A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Syed Jahanzaib Personnel Blog to Share

Knowledge !

July 5, 2011

A Success story with Mikrotik and DMASoftlab RADIUS

MANAGER [Glass Line Pvt Ltd.] June, 2011

Filed under: Linux Related, Mikrotik Related, Radius Manager — Tags: aacable, billing, card
system, dmaso坨lab, karachi, linux, mikrotik, mrtg, networking, pakistan, radius, story, success,
syed jahanzaib, zaib — Syed Jahanzaib / Pinochio~:) @ 11:00 AM
About these ads

i
6 Votes

Article by Syed Jahanzaib !

Recently I was contacted by a friend who was really passionate in starting a mini-ISP type
network setup for about 3000 users in the interior area of city. (soon it may expand up to 5000+
users). He asked my help to setup a scratch card base fully automatic system where user
purchase scratch card, & using User self care portal web site, user may create his new ID or
refresh his previous ID or change the service package according to the card package offers. I
had previously setup this kind of scenario in a cable.net environment using Mikrotik built-in
radius server called ‘User Manager’, but it have very limited basic features and all it can offer
was a pre-paid type option and it doesn’t have many accounting features. So I thought I should
give a try to more rich feature radius server and a坨er a lot of googling i decided to go with
(FREERADIUS base ) DMASOFTLAB RADIUS MANAGER. A very famous radius server with
all the option that a mini-ISP would required at unbelievably low price.

The hardware that I have used for this setup.

*Main Mikrotik = v4.17 x86 / Xeon 3.6Ghz Dual / 2 GB Ram / WD 500 GB Sata Hdd , This MT is
serving as a PPPoE Server + NAT + bandwidth shaping. It also redirects HTTP traffic to Proxy

1 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

server.

* Mikrotik RB750 = Just for HOTSPOT to redirect users to self care portal.
(This can be done on Main MT also, but I prefer it this way)

* Radius Server = DMASo坨lab RM v3.9 installed on Fedora v10 / Xeon 3.6Ghz Dual / 4 GB Ram/
WD 500 GB x2 Sata Hdd

* SQUID PROXY GW = SQUID v2.7 on UBUNTU Karmic Koala v9.10 / Xeon 3.6Ghz Dual / 8
GB Ram / WD 500 GB x3 SATA HDD (2 HDD reserved for Cache), This server acts as a proxy +
Gateway machine for the Mikrotik, It also do URL Filtering blocking ads, it also have ZPH
enabled so content available in squid cache should be downloaded at full speed (without
package limitation) at user end. It also cache youtube videos using VIDEOCACHE.

* Linux Transparent BRIDGE firewall + DHCP + DNS + MRTG + WEB Server on FEDORA V10 /
Xeon 3.6Ghz Dual / 4 GB Ram / WD 500 GB SATA HDD, This server sits between Mikrotik and
Users , filtering unwanted traffic, ports and do some other stuff like lightweight DNSMASQ
DNS Server, DHCP server providing ips to users , Web Site with MRTG , Psychostats ranking
system for Counter Strike Game, Server Monitoring Scripts and Alerts, PHPBB Forums for
Users, and some other cool stuff. DNS+DHCP is hosted on this server to minimize load on main
mikrotik machine, alos this machine filters unwanted traffic from passing by to main mikrotik.

In this setup , I have configured HOTSPOT on extra RB750 only to redirect user to my
advertisement page, where he is informed that he is not logged in via dialer, either create /
refresh his ID from RM User Self Care Portal, or if he already have an id, connect it via dialer. I
don’t prefer HotSpot authentication due to various security reasons, mainly due to I had a very
bad experience having HOTSPOT hit by ARP-POISONING and many virus flooder that
requires default gateway.

