User Manager/4/PPP Setup
From MikroTik Wiki
< User Manager | 4
Introduction
Now Advanced Mikrotik User Manager can be used as a Remote Authentication Dial In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) for PPP Clients.
PPPoE Server Configurations
- First, add the PPPoE server to the local interface:
/ interface pppoe-server server add interface=ether1 service-name=pppoe one-session-per-host=yes disabled=no
- Specify the use of User Manager for PPPoE clients:
/ ppp aaa set use-radius=yes
- Set IP address of the PPPoE server, IP address might not be assigned to the interface of PPPoE server. Moreover static IP address or DHCP should not be used on the same interfaces as the PPPoE server for security reasons.
/ ppp profile set default local-address=10.0.0.1
- Add radius client to consult User Manager for PPP service.
/ radius add service=ppp address=127.0.0.1 secret=123456
- Configure radius client to accept Disconnect request from UM
/ radius incoming set accept=yes port=1700
'secret' is equal to User Manager router secret.
'127.0.0.1' is the User Manager router address.
- Note, first the local PPP database is consulted, then the User Manager database.
User Manager Configurations
- Add PPP server information to router list:
/ tool user-manager router add coa-port=1700 comment="" customer=admin disabled=no ip-address=127.0.0.1 log=auth-fail name=Mikrotik shared-secret=123456
'127.0.0.1' is the address of the PPPoE-server router. 'shared-secret' should match on both User Manager and PPPoE-server routers.
- To log on customer web interface type the following address in your web browser: http://Router_IP_address/userman
where "Router_IP_address" must be replaced with IP address of your router.
- Use username: admin and keep password blank to login.
- Add PPPoE client information:
/ tool user-manager user customer=admin name=demo password=demo ip-address=10.0.0.2 shared-users=1
