Forum

RADIUS server is not responding

Postado por JARDIEL DE SOUSA em 14 de Junho de 2013 às 13:26

Faz dias que eu venho batendo a cabeça com esse problema! nunca conseguir fazer funcionar, o mk-auth com o mk, ja tentei em varias versões do mk, e eu estou no mk 3.30 e todos da o mesmo problema,

/interface ethernet

set 0 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes mac-address=\
00:E0:7D:E0:AA:19 mtu=1500 name=Clientes speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes mac-address=\
00:04:75:0A:82:A3 mtu=1500 name=MKA speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \
mac-address=00:1D:0F:BE:0B:DE mtu=1500 name=ether3 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \
mac-address=00:19:21:8E:74:02 mtu=1500 name=WAN speed=100Mbps

/ip hotspot profile
set default dns-name="" hotspot-address=0.0.0.0 html-directory=hotspot \
http-proxy=0.0.0.0:0 login-by=http-chap name=default nas-port-type=\
ethernet radius-accounting=yes radius-default-domain="" \
radius-interim-update=3m radius-location-id="" radius-location-name="" \
radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=yes
add dns-name=net.axixa hotspot-address=192.158.88.1 html-directory=hotspot \
http-proxy=0.0.0.0:0 login-by=http-chap name=hsprof1 nas-port-type=\
ethernet radius-accounting=yes radius-default-domain="" \
radius-interim-update=3m radius-location-id="" radius-location-name="" \
radius-mac-format=XX:XX:XX:XX:XX:XX rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=yes

/ip hotspot user profile
set default idle-timeout=none keepalive-timeout=2m name=default shared-users=\
1 status-autorefresh=1m transparent-proxy=no

/ip pool
add name=hs-pool-1 ranges=192.158.88.2-192.158.88.254
/ip dhcp-server
add address-pool=hs-pool-1 authoritative=after-2sec-delay bootp-support=\
static disabled=no interface=Clientes lease-time=1h name=dhcp1
/ip hotspot
add address-pool=hs-pool-1 addresses-per-mac=2 disabled=no idle-timeout=5m \
interface=Clientes keepalive-timeout=none name=hotspot1 profile=hsprof1
/port
set 0 baud-rate=9600 data-bits=8 flow-control=hardware name=serial0 parity=\
none stop-bits=1
set 1 baud-rate=9600 data-bits=8 flow-control=hardware name=serial1 parity=\
none stop-bits=1
/ppp profile
set default change-tcp-mss=yes comment="" name=default only-one=default \
use-compression=default use-encryption=default use-vj-compression=default
set default-encryption change-tcp-mss=yes comment="" name=default-encryption \
only-one=default use-compression=default use-encryption=yes \
use-vj-compression=default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
set default-small kind=pfifo name=default-small pfifo-limit=10

/user
add address=0.0.0.0/0 comment="system default user" disabled=no group=full \
name=admin
add address=0.0.0.0/0 comment="" disabled=no group=full name=mkauth
/interface bridge settings
set use-ip-firewall=no use-ip-firewall-for-pppoe=no use-ip-firewall-for-vlan=\
no
/interface ethernet mirror
set
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:B7:3B:EC:5B:C2 \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.158.88.1/24 broadcast=192.158.88.255 comment=\
"hotspot network" disabled=no interface=Clientes network=192.158.88.0
add address=172.31.255.1/30 broadcast=172.31.255.3 comment="" disabled=no \
interface=MKA network=172.31.255.0
/ip dhcp-client
add add-default-route=yes comment="" default-route-distance=0 disabled=no \
interface=WAN use-peer-ntp=yes
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server network
add address=192.158.88.0/24 comment="hotspot network" gateway=192.158.88.1
/ip dns
set allow-remote-requests=no cache-max-ttl=1w cache-size=20480KiB \
max-udp-packet-size=512 primary-dns=201.10.128.3 secondary-dns=\
201.10.120.3
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=drop chain=teste comment=\
"TESTE DO MK-AUTH PARA USO COM SSH FBE5D1A6" disabled=yes
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
disabled=no src-address=192.158.88.0/24
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip hotspot service-port
set ftp disabled=no ports=21
/ip hotspot user
add comment="" disabled=no name=admin password="" profile=default
/ip hotspot walled-garden
add action=allow comment="" disabled=no dst-host=172.31.255.2 dst-port=80
add action=allow comment="" disabled=no dst-host=172.31.255.2 dst-port=85
/ip neighbor discovery
set Clientes discover=yes
set MKA discover=yes
set ether3 discover=yes
set WAN discover=yes
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-size=none max-client-connections=\
600 max-fresh-time=3d max-server-connections=600 parent-proxy=0.0.0.0 \
parent-proxy-port=0 port=8080 serialize-connections=no src-address=\
0.0.0.0

/radius
add accounting-backup=no accounting-port=1813 address=172.31.255.2 \
authentication-port=1812 called-id="" comment="" disabled=no domain="" \
realm="" secret=123456 service=ppp,hotspot,wireless timeout=300ms
/radius incoming
set accept=yes port=3799
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing ospf
set distribute-default=never metric-bgp=20 metric-connected=20 \
metric-default=1 metric-rip=20 metric-static=20 mpls-te-area=unspecified \
mpls-te-router-id=unspecified redistribute-bgp=no redistribute-connected=\
no redistribute-rip=no redistribute-static=no router-id=0.0.0.0
/routing pim
set switch-to-spt=no switch-to-spt-bytes=0 switch-to-spt-interval=0s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
timeout-timer=3m update-timer=30s

/tool user-manager customer
add comment="" disabled=no login=admin parent=admin password="" \
paypal-accept-pending=no paypal-allowed=no paypal-secure-response=no \
permissions=owner signup-allowed=no subscriber=admin time-zone=+00:00
/user aaa
set accounting=yes default-group=read interim-update=0s use-radius=no
/user ssh-keys
set (unknown) user=mkauth
[admin@MikroTik] >

 

Visualizações: 22

Para adicionar comentários, você deve ser membro de MK-AUTH.

Join MK-AUTH

Votos 0
Enviar-me um email quando as pessoas responderem –
Seguir

Respostas

  • Pedro Filho Junho 16, 2013 19:49

    vc colcou o mk-auth na interface de seus clientes no mikrotik, tenta colocar em outra, a wan por exemplo...

  • ROBERTO GOMES Junho 14, 2013 22:04

    Acompanhando!

This reply was deleted.