User Manager/DHCP Example

From MikroTik Wiki
Jump to: navigation, search

Introduction

To make this setup, you should have running DHCP server on the router. Let's consider configuration steps for DHCP and User Manager routers, in order to use User Manager for DHCP server users.

DHCP router configuration

  • Set DHCP to use User Manager for DHCP server leases,
/ ip dhcp-server set dhcp1 use-radius=yes
  • Add radius client to consult User Manager for DHCP service.
/ radius add service=dhcp address=y.y.y.y secret=123456

'secret' is equal to User Manager router secret. 'y.y.y.y' is the User Manager router address.

  • Note, first local router database is consulted, then User Manager database. User will be unable to obtain DHCP lease, if DHCP router and User Manager server will not contain any information about user's data.

User Manager configuration

  • Create User Manager subscriber (root customer). Note that when using a version 3.0 or newer, a subscriber called 'admin' is created automatically - you can skip the following stage and change 'MikroTik' to 'admin' in subsequent steps;
/ tool user-manager customer add login="MikroTik" password="qwerty" permissions=owner
  • Add DHCP router information to router list,

In version 3:

/ tool user-manager router add subscriber=MikroTik ip-address=x.x.x.x shared-secret=123456

In version 4:

/ tool user-manager router add customer=MikroTik ip-address=x.x.x.x shared-secret=123456

'x.x.x.x' is the address of the DHCP router, 'shared-secret' should match on both User Manager and DHCP routers.

  • Add DHCP user information, that client with MAC address 00:01:29:27:81:95 will always receive 192.168.100.2 address. User will receive dynamic address from the DHCP ip pool, if ip-address is not specified.

In version 3:

/ tool user-manager user add add subscriber=MikroTik username="00:01:29:27:81:95" ip-address=192.168.100.2

In version 4:

/ tool user-manager user add add customer=MikroTik username="00:01:29:27:81:95" ip-address=192.168.100.2

We discuss only basic configuration example, detailed information about user menu configuration.

  • To make sure, that user is receiving lease from User Manager,
 / ip dhcp-server lease> print
 Flags: X - disabled, R - radius, D - dynamic, B - blocked
 #   ADDRESS         MAC-ADDRESS       HOST-NAME    SERVER RATE-LIMIT   STATUS
 0 R 192.168.100.2   00:01:29:27:81:95              dhcp1               bound

'R' means that lease has been received from User Manager server.