Sie sind auf Seite 1von 17

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Syed Jahanzaib Personnel Blog to Share Knowledge !

July 5, 2011

A Success story with Mikrotik and DMASoftlab RADIUS MANAGER [Glass Line Pvt Ltd.] June, 2011
Filed under: Linux Related, Mikrotik Related, Radius Manager Tags: aacable, billing, card system, dmasolab, karachi, linux, mikrotik, mrtg, networking, pakistan, radius, story, success, syed jahanzaib, zaib Syed Jahanzaib / Pinochio~:) @ 11:00 AM About these ads

i 6 Votes Article by Syed Jahanzaib ! Recently I was contacted by a friend who was really passionate in starting a mini-ISP type network setup for about 3000 users in the interior area of city. (soon it may expand up to 5000+ users). He asked my help to setup a scratch card base fully automatic system where user purchase scratch card, & using User self care portal web site, user may create his new ID or refresh his previous ID or change the service package according to the card package oers. I had previously setup this kind of scenario in a cable.net environment using Mikrotik built-in radius server called User Manager, but it have very limited basic features and all it can oer was a pre-paid type option and it doesnt have many accounting features. So I thought I should give a try to more rich feature radius server and aer a lot of googling i decided to go with (FREERADIUS base ) DMASOFTLAB RADIUS MANAGER. A very famous radius server with all the option that a mini-ISP would required at unbelievably low price. The hardware that I have used for this setup. *Main Mikrotik = v4.17 x86 / Xeon 3.6Ghz Dual / 2 GB Ram / WD 500 GB Sata Hdd , This MT is serving as a PPPoE Server + NAT + bandwidth shaping. It also redirects HTTP trac to Proxy
1 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

server. * Mikrotik RB750 = Just for HOTSPOT to redirect users to self care portal. (This can be done on Main MT also, but I prefer it this way) * Radius Server = DMASolab RM v3.9 installed on Fedora v10 / Xeon 3.6Ghz Dual / 4 GB Ram/ WD 500 GB x2 Sata Hdd * SQUID PROXY GW = SQUID v2.7 on UBUNTU Karmic Koala v9.10 / Xeon 3.6Ghz Dual / 8 GB Ram / WD 500 GB x3 SATA HDD (2 HDD reserved for Cache), This server acts as a proxy + Gateway machine for the Mikrotik, It also do URL Filtering blocking ads, it also have ZPH enabled so content available in squid cache should be downloaded at full speed (without package limitation) at user end. It also cache youtube videos using VIDEOCACHE. * Linux Transparent BRIDGE rewall + DHCP + DNS + MRTG + WEB Server on FEDORA V10 / Xeon 3.6Ghz Dual / 4 GB Ram / WD 500 GB SATA HDD, This server sits between Mikrotik and Users , ltering unwanted trac, ports and do some other stu like lightweight DNSMASQ DNS Server, DHCP server providing ips to users , Web Site with MRTG , Psychostats ranking system for Counter Strike Game, Server Monitoring Scripts and Alerts, PHPBB Forums for Users, and some other cool stu. DNS+DHCP is hosted on this server to minimize load on main mikrotik machine, alos this machine lters unwanted trac from passing by to main mikrotik. In this setup , I have congured HOTSPOT on extra RB750 only to redirect user to my advertisement page, where he is informed that he is not logged in via dialer, either create / refresh his ID from RM User Self Care Portal, or if he already have an id, connect it via dialer. I dont prefer HotSpot authentication due to various security reasons, mainly due to I had a very bad experience having HOTSPOT hit by ARP-POISONING and many virus ooder that requires default gateway. When user rst login , his PC MAC address is binded with his ID to prevent accessing it from dierent pcs. Multiple session of same ID is NOT allowed , I provide user with scratch card (with rell code) , which he can use to rell his account according to card amount/package from RM User self care portal. RM demo can be viewed at hp://www.dmasolab.com/cont/radman When users with pppoe dialer tries to connect to main Mikrotik, MT veries its credentials by asking Radius Server for the account validity, if the ID is valid, user connects okay and can use internet , otherwise he gets disconnected. When the User account is expired, he still can login via dialer, but then he is redirect to my local web server page where he is informed that his account is expired and he should visit billing.local page to renew his account using the card. Please nd along with aachment is my Network Diagram (This was initially designed, I made few changes aerward, I removed FTP from MT DMZ to user subnet lan to avoid load on MT , I moved p OS from windows to Linux and integrate it with radius authentication using APACHE. Some other entertainment services that I setup here were: 2 FTP Media Sharing Servers ( 4 TB of data ) 2 Live TV Channel streaming over LAN using VLC Media Player Broadcasting 1 Counter Strike 1.6 Dedicated Server with Psychostats Ranking System and adminmod/amxmod 1 Web Server (Ubunut) hosting site u-dear . com , an entertainment portal and hosting other
2 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

features. It also features monitoring system with MRTG / SMS Alerts via aached Mobile. About RM: Radius Manager uses a nice web interface for administering the users and the whole system (trac accounting, tracking of online users, display statistics, maintenance ,account management etc.). and to add that DMASolab customer support guys (specially Mr. Viktor.K) have excellent support and respond instantly even to the dumbest of questions. It is real value for money especially for those who do not have big wallet$. Network Diagram Layout : (Complete setup guide can found at hp://aacable.wordpress.com/2011/07/19/mikrotik-squid-zph-complete-guide-incomplete-post-iwill-edit-it-later/

GLASSLINE-Network-Presentation-by-zaib Update 03/08/2001

Comments (71)

3 of 17

15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

71 Comments
1. This is very nice. Can I host DMASOFTLAB RADIUS MANAGER on a server on the internet and have like 10 Mikrotik RB450G hotspots in dierent locations in my country link to this Radius? I have limited knowledge of these things but would like to set up hotspots in dierent locations in my country. I would like to be able to roam between the dierent hotspots with a single prepaid scratch card. Can you help me get this project o the ground? Comment by Brian Dorset August 4, 2011 @ 10:57 AM Reply Yes you can have central RADIUS and multiple NAS (mikrotik) all over the country and let them authenticate it with central RADIUS. If your NASes (Network Access Servers like Mikrotik HOTSPOT) are on remote locations , (which are not reachable directly by the RADIUS server or not the same LAN), realize the following setup to get them working with Radius Manager: 1. Install a central PPtP server (Mikrotik RB750 will be enough for this) in NOC, beside the RADIUS server. 2. Connect all your NASes (Mikrotik) to the central PPtP server with PPtP connections. The central PPtP server must have public, static IP (it must be visible for the remote NASes). 3. PPtP server will assign static local IPs to NASes via PPtP tunnels. 4. All NASes will reach the RADIUS server via PPtP tunnels and vice versa (RADIUS UDP protocol). Using this method NASes can use any IP (public, local, static, dynamic) and RADIUS server will see them on local, static IP addresses, via the PPtP tunnels. Tunnels are used for RADIUS packets only (low trac), while the heavy Internet trac is going through the main connection of NAS (ADSL etc.). Comment by Pinochio / zaib August 4, 2011 @ 11:09 AM Reply Thank you for your extremely quick reply. Now I will start implementing this project soon. Keep up the good work brother! I will keep you updated on my progress. Comment by Brian Dorset August 4, 2011 @ 11:51 AM is the above method will work for DMA so radius manager along with mikrotik server. Comment by tamilmaran June 21, 2012 @ 10:22 AM Yes. the described scenario is based on Mikrotik PPPoE + DMASOFTLAB RM Comment by Syed Jahanzaib / Pinochio~:) June 21, 2012 @ 10:46 AM
4 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

2. Nice post.i am working at something very similar to thisjust that my expected user base is 15000+, so i plan for 5000+ on each main mikrotik X3 and just a radius manager serverdo you think this can scale? also can you share the setup cong you used for the caching/transparent bridge rewall Comment by ojeysky August 11, 2011 @ 1:38 AM Reply Radius Manager Pro and CTS versions have no limitation in a maximal number of users. The performance of the entire Radius Manager system mainly depends on the speed of the hard disks and the MySQL subsystem. Adding more RAM will drastically speed up the MySQL system. Indexes must be t in the RAM for optimal performance. Add more RAM to the system. Adding 4-8 OR 8-16 GB of RAM doesnt mean any problem nowadays. In real situations the capacity of NAS (Mikrotik) can have the problem. Use Multiple Quad core CPU and you will be ne with that much load. Working Squid.conf examples. hps://aacable.wordpress.com/2011/06/01/working-squid-conf-example-testing-le/ For Transparent Bridge which is also acting as Firewall +DNS + web + MAC to IP binding DHCP server , I will write its guide as soon as I get free time. Comment by Pinochio / zaib August 11, 2011 @ 11:43 AM 3. Hi Reply

I am trying to setup a Hotspot site to intergrate with the Radius Server. I have assigned public ip addresses to the Radius Server and the Mikrotik Nas and from the Hotspot Mikrotik I can ping both the nas and radius server. However, when I try to browse I am being taken to the Mikrotik Hotspot logon, I am not sure howto link up the hotspot to the the nas and nally the Radius server. Can you please provide me with some guidelines. Comment by www.lanlink.co.za August 17, 2011 @ 5:02 PM Reply You are redirecting to Mikrotik HOTSPOT login page because it is designed to do so. to redirect every UN Authenticated session to Login page, so you can authenticate using your valid id password, and then you can browse the internet. You have to integrate your NAS (Mikrotik) with the RADIUS server. Read following guides to get some idea on how to do this. hp://aacable.wordpress.com/2011/07/19/mikrotik-dmasolab-rm-squid-zph-linuxbridgecomplete-guide/ and goto MIKROTIK NAS CONFIGURATION heading. Some more examples.

5 of 17

15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

hp://aacable.wordpress.com/2011/08/09/mikrotik-pppoe-server-with-user-managerpre-paid-billing-system/ hp://wiki.mikrotik.com/wiki/User_Manager/Hotspot_Example Comment by Pinochio / zaib August 18, 2011 @ 11:03 AM 4. Hi Reply

On my Hotspot Mikrotik I have rened the Radius ip address as 196.15.xy.x but when I try logging in to the Hotspot logon page with Radius users I get an error Radius server not responding even I can ping the Radius Sever. The Hotspot Mikrotik logs gives this error hotspot info debug : user loging failed:RADIUS server is not responding Can you assist on this. Comment by www.lanlink.co.za August 22, 2011 @ 3:08 PM Reply 5. HI, Ive just about given up on the Radius Manager, though Ive had it in trial mode with my MTik Hotspot/router for @ 3 weeks. And had it working ne. Now some Apache issues. I just am not good with Linux but I have good network skills. Its unfortunate because of all the time Ive spent geing it up and running. I cannot get consistent responses from DMASolabs. I guess my question is where to nd support. Comment by Tim August 24, 2011 @ 8:26 AM Reply The best support that you can get regarding RM is support@dmasolab.com There response time is very good. They usually answers to RM related issues only. Usually, Once you have congured RM properly, it works ne without any hurdle. I have congured many RM in my area and they are running from many months without any issues. My personnel advise: Try not to mess up with the conguration les. What Linux disto you are using? RM works great with FEDORA 10 with all default conguration. I suggest you to install Fedora 10, then follow on the guide I have published on my Blog. Its a step by step guide with some my own added experiences. Following is a link to the article. hp://aacable.wordpress.com/2011/07/19/mikrotik-dmasolab-rm-squid-zph-linuxbridgecomplete-guide/ Comment by Pinochio / zaib August 24, 2011 @ 10:47 AM Reply 6. Hello, plz i need help on detailed conguration of squid proxy server (Transparent proxy)

