User Manager/DHCP Example
To make this setup, you should have running DHCP server on the router. Let's consider configuration steps for DHCP and User Manager routers, in order to use User Manager for DHCP server users.
DHCP router configuration
- Set DHCP to use User Manager for DHCP server leases,
/ ip dhcp-server set dhcp1 use-radius=yes
- Add radius client to consult User Manager for DHCP service.
/ radius add service=dhcp address=y.y.y.y secret=123456
'secret' is equal to User Manager router secret. 'y.y.y.y' is the User Manager router address.
- Note, first local router database is consulted, then User Manager database. User will be unable to obtain DHCP lease, if DHCP router and User Manager server will not contain any information about user's data.
User Manager configuration
- Create User Manager subscriber;
/ tool user-manager customer add login="MikroTik" password="qwerty" permissions=owner
- Add DHCP router information to router list,
/ tool user-manager router add subscriber=MikroTik ip-address=x.x.x.x shared-secret=123456
'x.x.x.x' is the address of the DHCP router, 'shared-secret' should match on both User Manager and DHCP routers.
- Add DHCP user information, that client with MAC address 00:01:29:27:81:95 will always receive 192.168.100.2 address. User will receive dynamic address from the DHCP ip pool, if ip-address is not specified.
/ tool user-manager user add add subscriber=MikroTik username="00:01:29:27:81:95" ip-address=192.168.100.2
We discuss only basic configuration example, detailed information about user menu configuration.
- To make sure, that user is receiving lease from User Manager,
/ ip dhcp-server lease> print Flags: X - disabled, R - radius, D - dynamic, B - blocked # ADDRESS MAC-ADDRESS HOST-NAME SERVER RATE-LIMIT STATUS 0 R 192.168.100.2 00:01:29:27:81:95 dhcp1 bound
'R' means that lease received from User Manager server.