When user first login , his PC MAC address is binded with his ID to prevent accessing it from
different pcs. Multiple session of same ID is NOT allowed , I provide user with scratch card
(with refill code) , which he can use to refill his account according to card amount/package from
RM User self care portal. RM demo can be viewed at h⬰p://www.dmaso坨lab.com/cont/radman

When users with pppoe dialer tries to connect to main Mikrotik, MT verifies its credentials by
asking Radius Server for the account validity, if the ID is valid, user connects okay and can use
internet , otherwise he gets disconnected. When the User account is expired, he still can login
via dialer, but then he is redirect to my local web server page where he is informed that his
account is expired and he should visit billing.local page to renew his account using the card.

Please find along with a⬰achment is my Network Diagram (This was initially designed, I made
few changes a坨erward, I removed FTP from MT DMZ to user subnet lan to avoid load on MT , I
moved 坨p OS from windows to Linux and integrate it with radius authentication using
APACHE.

Some other entertainment services that I setup here were:

2 FTP Media Sharing Servers ( 4 TB of data )
2 Live TV Channel streaming over LAN using VLC Media Player Broadcasting
1 Counter Strike 1.6 Dedicated Server with Psychostats Ranking System and
adminmod/amxmod
1 Web Server (Ubunut) hosting site u-dear . com , an entertainment portal and hosting other

2 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

features. It also features monitoring system with MRTG / SMS Alerts via a⬰ached Mobile.

About RM: Radius Manager uses a nice web interface for administering the users and the whole
system (traffic accounting, tracking of online users, display statistics, maintenance ,account
management etc.).

and to add that DMASo坨lab customer support guys (specially Mr. Viktor.K) have excellent
support and respond instantly even to the dumbest of questions. It is real value for money
especially for those who do not have big wallet$.

Network Diagram Layout : (Complete setup guide can found at

h⬰p://aacable.wordpress.com/2011/07/19/mikrotik-squid-zph-complete-guide-incomplete-post-i-
will-edit-it-later/

GLASSLINE-Network-Presentation-by-zaib Update 03/08/2001

Comments (71)

3 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

71 Comments »

1. This is very nice. Can I host “DMASOFTLAB RADIUS MANAGER” on a server on the
internet and have like 10 Mikrotik RB450G hotspots in different locations in my country link
to this Radius? I have limited knowledge of these things but would like to set up hotspots in
different locations in my country. I would like to be able to roam between the different
hotspots with a single prepaid scratch card. Can you help me get this project off the ground?

Comment by Brian Dorset — August 4, 2011 @ 10:57 AM

Reply
Yes you can have central RADIUS and multiple NAS (mikrotik) all over the country and
let them authenticate it with central RADIUS.

If your NASes (Network Access Servers like Mikrotik HOTSPOT) are on remote
locations , (which are not reachable directly by the RADIUS server or not the same
LAN), realize the following setup to get them working with Radius Manager:

1. Install a central PPtP server (Mikrotik RB750 will be enough for this) in NOC, beside
the RADIUS server.
2. Connect all your NASes (Mikrotik) to the central PPtP server with PPtP connections.
The central PPtP server must have public, static IP (it must be visible for the remote
NASes).
3. PPtP server will assign static local IPs to NASes via PPtP tunnels.
4. All NASes will reach the RADIUS server via PPtP tunnels and vice versa (RADIUS
UDP protocol).

Using this method NASes can use any IP (public, local, static, dynamic) and RADIUS
server will see them on local, static IP addresses, via the PPtP tunnels. Tunnels are used
for RADIUS packets only (low traffic), while the heavy Internet traffic is going through
the main connection of NAS (ADSL etc.).

Comment by Pinochio / zaib — August 4, 2011 @ 11:09 AM

Reply
Thank you for your extremely quick reply. Now I will start implementing this project
soon. Keep up the good work brother! I will keep you updated on my progress.

Comment by Brian Dorset — August 4, 2011 @ 11:51 AM

is the above method will work for DMA so坨 radius manager along with mikrotik
server.

Comment by tamilmaran — June 21, 2012 @ 10:22 AM

Yes. the described scenario is based on Mikrotik PPPoE + DMASOFTLAB RM

Comment by Syed Jahanzaib / Pinochio~:) — June 21, 2012 @ 10:46 AM

4 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

2. Nice post….i am working at something very similar to this…just that my expected user base
is 15000+, so i plan for 5000+ on each main mikrotik X3 and just a radius manager server…do
you think this can scale? also can you share the setup config you used for the
caching/transparent bridge firewall……

Comment by ojeysky — August 11, 2011 @ 1:38 AM

Reply
Radius Manager Pro and CTS versions have no limitation in a maximal number of users.
The performance of the entire Radius Manager system mainly depends on the speed of
the hard disks and the MySQL subsystem. Adding more RAM will drastically speed up
the MySQL system. Indexes must be fit in the RAM for optimal performance.

Add more RAM to the system. Adding 4-8 OR 8-16 GB of RAM doesn’t mean any
problem nowadays.

In real situations the capacity of NAS (Mikrotik) can have the problem. Use Multiple
Quad core CPU and you will be fine with that much load.

Working Squid.conf examples.

h⬰ps://aacable.wordpress.com/2011/06/01/working-squid-conf-example-testing-file/

For Transparent Bridge which is also acting as Firewall +DNS + web + MAC to IP binding
DHCP server , I will write its guide as soon as I get free time.

Comment by Pinochio / zaib — August 11, 2011 @ 11:43 AM

Reply
3. Hi

I am trying to setup a Hotspot site to intergrate with the Radius Server. I have assigned
public ip addresses to the Radius Server and the Mikrotik Nas and from the Hotspot
Mikrotik I can ping both the nas and radius server. However, when I try to browse I am
being taken to the Mikrotik Hotspot logon, I am not sure howto link up the hotspot to the
the nas and finally the Radius server.
Can you please provide me with some guidelines.

Comment by www.lanlink.co.za — August 17, 2011 @ 5:02 PM

Reply
You are redirecting to Mikrotik HOTSPOT login page because it is designed to do so. to
redirect every UN Authenticated session to Login page, so you can authenticate using
your valid id password, and then you can browse the internet. You have to integrate your
NAS (Mikrotik) with the RADIUS server.

Read following guides to get some idea on how to do this.

h⬰p://aacable.wordpress.com/2011/07/19/mikrotik-dmaso坨lab-rm-squid-zph-linux-
bridgecomplete-guide/
and goto MIKROTIK NAS CONFIGURATION heading.

Some more examples.

5 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

h⬰p://aacable.wordpress.com/2011/08/09/mikrotik-pppoe-server-with-user-manager-
pre-paid-billing-system/

h⬰p://wiki.mikrotik.com/wiki/User_Manager/Hotspot_Example

Comment by Pinochio / zaib — August 18, 2011 @ 11:03 AM

Reply
4. Hi

On my Hotspot Mikrotik I have refined the Radius ip address as 196.15.xy.x but when I try
logging in to the Hotspot logon page with Radius users I get an error “Radius server not
responding” even I can ping the Radius Sever. The Hotspot Mikrotik logs gives this error
“hotspot info debug : user loging failed:RADIUS server is not responding”

Can you assist on this.

Comment by www.lanlink.co.za — August 22, 2011 @ 3:08 PM

Reply
5. HI,
I’ve just about given up on the Radius Manager, though I’ve had it in trial mode with my
MTik Hotspot/router for @ 3 weeks. And had it working fine. Now some Apache issues.
I just am not good with Linux but I have good network skills. It’s unfortunate because of all
the time I’ve spent ge⬰ing it up and running.
I cannot get consistent responses from DMASo坨labs.
I guess my question is where to find support.

Comment by Tim — August 24, 2011 @ 8:26 AM

Reply
The best support that you can get regarding RM is support@dmaso坨lab.com
There response time is very good. They usually answers to RM related issues only.

Usually, Once you have configured RM properly, it works fine without any hurdle. I have
configured many RM in my area and they are running from many months without any
issues. My personnel advise: Try not to mess up with the configuration files. What Linux
disto you are using?

