User Manager/Wireless Example: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
SergejsB (talk | contribs)
mNo edit summary
SergejsB (talk | contribs)
No edit summary
Line 1: Line 1:
== Introduction ==
== Introduction ==
We consider the scenario for wireless network, when only clients from User Manager database are able to establish communications with 'Access Point' router.
We consider the scenario for wireless network, when only clients from User Manager database are able to establish communications with 'Access Point' router.
To make this setup, you should have running [http://www.mikrotik.com/docs/ros/2.9/interface/wireless.content#4.13.21.1 Access Point']. Let's consider configuration steps for Access Point and User Manager routers.
To make this setup, you should have running [http://www.mikrotik.com/docs/ros/2.9/interface/wireless.content#4.13.21.1 Access Point'].  
Let's consider configuration steps for Access Point and User Manager routers.


== Access Point configuration ==
== Access Point configuration ==
* Set Access Point to use User Manager for wireless client authentication,
  / interface wireless security-profiles set default radius-mac-authentication=yes
* Add radius client to consult User Manager for wireless service.
/ radius add service=wireless address=y.y.y.y secret=123456
'secret' is equal to User Manager router secret. 'y.y.y.y' is the User Manager router address.
* Note, first local router database is consulted, then User Manager database. Wireless client will be unable to connect to Access Point, if Access Points router does not contain any entry in the 'interface wireless access-list' for the particular configuration and User Manager server will not have any information about user's data.
== User Manager configuration ==
* First, you need to [[User Manager/Getting started #Download | download]] and [[User Manager/Getting started #Install | install]] User Manager [http://www.mikrotik.com/download.html package];
* Create User Manager [[User Manager/Subscribers | subscriber]];
<pre>
/ tool user-manager customer add login="MikroTik" password="qwerty" permissions=owner
</pre>
* Add Access Point router information to [[User Manager/Routers | router]] list,
/ tool user-manager router add subscriber=MikroTik ip-address=x.x.x.x shared-secret=123456
'x.x.x.x' is the address of the Access Point router, 'shared-secret' should match on both User Manager and Access Point routers.
* Add wireless client information, client MAC-address that is allowed to establish connection to the Access Point,
/ tool user-manager user add add subscriber=MikroTik username="00:01:29:27:81:95"

Revision as of 17:00, 23 October 2006

Introduction

We consider the scenario for wireless network, when only clients from User Manager database are able to establish communications with 'Access Point' router. To make this setup, you should have running Access Point'. Let's consider configuration steps for Access Point and User Manager routers.

Access Point configuration

  • Set Access Point to use User Manager for wireless client authentication,
 / interface wireless security-profiles set default radius-mac-authentication=yes
  • Add radius client to consult User Manager for wireless service.
/ radius add service=wireless address=y.y.y.y secret=123456

'secret' is equal to User Manager router secret. 'y.y.y.y' is the User Manager router address.

  • Note, first local router database is consulted, then User Manager database. Wireless client will be unable to connect to Access Point, if Access Points router does not contain any entry in the 'interface wireless access-list' for the particular configuration and User Manager server will not have any information about user's data.

User Manager configuration

/ tool user-manager customer add login="MikroTik" password="qwerty" permissions=owner
  • Add Access Point router information to router list,
/ tool user-manager router add subscriber=MikroTik ip-address=x.x.x.x shared-secret=123456

'x.x.x.x' is the address of the Access Point router, 'shared-secret' should match on both User Manager and Access Point routers.

  • Add wireless client information, client MAC-address that is allowed to establish connection to the Access Point,
/ tool user-manager user add add subscriber=MikroTik username="00:01:29:27:81:95"