6 of 17

15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

using redhat linux, so that it can help me improve my browsing speed for my lan users. My email is obinna4god@yahoo.com. I heard that there are ways to stop or block adbanners in redhat or linux, i equally need the steps to achieve it. Thanks Comment by Dunga September 13, 2011 @ 5:09 PM Reply 7. To congure SQUID in transparent mode. Please use the following guide. hp://aacable.wordpress.com/2011/08/08/linux-transparent-squid-proxy-server-guide/ hp://aacable.wordpress.com/2011/06/01/linux-simple-internet-sharing-script/ To block internet advertisement via SQUID, Please use the following guide. hp://aacable.wordpress.com/2011/06/01/squid-howto-block-ads/ Comment by Pinochio / zaib September 14, 2011 @ 10:51 AM Reply 8. salaam i am aman sir maire passs mikrotik 5.7 ki key pardi hoi hai plz aap mujhe bata sake hai os ko kese install karo only import key hai plz help me Comment by a November 23, 2011 @ 10:41 PM Reply First copy key at your desktop. Then Open Winbox / Goto Files, Paste the KEY le here, Now goto System/ License, Now select Import KEY. OR hp://wiki.mikrotik.com/wiki/Manual:Entering_a_RouterOS_License_key Comment by Pinochio~:) November 24, 2011 @ 10:37 AM Reply salaam alikuam sir aap maire baat amjh nahi main khara hoo ke maire pas mikrotik 5.7 hai main is ko careke ke se karo maire pass asal ki hai wo yeh hai W5EY-LHT9 HAI AUR MIKROTIK 5.7 KI KEY YEH ARAHI HAI BMD5-E77L MAIN YEH ASAL KEY KESE YEH LIYE KAAR AOA SOFTWARE ID W5EY-LHT9 SIR PLZ HELP ME Comment by a November 24, 2011 @ 8:40 PM 9. plz sir help me

7 of 17

15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by a November 24, 2011 @ 10:04 PM Reply Sorry I cant help you in cracking Mikrotik. Its ILLEGAL. I post an article on howto crack mikrotik 3.3 , but that was just for Educational and learning purpose only. I do not support Cracking/Illegal usage of sowares. Comment by Pinochio~:) November 25, 2011 @ 10:42 AM Reply 10. great post! Will come back later for some questioning session. Comment by shohaib November 25, 2011 @ 9:58 PM Reply 11. ok thank you ir but aik aur soawal ka jowab ded ke mikrotik pcc load balacing se dual peed hoti hai yaa naram main ne sona hai ke do dsl hoo 4mb aur 4mb pcc se 8 mb ate hai kia yeh sachha hai Comment by aman November 26, 2011 @ 11:02 AM Reply Yes. its true in some extent that you get data from both lines, PCC do more then that if you use it correctly Comment by Pinochio~:) November 26, 2011 @ 11:09 AM Reply 12. thank you sir aik aur baat sir maire mikrotik 3.22 hai kia is main bhi pcc load balacing ho sakti hai Comment by aman November 26, 2011 @ 11:17 AM Reply You need at least mikrotik 3.0+ for pcc support. Comment by Pinochio~:) November 26, 2011 @ 11:18 AM Reply 13. thank you sir aur aik baat kia haam mikroik se clinet ke pc dekh ssakte hai i mean on ki web site Comment by aman November 26, 2011 @ 11:26 AM Reply 14. plz tell me Comment by aman November 26, 2011 @ 11:34 AM Reply
8 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Dont ood on forum. Use email instead, Comment by Pinochio~:) November 26, 2011 @ 1:37 PM Reply 15. dolaso is free or commerical soware? pls provide the download link Comment by tamilmaran December 15, 2011 @ 6:04 PM Reply Its Free. hp://daloradius.com/ However its complete Documentation and various additional modules are available for some charges. Comment by Pinochio~:) December 16, 2011 @ 10:49 AM Reply 16. Im a local wisp for 100+ customers with for internet connection with shared and commerical clients, what kind of setup i need.? Comment by tamilmaranamilmaran December 19, 2011 @ 9:50 AM Reply Depends on your requirements. For 100 clients, Following can help you for beginning (Network portion only) Mikrotik / PPPoE Server = any P4 base machine with 512MB RAM SQUID Proxy Server = any P4 base machine with 2 OR 4GB RAM and 250GB/320GB HDD would be enough. Hardware conguration varies depending on conguration/numbers of users. Comment by Pinochio~:) December 19, 2011 @ 10:33 AM Reply 17. i thing this is the best isp website that ive ever seen ur amazing ive a small isp company with 250users at the moment . what do u thing is the best solutions for me to work . Max customers in one mikrotik are 60users connected with Rb435G routerboard 680mhz rb . into the others are mostly 20-50users on 433 RB . Ive 7 routers and one RadiusMANAGER with a DELL COMPUTER 3.0GHZ 250GB HDD and 2GB RAM can i do the squid server just for webs like .php .html and not for musics and videos on the radiusmanager server with this amount of users 200-250simulations users what do u thing do i need to add on my base station now ( whats the best solutions to
9 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