RM works great with FEDORA 10 with all default configuration. I suggest you to install
Fedora 10, then follow on the guide I have published on my Blog. Its a step by step guide
with some my own added experiences.

Following is a link to the article.

h⬰p://aacable.wordpress.com/2011/07/19/mikrotik-dmaso坨lab-rm-squid-zph-linux-
bridgecomplete-guide/

Comment by Pinochio / zaib — August 24, 2011 @ 10:47 AM

Reply
6. Hello, plz i need help on detailed configuration of squid proxy server (Transparent proxy)

6 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

using redhat linux, so that it can help me improve my browsing speed for my lan users. My
email is obinna4god@yahoo.com.

I heard that there are ways to stop or block adbanners in redhat or linux, i equally need the
steps to achieve it.

Thanks

Comment by Dunga — September 13, 2011 @ 5:09 PM

Reply
7. To configure SQUID in transparent mode. Please use the following guide.

h⬰p://aacable.wordpress.com/2011/08/08/linux-transparent-squid-proxy-server-guide/

h⬰p://aacable.wordpress.com/2011/06/01/linux-simple-internet-sharing-script/

To block internet advertisement via SQUID, Please use the following guide.

h⬰p://aacable.wordpress.com/2011/06/01/squid-howto-block-ads/

Comment by Pinochio / zaib — September 14, 2011 @ 10:51 AM

Reply
8. salaam i am aman sir maire passs mikrotik 5.7 ki key pardi hoi hai plz aap mujhe bata sake
hai os ko kese install karo only import key hai plz help me

Comment by a — November 23, 2011 @ 10:41 PM

Reply
First copy key at your desktop.
Then Open Winbox / Goto Files, Paste the KEY file here,

Now goto System/ License, Now select Import KEY.

OR

h⬰p://wiki.mikrotik.com/wiki/Manual:Entering_a_RouterOS_License_key

Comment by Pinochio~:) — November 24, 2011 @ 10:37 AM

Reply
salaam alikuam
sir aap maire baat amjh nahi main khara hoo ke maire pas mikrotik 5.7 hai main is ko
careke ke se karo maire pass asal ki hai wo yeh hai W5EY-LHT9 HAI AUR
MIKROTIK 5.7 KI KEY YEH ARAHI HAI BMD5-E77L MAIN YEH ASAL KEY
KESE YEH LIYE KAAR AOA SOFTWARE ID W5EY-LHT9

SIR PLZ HELP ME

Comment by a — November 24, 2011 @ 8:40 PM

9. plz sir help me

7 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by a — November 24, 2011 @ 10:04 PM

Reply
Sorry I can’t help you in cracking Mikrotik. Its ILLEGAL.
I post an article on howto crack mikrotik 3.3 , but that was just for Educational and
learning purpose only.

I do not support Cracking/Illegal usage of so坨wares.

Comment by Pinochio~:) — November 25, 2011 @ 10:42 AM

Reply
10. great post!
Will come back later for some questioning session.

Comment by shohaib — November 25, 2011 @ 9:58 PM

Reply
11. ok thank you ir
but aik aur soawal ka jowab ded ke mikrotik pcc load balacing se dual peed hoti hai yaa
naram main ne sona hai ke do dsl hoo 4mb aur 4mb pcc se 8 mb ate hai kia yeh sachha hai

Comment by aman — November 26, 2011 @ 11:02 AM

Reply
Yes. its true in some extent that you get data from both lines, PCC do more then that if
you use it correctly

Comment by Pinochio~:) — November 26, 2011 @ 11:09 AM

Reply
12. thank you sir
aik aur baat sir maire mikrotik 3.22 hai kia is main bhi pcc load balacing ho sakti hai

Comment by aman — November 26, 2011 @ 11:17 AM

Reply
You need at least mikrotik 3.0+ for pcc support.

Comment by Pinochio~:) — November 26, 2011 @ 11:18 AM

Reply
13. thank you sir
aur aik baat kia haam mikroik se clinet ke pc dekh ssakte hai i mean on ki web site

Comment by aman — November 26, 2011 @ 11:26 AM

Reply
14. plz tell me

Comment by aman — November 26, 2011 @ 11:34 AM

Reply

8 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Don’t flood on forum. Use email instead,

Comment by Pinochio~:) — November 26, 2011 @ 1:37 PM

Reply
15. dolaso坨 is free or commerical so坨ware…?
pls provide the download link

Comment by tamilmaran — December 15, 2011 @ 6:04 PM

Reply
It’s Free.
h⬰p://daloradius.com/

However its complete Documentation and various additional modules are available for
some charges.

Comment by Pinochio~:) — December 16, 2011 @ 10:49 AM

Reply
16. Im a local wisp for 100+ customers with for internet connection with shared and commerical
clients,
what kind of setup i need.?

Comment by tamilmaranamilmaran — December 19, 2011 @ 9:50 AM

Reply
Depends on your requirements.
For 100 clients, Following can help you for beginning (Network portion only)

Mikrotik / PPPoE Server = any P4 base machine with 512MB RAM

SQUID Proxy Server = any P4 base machine with 2 OR 4GB RAM and 250GB/320GB
HDD would be enough.

Hardware configuration varies depending on configuration/numbers of users.

Comment by Pinochio~:) — December 19, 2011 @ 10:33 AM

Reply
17. i thing this is the best isp website that i’ve ever seen ur amazing
i’ve a small isp company with 250users at the moment . what do u thing is the best solutions
for me to work .

Max customers in one mikrotik are 60users connected with Rb435G routerboard 680mhz rb .
into the others are mostly 20-50users on 433 RB .

I’ve 7 routers and one RadiusMANAGER with a DELL COMPUTER 3.0GHZ 250GB HDD
and 2GB RAM

can i do the squid server just for webs like .php .html and not for musics and videos on the
radiusmanager server with this amount of users 200-250simulations users

what do u thing do i need to add on my base station now … ( whats the best solutions to

9 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

have a be⬰er quality for my clients )

and is there a full how to build a squid server on centOS .

Comment by Nori — December 30, 2011 @ 4:30 AM

Reply
SQUID is an highly customizable proxy server, You can configure it according to you
requirements and its possible to cache only certain content in cache.
If you add proxy, your users browsing experience will increase.
It’s not ma⬰er what flavor you use for building SQUID, I personally use UBUNTU 10.4,
which is quite lighter and ge⬰ing higher a⬰ention of administrators all over the globe.

Comment by Pinochio~:) — December 30, 2011 @ 11:20 AM

Reply
18. yeah but is there a complete guide how to build a squid server
from the beginning cuz im newbie on linux and want to do a squid server
or do i need just to install ubuntu and then add the squid configuration file ?

and my quesiton was “Can i build squid server ( just for php/html pages/images) in the same
computer as radiusmanager or not (radius manager is working at the moment with CentOS 6
).

And can i connect the squid server with a public ip address like the radiusmanager and
mikrotiks and if i have a problem with squid server will it affect to the users or does it work
like this

IF SQUID SERVER IS ON , then take the bantwith from squid server

if it is off then take the bantwith from INTERNET .

thanks for ur reply , ur amazing good and sorry for my bad english

Comment by Nori — December 30, 2011 @ 1:49 PM

Reply
I am not much familiarized with the CENTOS commands, but squid configurations are
same for all flavors.
Try to start basic with following links.

h⬰p://aacable.wordpress.com/2011/08/08/linux-transparent-squid-proxy-server-guide/

h⬰p://aacable.wordpress.com/2011/06/01/working-squid-conf-example-fil/

Never Mix SQUID with Your BILLING RADIUS SERVER, It will gonna messup if any
thing goes wrong.
Billing is the most important service/server of your network, Don’t play with it.

