Jump to content
Калькуляторы

EAP + MikrotIk radius

Reply to this topic

XuHT   

XuHT
Posted

Кто ни будь пробовал настраивать wifi с протоколом EAP на RouterOS c использованием встроенного радиус сервера?

Мне нужно разрешить выход в сеть каждому пользователю под своим именем и паролем.

Настроил кое как, выдает такую ошибку 

19:47:40 wireless,debug wlan1: F8:16:54:09:06:19 not in local ACL, by default accept 
19:47:40 wireless,info F8:16:54:09:06:19@wlan1: connected 
19:47:44 radius,debug new request 58:34 code=Access-Request service=wireless called-id=00-0C-42-1B-3E-25:ssh 
19:47:44 radius,debug sending 58:34 to 127.0.0.1:1812 
19:47:44 radius,debug,packet sending Access-Request with id 54 to 127.0.0.1:1812 
19:47:44 radius,debug,packet     Signature = 0xbf841b25fc43ec0672f5ffc45a4c95f8 
19:47:44 radius,debug,packet     Service-Type = 2 
19:47:44 radius,debug,packet     Framed-MTU = 1400 
19:47:44 radius,debug,packet     User-Name = "user" 
19:47:44 radius,debug,packet     NAS-Port-Id = "wlan1" 
19:47:44 radius,debug,packet     NAS-Port-Type = 19 
19:47:44 radius,debug,packet     Acct-Session-Id = "82000026" 
19:47:44 radius,debug,packet     Acct-Multi-Session-Id = "00-0C-42-1B-3E-25-F8-16-54-09-06-19-82-00-00-00-00-00-00-09" 
19:47:44 radius,debug,packet     Calling-Station-Id = "F8-16-54-09-06-19" 
19:47:44 radius,debug,packet     Called-Station-Id = "00-0C-42-1B-3E-25:ssh" 
19:47:44 radius,debug,packet     EAP-Message = 0x020100090175736572 
19:47:44 radius,debug,packet     Message-Authenticator = 0x2247f0b64681ff934846408bce6c8874 
19:47:44 radius,debug,packet     NAS-Identifier = "ssh" 
19:47:44 radius,debug,packet     NAS-IP-Address = 127.0.0.1 
19:47:44 radius,debug,packet received Access-Reject with id 54 from 127.0.0.1:1812 
19:47:44 radius,debug,packet     Signature = 0x15c127b6b69f5c8da6b76e971f567397 
19:47:44 radius,debug,packet     Reply-Message = "unknown authentication algorithm" 
19:47:44 wireless,info F8:16:54:09:06:19@wlan1: disconnected, 802.1x authentication failed 
19:47:44 radius,debug received reply for 58:34 
19:47:44 wireless,debug wlan1: F8:16:54:09:06:19 attempts to associate 
19:47:44 wireless,debug wlan1: F8:16:54:09:06:19 not in local ACL, by default accept 
19:47:44 wireless,info F8:16:54:09:06:19@wlan1: connected

Единственное, что нагуглил, это заметку на офф. форуме, датой за 2010 год, где сказано, что во встроенном userman нет такой возможности. Используйте Freeradius.

С тех пор много воды утекло. Может есть какие хитрости? Вариант с хотспотом можно рассмотреть. Но это уже другая инфраструктура.

Share this post

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Followers 0
Go to topic listing Mikrotik коммутаторы и маршрутизаторы