have a beer quality for my clients ) and is there a full how to build a squid server on centOS . Comment by Nori December 30, 2011 @ 4:30 AM Reply SQUID is an highly customizable proxy server, You can congure it according to you requirements and its possible to cache only certain content in cache. If you add proxy, your users browsing experience will increase. Its not maer what avor you use for building SQUID, I personally use UBUNTU 10.4, which is quite lighter and geing higher aention of administrators all over the globe. Comment by Pinochio~:) December 30, 2011 @ 11:20 AM Reply 18. yeah but is there a complete guide how to build a squid server from the beginning cuz im newbie on linux and want to do a squid server or do i need just to install ubuntu and then add the squid conguration le ? and my quesiton was Can i build squid server ( just for php/html pages/images) in the same computer as radiusmanager or not (radius manager is working at the moment with CentOS 6 ). And can i connect the squid server with a public ip address like the radiusmanager and mikrotiks and if i have a problem with squid server will it aect to the users or does it work like this IF SQUID SERVER IS ON , then take the bantwith from squid server if it is o then take the bantwith from INTERNET . thanks for ur reply , ur amazing good and sorry for my bad english Comment by Nori December 30, 2011 @ 1:49 PM Reply I am not much familiarized with the CENTOS commands, but squid congurations are same for all avors. Try to start basic with following links. hp://aacable.wordpress.com/2011/08/08/linux-transparent-squid-proxy-server-guide/ hp://aacable.wordpress.com/2011/06/01/working-squid-conf-example-l/ Never Mix SQUID with Your BILLING RADIUS SERVER, It will gonna messup if any thing goes wrong. Billing is the most important service/server of your network, Dont play with it. Comment by Pinochio~:) December 30, 2011 @ 2:07 PM Reply 19. thanks for ur replys . im going to try to build a new server , and my another question was :
10 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

does the users bantwith work like this : IF SQUID SERVER IS ON , then take the bantwith from squid server if it is o then take the bantwith from INTERNET . ( for example if squid is full or for any reasen shutdown ) do my users have internet access again or does it aect to all users and nobody gets internet then . And what do u thing what sort of computer is beer for me : At the moment ive 250Users and in the far future maybe ill have 350 users max . At the moment all the users within one month are using this bantwith : Month Download Upload Total Trach all the month for all users 2011-11(November) % 1.6 TB 443.8 GB 2.0 TB 2011-12(December) % 2.3 TB 595.1 GB 2.9 T Comment by Nori December 30, 2011 @ 2:13 PM Reply Well you can do Fail-over via using the following trick. Assuming the following scenario. On Mikrotik you have 3 Interfaces. 1st is connected with the WAN1 > DSL 2nd is connected with the SQUID PROXY This will act as the default Gateway for Mikrotik. 3rd is connected with the User LAN So in ip route you will set up routes with check-gateway that if your default gateway (Squid) is down, then sends requests via WAN1 > DSL, You need to Read a lot rst in order to understand how fail over works in Mikrotik. Read n Read. Regarding SQUID Hardware, Get some good speed hardware, the more speedy hardware you put in it, the beer cache performance you will get. For example, following hardware would be enough. 3.6 Ghz Xeon / Dual Core Processors 4 or 8 GB Ram 2 Fast Harddrive , one for OS and Logs, second dedicated for CACHING (preferably at lease 1-2 TB for caching, also you can spread your cache in several harddrives for beer response, but for smaller setup like 350 users, Just use 2 fast harddrives, one for logs and one for caching) Gigabits Lan Cards And lastly, Well congured Squid Conguration Comment by Pinochio~:) / Syed Jahanzaib December 30, 2011 @ 3:30 PM Reply 20. Hello !, I have a hotspot wi- congured with :