Comment by Pinochio~:) — December 30, 2011 @ 2:07 PM

Reply
19. thanks for ur reply’s .

i’m going to try to build a new server , and my another question was :

10 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

does the users bantwith work like this :

IF SQUID SERVER IS ON , then take the bantwith from squid server
if it is off then take the bantwith from INTERNET . ( for example if squid is full or for any
reasen shutdown ) do my users have internet access again or does it affect to all users and
nobody gets internet then .

And what do u thing what sort of computer is be⬰er for me :

At the moment i’ve 250Users and in the far future maybe ill have 350 users max .
At the moment all the users within one month are using this bantwith :
Month Download Upload Total Trafich all the month for all users
2011-11(November) % 1.6 TB 443.8 GB 2.0 TB
2011-12(December) % 2.3 TB 595.1 GB 2.9 T

Comment by Nori — December 30, 2011 @ 2:13 PM

Reply
Well you can do Fail-over via using the following trick.
Assuming the following scenario.

On Mikrotik you have 3 Interfaces.

1st is connected with the WAN1 > DSL
2nd is connected with the SQUID PROXY This will act as the default Gateway for
Mikrotik.
3rd is connected with the User LAN

So in ip route you will set up routes with check-gateway that if your default gateway
(Squid) is down, then sends requests via WAN1 > DSL,

You need to Read a lot first in order to understand how fail over works in Mikrotik. Read
n Read.

Regarding SQUID Hardware, Get some good speed hardware, the more speedy
hardware you put in it, the be⬰er cache performance you will get. For example, following
hardware would be enough.

3.6 Ghz Xeon / Dual Core Processors

4 or 8 GB Ram
2 Fast Harddrive , one for OS and Logs, second dedicated for CACHING (preferably at
lease 1-2 TB for caching, also you can spread your cache in several harddrives for be⬰er
response, but for smaller setup like 350 users, Just use 2 fast harddrives, one for logs and
one for caching)
Gigabits Lan Cards

And lastly, Well configured Squid Configuration

Comment by Pinochio~:) / Syed Jahanzaib — December 30, 2011 @ 3:30 PM

Reply
20. Hello !,

I have a hotspot wi-fi configured with :

11 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

1. Mikrotik Routers OS 4.16(Hotspot Gateway)

2. DMA So坨lab Radius Manager 3.9.0

mikrotik-ether1==> WAN ISP(Public IP Address)

Mikrotik-ether2==> LAN For Hotspot Wi-Fi Users.(Private IP)
RM configured with Public IP.

One more thing , there are Access Points & some switches which is also configured with
private IPs.

Problem :
- APs and Switches are configured with (192.168.22.0/24 ) and this ip is added in ether 2 as
secondary IP.
- When tried to access APs and switches , Mikrotik Login page displays.
and is only accessible when i manually enter username/password.
I want to access those APs and Switches without any authentication.

Create a firewall access rule but it didn’t worked.

Just needed some help.

Thanx in advance.

- Shiva

Comment by Shiva Thapa — February 7, 2012 @ 9:29 AM

Reply
21. Sir i have configured Radius Manager and i have four mikrotik routers with have 100 user’s
in them in one LAN could you please guide me through how to connect them with central
radius manager.

Comment by masood — June 19, 2012 @ 11:36 AM

Reply
Wy FOUR mikrotik router for 100 users :s even single mikrotik rb450 is enough for you.

On all your NAS, point to your RM in RADIUS section. its very simple, Read the manual
of RM on howto connect to RM in Mikrotik.

Comment by Syed Jahanzaib / Pinochio~:) — June 19, 2012 @ 12:50 PM

Reply
22. Sir i have configured dmaso坨lab Radius manager and i have two mikrotik router that
userman is enabled with having 100 user’s each so i need to connect them with centralized
Radius manager i have searched alot about it but i didnot got the concept of any one of it
please provide me a configuration for it.

Thnx in Advance

Comment by Masood Andesha — June 19, 2012 @ 12:22 PM

Reply

12 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

On all your NAS, point to your RM in RADIUS section. its very simple, Read the manual
of RM on howto connect to RM in Mikrotik.

