MikroTik

Please post which RADIUS you use and why, thanks.

I originally used the radius settings in my Mikrotik APs to permit what MAC address (clients) could connect. It did work, however there was a secondary problem - I would have customers call in thinking the network was broken.

I have since switch to something else - here is what I use...
- None of my Mikrotiks use any radius settings
- All of my customer Mikrotiks connect up and gateway to one of my PfSense servers.
- My PfSense servers use Captive Portal (Walled Garden) which is configured to check my FreeRadius servers running on Ubuntu Linux.

What I now have is the following:
- Customers who have a MAC address in the FreeRadius servers connect up and can access anything
- PfSense via the CaptivePortal settings also rate limit what speeds each client may upload and download at. Each client may have different different setting for up/down rates in my PfSense Captive Portal.
- When a client customer MAC address is NOT in my FreeRadus server, then PfSense CaptivePortal will block the customer traffic and also redirect any http traffic to a specific URL one of my web servers. In my case, the redirected web page states the customer is connected but service has been suspended and they need to call our office and make arangements to pay their bill.

Also, with CaptivePortal in PfSense, you can do other things such as simply show rules to use the Internet and force the customer to click an "I Agree" button. You can also set up a temporary credit where a suspended customer can mouse click a credit and get a temporay extension to continue using the Internet.

Also, PfSense has a great selection of optional features such as firewall, router, traffic shaper, nat, packet inspection protocol analyzer bandwidth hog locator.

And the best thing is that Ubuntu & FreeRadius and PfSense are all free.

I run thousands of customer connections through only 5 PfSense servers and it has worked well for many years now.

North Idaho Tom Jones

FreeRADIUS with perl module. There is no substitute.

I looked at Access Manager (accessmanager.in) and Radius Manager (dmasoftlab.com) which look promising, I don't mind paying if I have to as I want it to be stable. Can anyone shed some light on their experience with either (or alternatives) on how well it works and what you're limited to?

FreeRadius with MySQL backend. We also have a module for YubiKeys which authenticates against an internal yubikey server. We build the yubikey setup for a (open)VPN which requires 2 factors for login.

I use DMA Softlab Radius Manager. Its a good radius server.

We also use RadiusManager by DMA Softlab. Would recommend 100%

I'll be getting DMA Radius Manager. Are there some good tutorials to get it setup and with Mikrotik?

Thanks.

Nevermind, got the manual with it.

I've got a 60GB SSD floating around, will that be sufficient for CentOS and Radius Manager?

We have a MS Server 2012 radius server connected to CAPsMAN using
WPA2-Enterprise so our users can authenticate with their Windows Domain user/password.

Works Great!

We have a MS Server 2012 radius server connected to CAPsMAN using
WPA2-Enterprise so our users can authenticate with their Windows Domain user/password.

Works Great!

Could you put some config to do that or some links with tutorial. I had try to setup but without good results

We have a MS Server 2012 radius server connected to CAPsMAN using
WPA2-Enterprise so our users can authenticate with their Windows Domain user/password.

Works Great!

Could you put your configs or links with tutorial how to do that. I've try to connect windows 2012 nap with capsman but without succes

Could you put your config or some link to tutorial how to connect windows 2012 nap with mikrotik ?
I've try to do that but without succes

Can You provide some examples or partial export? We are tryin to get WPA2 ENT running with W2012 NPS without success.