NAS Configuration in Mikrotik-
simple NAS setup with RADIUS server.
In this example , we will assume that you have the
following configuration :
- Mikrotik RouterOS NAS : 192.168.240.2
- SAS3 RADIUS : 192.168.240.10
- Switch/Hub connecting your WAN,SAS3,NAS all
together.
- Users connected to the NAS via PPPoE and/or Hotspot.
To send authentication and accounting requests to
Radius server, You have to
configure your Mikrotik NAS. Use Winbox to view and
edit the configuration. Follow
these steps:
1. Connect to your Mikrotik router using Winbox.
2. Select Radius from the main menu.
3. Click + to define a new RADIUS authentication
server:
4. In the ‘Address’ field , add your SAS3 RADIUS IP address.
5. Set the ‘Secret’ to anything you like , remember it as you will need
this later.
6. Timeout is preferred to be 3000 ms or higher.
Set
RADIUS incoming port to 1700 from RADIUS->Incoming
________________________________________________________________________
PPPoE setup
Create
new PPPoE service from PPP->PPPoE Servers and click on add (+)
Make
sure that mschap1 & mschap2
both are NOT checked.
Mikrotik is known to have bug
in
these protocols when enabled with RADIUS server.
________________________________________________________________________
In
PPP->Profiles , make sure that you have set proper IP/Pool for the default profile.
Next
, enable accounting in PPP->Secrets->Authentication & Accounting.
PPP
accounting settings
Hotspot Setup
Assuming
you already have functional hotspot setup, go to Hotspot->Server Profiles
and
select
your hotspot profile.
________________________________________________________________________
In
the ‘Login’ Tab set Login by to ‘HTTP CHAP & Cookie’ as in the picture bellow :
Setup
new NAS in SAS3 , go to NAS
-> Add
________________________________________________________________________
After
adding NAS(s) in SAS3 , you must restart the RADIUS service.
Go
to Tools -> System Services , find RADIUS service , stop it and start it again.
Now
you should be ready to add users. If you have problems with users unable to
connect ,
you
can always check the RADIUS Log from Log->RADIUS Server. It will give you a
good
hint on what is going on.
How to setup hotspot ?
Step 1: Definition hotspot
Step 2: Change hotspot settings
Step 3: Add Walled Garden
Step 4: Setup hotspot redirect to external
Step 5: Configuration radius server
Step 1:
Definition Hotspot
1. Hotspot Interface: <your bridge>
2. Local Address Network : <your DHCP –
10.5.50.1>
3. Address Pool of Network: <10.5.50.1 –
10.5.50.200>
4. Select Certificate: none
5. IP Address of SMTP Server: 0.0.0.0
6. DNS Server: 10.5.50.1 / 8.8.8.8 / 8.8.4.4
7. DNS Name: optional
8. Hotspot Setup: user
Step 1:
Definition Hotspot
Step 2: Change
hotspot settings
Step 2: Change
hotspot settings
Step 3: Add
Walled Garden
Step 4: Setup
hotspot redirect to external
Step 4: Setup
hotspot redirect to external
Custome file login.html on flash memory
<html>
<head>
<meta
hZp--‐equiv="refresh"
content="0;
url=hZp://splash.wisky.vn/Portal/Step1?apMac=$
(APMac)&userMac=$(mac)&clientIp=$(ip)&userUrl=$(link--‐orig)&loginUrl=$(link--‐login--‐only)"
/>
<meta
hZp--‐equiv="pragma"
content="no--‐cache">
<meta
hZp--‐equiv="expires"
content="--‐1">
</head>
</html>
Step 5:
Configuration radius server
No comments:
Post a Comment