Comment by Syed Jahanzaib / Pinochio~:) — June 19, 2012 @ 12:49 PM

Reply
23. Sir for connecting mikrotik with RM i have read the manual of RM but that didnot worked
for me and if you can give the guide i would really appreciate it.

Thanks in Advance,

Comment by Masood Andesha — June 19, 2012 @ 2:25 PM

Reply
24. learn video plaes

Comment by muhammad mahdi — August 20, 2012 @ 5:26 AM

Reply
25. I have A and B location and we are using cyberrom for authentication at A location , now i
have one question to u we are using mikrotik at B location if i have to authenticate B location
user to A location than what i have to configure at B and mikrotik

Comment by Hitesh — October 5, 2012 @ 4:26 PM

Reply
26. I dont know y you guys are messing around ……
your configuration is simple and already briefly explained by Mr. Syed

Comment by billy — October 17, 2012 @ 4:05 PM

Reply
27. if do want to mess with your netowrk for experimenting which i suggest as your customers
will be in trouble i suggest u to get a good machine and run aware work station for
experiments and when u r done in that then just implement that on your real time network.
i have configured about 19 hotspot in different areas, with simple RBs as NASes and single
RM server. recently i was informed that we have reached 1000+ users.

Comment by billy — October 17, 2012 @ 4:14 PM

Reply
28. Assalam-O-Alaikum jahanzaib bhai please h⬰p://freeradius.org/ ki koi guide dain k isko kese
install keren aur mikrotik k sath config kese kren

Comment by Zeeshan — November 20, 2012 @ 8:24 AM

Reply
Such guide is already available at mikrotik wiki and its well wri⬰en

Comment by Syed Jahanzaib / Pinochio~:) — November 21, 2012 @ 3:58 PM

Reply
29. Dear Syed Jahanzaib

13 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Thanks a lot for you support for new biggners …. No word to explain.. ThanQ ..

Comment by swamy — December 5, 2012 @ 10:26 AM

Reply
30. We need support system as well SMS module and payment module agent module with
dmaso坨lab… can any one help me??

Comment by Nishit — January 30, 2013 @ 3:11 PM

Reply
Yes. Send your complete requirements with your current scenario to aacable [at]
hotmail.com

Comment by Syed Jahanzaib / Pinochio~:) — January 30, 2013 @ 4:15 PM

Reply
31. does reset traffic counters work ? on add credit in additional mode ? I dont think so it works
on Radius manager

Comment by nk — February 20, 2013 @ 10:45 AM

Reply
32. sir ma cable net ka kam karta ho aor ma na ek Data server share kaya ha jis ka path \\server
ha lakin jin users ko ma router lagha kar dataho aun ka pass server open nahi hota app pls is
ka liya bi kuch kare

Comment by tahirmirza786 — February 24, 2013 @ 3:44 PM

Reply
IT would be much be⬰er if you use HTTP or FTP base sharing server, this way you will
have more control and features over your media server.

Comment by Syed Jahanzaib / Pinochio~:) — February 26, 2013 @ 11:51 AM

Reply
33. sir plz help me few command of radius make problem for

CREATE USER ‘radius’@’localhost’ IDENTIFIED BY ‘yourpass’;

CREATE USER ‘conntrack’@’localhost’ IDENTIFIED BY ‘yourpass’;
GRANT ALL ON radius.* TO radius@localhost;
GRANT ALL ON conntrack.* TO conntrack@localhost;
how i can solve it

Comment by junaid — March 7, 2013 @ 3:03 PM

Reply
What exact error you are ge⬰ing ???

Don’t copy paste SQL code from blog to SQL console. Manually type all the commands
related to SQL. Pay specially a⬰ention to commas like ‘
when you copy paste the comma, it becomes another character which SQL doesn’t
understand?

14 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by Syed Jahanzaib / Pinochio~:) — March 10, 2013 @ 7:20 PM

Reply
34. Hello Syed Jahanzaib, How could I directly contact to you? I’ve few questions. Thanks.

Comment by Tamir — March 10, 2013 @ 9:09 PM

Reply
Send me email at aacable [at] hotmail.com

Comment by Syed Jahanzaib / Pinochio~:) — March 11, 2013 @ 1:55 PM

Reply
35. hi syed
i get error when i user radtest user 1111 localhost
get no response frome server id socket 3

how can i solve it

Comment by dh — March 17, 2013 @ 2:08 AM

Reply
Make sure radius service is started in debug mode

Comment by Syed Jahanzaib / Pinochio~:) — March 20, 2013 @ 8:45 AM

Reply
i use raqdius -X and get
Ready to process requests.

Comment by dh — March 21, 2013 @ 12:27 PM

36. HI,
have a big problem while restricting bandwidth in radius manager. Local/outside traffic both
gets restricted by doing this,As an alternative , just for authentication , it goes to RM , For
rest , bandwidth restriction , i have created a queue rule and applied bandwidth.
Also I have assigned static ip in RM , queue rule has been maintained for the same IP.
What went wrong is it gets different ip address than one assigned in radius manager.

what can be the solution to this ??

Regards,
Shiva

Comment by Shiva Thapa — March 24, 2013 @ 3:42 PM

Reply
Are you using HOTSPoT ?

Comment by Syed Jahanzaib / Pinochio~:) — March 25, 2013 @ 9:43 AM

Reply
yes

15 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by Shiva Thapa — March 25, 2013 @ 9:50 AM

37. buenas tardes tengo un problema instale barias beses RM 4 y cuando entro al ACP la
primera vez va todo bien luego cierro el panel y reinicio la maquina y quiero ingresar
nuevamente al ACP me habre una pagina en blanco y en otra oportunidad me descargo un
archivo admin.php. ayuda desde ya muchas gracias

Comment by walter — April 6, 2013 @ 7:56 AM

Reply
English Please

This problem o坨en happens due to incorrect version of ZEND installed in PHP. Usual
causes are php and .so conflict.
Try using Ubuntu 10.4 , it works very well and have been tested and deployed
successfully at many networks.

Comment by Syed Jahanzaib / Pinochio~:) — April 7, 2013 @ 3:49 PM

Reply
38. Sir,
What a wonderful post, nice, i configured it and working very fine, thanks again.
but here is small query with my hotspot login page.

my (Mikrotik) hotspot does not redirect login page if i someone tries the secure (h⬰ps://) site
like h⬰ps://www.google.com
eg if someone types h⬰p://www.google.com, he will redirected to login page, but if he tries
secure site like h⬰ps://youtube.com, than he will not get redirected to login page and
browser gives error loading page.

Can you please help me!!! i have tried to make tick mark in mikrotik ip/hotspot/server
profile/ login h⬰ps=yes
but nothing improved!!!

Waiting for your king reply.

Comment by Abidali Kadiwala — April 11, 2013 @ 11:38 PM

Reply
The hotspot only redirects port 80 requests. It won’t redirect SSL, email, FTP, or ssh
clients. It just blocks them until you are logged in on port 80.
There MIGHT be a solution for this but If you intercepted the HTTPS response, the users
browser would throw up SSL error messages which really scare the users off

Comment by Syed Jahanzaib / Pinochio~:) — April 12, 2013 @ 1:15 PM

Reply
wow, what a solution, shukriya.

Comment by Abidali — April 12, 2013 @ 2:56 PM

Thank You

16 of 17 15-05-2013 12:27
A Success story with Mikrotik and DMASoftlab RADIUS MANA... http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by Syed Jahanzaib / Pinochio~:) — April 12, 2013 @ 4:14 PM

RSS (Really Simple Syndication) feed for comments on this post. TrackBack URI (Uniform
Resource Identifier)

Theme: Silver is the New Black. Blog at WordPress.com.

17 of 17 15-05-2013 12:27