secret="" group=tsa shared-users=1 attributes=""
- wireless security profile
Code: Select all
name="virtualPEAP" mode=dynamic-keys authentication-types=wpa2-eap unicast-ciphers=aes-ccm group-ciphers=aes-ccm
wpa-pre-shared-key="" wpa2-pre-shared-key="" supplicant-identity="" eap-methods=passthrough tls-mode=no-certificates
tls-certificate=none mschapv2-username="" mschapv2-password="" disable-pmkid=no static-algo-0=none static-key-0=""
static-algo-1=none static-key-1="" static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" static-transmit-key=key-0
static-sta-private-algo=none static-sta-private-key="" radius-mac-authentication=no radius-mac-accounting=no
radius-eap-accounting=yes interim-update=0s radius-mac-format=XX-XX-XX-XX-XX-XX radius-mac-mode=as-username-and-password
radius-called-format=mac:ssid radius-mac-caching=disabled group-key-update=10m management-protection=disabled
management-protection-key=""
Code: Select all
[admin@AP2] > /radius/pr
Columns: SERVICE, ADDRESS, SECRET
# SERVICE ADDRESS SECRET
;;; core-router: radius
0 ppp 192.168.90.3 xoxxox
wireless
A. I have defined on AP a 2nd RADIUS server ( synology) and using the same wireless profile , clients do auth.
B. I have enable on AP login with radius, so for instance user rachu can login to AP, that means there is no connectivity issues between AP and router.
Now, from this point I'm lost, no clue what to do