I am entertaining suggestions, and am grateful for any help. I have no idea of these ideas are ligit, if they would work, or if they are flakey. As all my data goes through a /30 subnet provided by my fiber provider, and I only need one of the two available addresses from that /30, I could put the radius manager on the same router interface as my fiber provider, and assign it the other available ip address. Put the same subnet XXX.YY.ZZ.0/24 on two router interfaces, the one authenticating clients and the one belonging to the radius server, and use mangle rules and routing to sort the data.ģ. Create an internal IP subnet for the radius manager router interface and do a one-to-one NAT from the radius server’s internal IP address to XXX.YY.ZZ.2Ģ. I have tried to research this and have come up with the following ideas:ġ. So my radius server must be on a router interface that it is not authenticating, yet be on the same subnet as the network it is authenticating. However,the router interface that is authenticating my clients has my XXX.YY.ZZ.0/24 network on it, and my radius server must have XXX.YY.ZZ.2 to be accessible inside and outside my physical network. Otherwise it would have to authenticate itself. According to DMAsoftlabs, the providers of my radius system, I can not install the server on the same router interface as the one it is authenticating. For our Mikrotik radius setup we will start with one of the most popular scenarios for providing connections, PPPOE.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |