Wednesday, March 1, 2017

Hotspot with 2 Radius Server

Hotspot with 2 Radius Server



In this article we will try to discuss about the use hotspot service by using 2 different radius server. By default the router proxy for a service can only use a radius server to make the process of AAA (Authentication, Authorization, Accounting). Probably because of a particular need for example to share the burden of the radius server resource we can configure to enable more than one radius server.
For example here we will use 2 radius server that is Userman (MikroTik) and FreeRADIUS (Linux). The first step we will configure the hotspot that can be integrated with both the radius server. Select IP menu -> Hotspot -> Server Profiles. In the hotspot server profile is currently active, we will do a bit of configuration, ie on the tab 'Login' and 'RADIUS'.

On the Login tab, we make sure to option 'Split Domain Users' own us tick.


And the RADIUS tab, make sure to option 'RADIUS' has us tick.
After configuration hotpsotnya, we will configure RADIUS menu. Since we will be using two Radius servers then we will also create two rule to connect the router MikroTik with both the radius server. Select the RADIUS menu -> click the Add [+].
The main parameters that must be specified include Domain, Address, Secret. For the parameter 'Domain' they were taught to distinguish between the two Radius Server. Eg for Userman (MikroTik) we fill in the name of 'Server1' and for FreeRADIUS (Linux) we fill in the name of 'Server2'. 
Radius Display on the List.
Well, until this step we can configure each RADIUS to be integrated in the MikroTik hotspot service. For example RADIUS configuration Userman (MikroTik) can be seen in the article here and to configure FreeRADIUS (Linux) can be seen in a previous article here .
After the above steps have been configured properly then we will try to do the hotspot login of client devices. And here there are different ways to log the hotspot service with a RADIUS server and more than one RADIUS server. For our purposes that uses RADIUS Server 2 then in filling the username in the login page using the format "username @ servername '. For example, if we want to use traditional login account contained in RADIUS Server1 then we fill 'user @ server1'.
When viewed from the topology for the example above case is as follows.

And for charging the 'Username' on the login page is as follows.

No comments:

Post a Comment