11 of 17

15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

1. Mikrotik Routers OS 4.16(Hotspot Gateway) 2. DMA Solab Radius Manager 3.9.0 mikrotik-ether1==> WAN ISP(Public IP Address) Mikrotik-ether2==> LAN For Hotspot Wi-Fi Users.(Private IP) RM congured with Public IP. One more thing , there are Access Points & some switches which is also congured with private IPs. Problem : - APs and Switches are congured with (192.168.22.0/24 ) and this ip is added in ether 2 as secondary IP. - When tried to access APs and switches , Mikrotik Login page displays. and is only accessible when i manually enter username/password. I want to access those APs and Switches without any authentication. Create a rewall access rule but it didnt worked. Just needed some help. Thanx in advance. - Shiva Comment by Shiva Thapa February 7, 2012 @ 9:29 AM Reply 21. Sir i have congured Radius Manager and i have four mikrotik routers with have 100 users in them in one LAN could you please guide me through how to connect them with central radius manager. Comment by masood June 19, 2012 @ 11:36 AM Reply Wy FOUR mikrotik router for 100 users :s even single mikrotik rb450 is enough for you. On all your NAS, point to your RM in RADIUS section. its very simple, Read the manual of RM on howto connect to RM in Mikrotik. Comment by Syed Jahanzaib / Pinochio~:) June 19, 2012 @ 12:50 PM Reply 22. Sir i have congured dmasolab Radius manager and i have two mikrotik router that userman is enabled with having 100 users each so i need to connect them with centralized Radius manager i have searched alot about it but i didnot got the concept of any one of it please provide me a conguration for it. Thnx in Advance Comment by Masood Andesha June 19, 2012 @ 12:22 PM Reply
12 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

On all your NAS, point to your RM in RADIUS section. its very simple, Read the manual of RM on howto connect to RM in Mikrotik. Comment by Syed Jahanzaib / Pinochio~:) June 19, 2012 @ 12:49 PM Reply 23. Sir for connecting mikrotik with RM i have read the manual of RM but that didnot worked for me and if you can give the guide i would really appreciate it. Thanks in Advance, Comment by Masood Andesha June 19, 2012 @ 2:25 PM Reply 24. learn video plaes Comment by muhammad mahdi August 20, 2012 @ 5:26 AM Reply 25. I have A and B location and we are using cyberrom for authentication at A location , now i have one question to u we are using mikrotik at B location if i have to authenticate B location user to A location than what i have to congure at B and mikrotik Comment by Hitesh October 5, 2012 @ 4:26 PM Reply 26. I dont know y you guys are messing around your conguration is simple and already briey explained by Mr. Syed Comment by billy October 17, 2012 @ 4:05 PM Reply 27. if do want to mess with your netowrk for experimenting which i suggest as your customers will be in trouble i suggest u to get a good machine and run aware work station for experiments and when u r done in that then just implement that on your real time network. i have congured about 19 hotspot in dierent areas, with simple RBs as NASes and single RM server. recently i was informed that we have reached 1000+ users. Comment by billy October 17, 2012 @ 4:14 PM Reply 28. Assalam-O-Alaikum jahanzaib bhai please hp://freeradius.org/ ki koi guide dain k isko kese install keren aur mikrotik k sath cong kese kren Comment by Zeeshan November 20, 2012 @ 8:24 AM Reply Such guide is already available at mikrotik wiki and its well wrien Comment by Syed Jahanzaib / Pinochio~:) November 21, 2012 @ 3:58 PM Reply 29. Dear Syed Jahanzaib
13 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Thanks a lot for you support for new biggners . No word to explain.. ThanQ .. Comment by swamy December 5, 2012 @ 10:26 AM Reply 30. We need support system as well SMS module and payment module agent module with dmasolab can any one help me?? Comment by Nishit January 30, 2013 @ 3:11 PM Reply Yes. Send your complete requirements with your current scenario to aacable [at] hotmail.com Comment by Syed Jahanzaib / Pinochio~:) January 30, 2013 @ 4:15 PM Reply 31. does reset trac counters work ? on add credit in additional mode ? I dont think so it works on Radius manager Comment by nk February 20, 2013 @ 10:45 AM Reply 32. sir ma cable net ka kam karta ho aor ma na ek Data server share kaya ha jis ka path \\server ha lakin jin users ko ma router lagha kar dataho aun ka pass server open nahi hota app pls is ka liya bi kuch kare Comment by tahirmirza786 February 24, 2013 @ 3:44 PM Reply IT would be much beer if you use HTTP or FTP base sharing server, this way you will have more control and features over your media server. Comment by Syed Jahanzaib / Pinochio~:) February 26, 2013 @ 11:51 AM Reply 33. sir plz help me few command of radius make problem for CREATE USER radius@localhost IDENTIFIED BY yourpass; CREATE USER conntrack@localhost IDENTIFIED BY yourpass; GRANT ALL ON radius.* TO radius@localhost; GRANT ALL ON conntrack.* TO conntrack@localhost; how i can solve it Comment by junaid March 7, 2013 @ 3:03 PM Reply What exact error you are geing ??? Dont copy paste SQL code from blog to SQL console. Manually type all the commands related to SQL. Pay specially aention to commas like when you copy paste the comma, it becomes another character which SQL doesnt understand?
14 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by Syed Jahanzaib / Pinochio~:) March 10, 2013 @ 7:20 PM Reply 34. Hello Syed Jahanzaib, How could I directly contact to you? Ive few questions. Thanks. Comment by Tamir March 10, 2013 @ 9:09 PM Reply Send me email at aacable [at] hotmail.com Comment by Syed Jahanzaib / Pinochio~:) March 11, 2013 @ 1:55 PM Reply 35. hi syed i get error when i user radtest user 1111 localhost get no response frome server id socket 3 how can i solve it Comment by dh March 17, 2013 @ 2:08 AM Reply Make sure radius service is started in debug mode Comment by Syed Jahanzaib / Pinochio~:) March 20, 2013 @ 8:45 AM Reply i use raqdius -X and get Ready to process requests. Comment by dh March 21, 2013 @ 12:27 PM 36. HI, have a big problem while restricting bandwidth in radius manager. Local/outside trac both gets restricted by doing this,As an alternative , just for authentication , it goes to RM , For rest , bandwidth restriction , i have created a queue rule and applied bandwidth. Also I have assigned static ip in RM , queue rule has been maintained for the same IP. What went wrong is it gets dierent ip address than one assigned in radius manager. what can be the solution to this ?? Regards, Shiva Comment by Shiva Thapa March 24, 2013 @ 3:42 PM Reply Are you using HOTSPoT ? Comment by Syed Jahanzaib / Pinochio~:) March 25, 2013 @ 9:43 AM Reply yes
15 of 17 15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by Shiva Thapa March 25, 2013 @ 9:50 AM 37. buenas tardes tengo un problema instale barias beses RM 4 y cuando entro al ACP la primera vez va todo bien luego cierro el panel y reinicio la maquina y quiero ingresar nuevamente al ACP me habre una pagina en blanco y en otra oportunidad me descargo un archivo admin.php. ayuda desde ya muchas gracias Comment by walter April 6, 2013 @ 7:56 AM Reply English Please This problem oen happens due to incorrect version of ZEND installed in PHP. Usual causes are php and .so conict. Try using Ubuntu 10.4 , it works very well and have been tested and deployed successfully at many networks. Comment by Syed Jahanzaib / Pinochio~:) April 7, 2013 @ 3:49 PM 38. Sir, What a wonderful post, nice, i congured it and working very ne, thanks again. but here is small query with my hotspot login page. my (Mikrotik) hotspot does not redirect login page if i someone tries the secure (hps://) site like hps://www.google.com eg if someone types hp://www.google.com, he will redirected to login page, but if he tries secure site like hps://youtube.com, than he will not get redirected to login page and browser gives error loading page. Can you please help me!!! i have tried to make tick mark in mikrotik ip/hotspot/server prole/ login hps=yes but nothing improved!!! Waiting for your king reply. Comment by Abidali Kadiwala April 11, 2013 @ 11:38 PM Reply The hotspot only redirects port 80 requests. It wont redirect SSL, email, FTP, or ssh clients. It just blocks them until you are logged in on port 80. There MIGHT be a solution for this but If you intercepted the HTTPS response, the users browser would throw up SSL error messages which really scare the users o Comment by Syed Jahanzaib / Pinochio~:) April 12, 2013 @ 1:15 PM Reply wow, what a solution, shukriya. Comment by Abidali April 12, 2013 @ 2:56 PM Thank You Reply

16 of 17

15-05-2013 12:27

A Success story with Mikrotik and DMASoftlab RADIUS MANA...

http://aacable.wordpress.com/2011/07/05/a-network-design-glass-...

Comment by Syed Jahanzaib / Pinochio~:) April 12, 2013 @ 4:14 PM RSS (Really Simple Syndication) feed for comments on this post. TrackBack URI (Uniform Resource Identier) Theme: Silver is the New Black. Blog at WordPress.com.

17 of 17

15-05-2013 12:27