Well, I thought that would fix it. We did have NAT running and the radio became accessible via the IP address just like we need it to. Then I tried other IPs and later I tried the same IP again and the radio can't communicate at all out of the Mikrotik. The PPPOE connection seems fine. The issue is that the radio can't browse and the IP is not visible. Any thoughts?
Thanks, Mark ------ Original Message ------ From: "Sam Tetherow" <tethe...@shwisp.net> To: "Mark Stephenson" <m...@countryconnections.net>; "WISPA General List" <wireless@wispa.org> Sent: 12/27/2013 12:34:36 PM Subject: Re: [WISPA] Mikrotik PPPOE with External Radius -- Routing Issue >Did you enable natting as mentioned in Step 1 on that guide (if you >did, >disabled it). > >On 12/27/2013 11:23 AM, Mark Stephenson wrote: >> We are setting up PPPOE using Mikrotik routers at our towers. We have >>an >> external radius and the plan is to have username/password >> authentication, radius assigned IPs, and PPP protocol from Ubiquiti >> client equipment to the Mikrotik router at each tower. We setup these >> parameters in the radius server to do this: >> >> radcheck table: >> Cleartext-Password password >> >> radreply table: >> Framed-IP-Address desired ip address >> Framed-IP-Netmask desired net mask >> MS-Primary-DNS-Server desired ip of the dns >> MS-Secondary-DNS-Server desired ip of the second dns >> Mikrotik-Rate-Limit rate limit like 1M/1M >> >> The Mikrotik router (currently version 5.21 RB750UP) has the PPPOE >> service running and radius authentication to our external radius >>server. >> We used http://wiki.mikrotik.com/wiki/Pppoe_with_external_radius as a >> starting point, but it assumes dynamically assigned IPs from a local >> pool not IPs assigned from the radius server. >> >> We set up our Ubiquiti client equipment as routed with PPPOE and >>entered >> the PPPOE username and the password. The Ubiquiti client equipment >> connects to a Ubiquiti access point that is bridged and then to a >> Mikrotik router at the tower. The tower then connects to backhaul >>radios >> to get back to our main tower and our core router. >> >> The good news is that this mostly works! The Ubiquiti client connects >> wirelessly to the access point and via PPPOE to the Mikrotik. It gets >> the IP address and the DNS set in radius. I know that because it >>shows >> in the Ubiquiti user interface and I see it in the Mikrotik logs. And >> the Mikrotik does the rate limiting beautifully. We can also browse >>the >> web through the connection. From a client user perspective it all >>works. >> But there is one big catch that we are missing. >> >> All outbound connections are using the IP of the Mikrotik router >>instead >> of the assigned IP address. So the Ubiquiti client equipment has the >> right IP but the connection is using network address translation >>through >> the router. We need the assigned IP to be accessible through the >> Mikrotik router so it shows as the IP address of the Ubiquiti client >> connection and so we can login to the Ubiquiti client radio from our >> network. Now the Ubiquiti client radio is hidden behind the Mikrotik >> router. What needs to be changed on the router or the radius to fix >> this? >> >> Thanks, >> Mark >> >> _______________________________________________ >> Wireless mailing list >> Wireless@wispa.org >> http://lists.wispa.org/mailman/listinfo/wireless > >_______________________________________________ >Wireless mailing list >Wireless@wispa.org >http://lists.wispa.org/mailman/listinfo/wireless _______________________________________________ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless
