Saturday, March 17, 2018

MikroTik User Manager RADIUS Server. [Customers, Users and Routers].







MikroTik User Manager RADIUS Server is the center where all user authentication and accounting application which gives the ISP or network administrator the ability to manage MikroTik RouterOS user, PPP user and Hotspot user so smoothly.
There are two methods to install MikroTik User Manager RADIUS Server in your network. You can install User Manager Package either on a physical RouterOS or on a dedicated Server Machine or on a Personal Computer where RouterOS is running.
 How to install and configure User Manager Package in MikroTik RouterOS following one of the two methods has been discussed in my previous article. In this tutorial, we will be be looking at the three most important and frequently used terms (Customers, Users and Routers) in User Manager RADIUS Server.


Customers in MikroTik User Manager RADIUS Server
In MikroTik User Manager RADIUS Server, Customers are known as service provider. For that, customers are only eligible to login RADIUS Server’s web interface to manager RADIUS users, credits and routers. Each customer can have no sub-customer or one or more sub-customers and exactly one parent customer that means customers are hierarchically ordered in a tree structure. Permission level of the customers is different. The customer who has owner permissions is called subscriber and the subscriber’s parent is himself. The subscriber can do everything in MikroTik User Manager RADIUS Server.

How To Create a Customer in User Manager Radius Server
By default every user manager customer (admin with no password) is created while installing User Manager Radius Server. You should give a strong password to admin customer or if you wish you can remove this admin customer but you must create another customer who has owner permission.

In other to create a customer inter in user manager please follow my steps below:
Login to your User Manager RADIUS Server with subscriber login credentials by typing http://user_manager_ip_address/userman in your favorite browser. If it is your first login, put Login name as admin and keep password blank.
Click on Customers button from left side button panel. You will find customer table page now.
Click on Add > New menu item from top menu bar. Customer Details window will appear now.
Put customer username and password that will be used to login to web interface in Login and Password input field respectively.

If you have multiple customers, you can choose parent customer for this customer from Parent dropdown menu.
Choose permission level that you want for this customer from Permissions dropdown menu.
Optionally, you can assign customer Public ID that will be used to access user page of this customer.
You can define access permissions of this customer by checking or unchecking Access Check Boxes.
In Private Information area, you can put customer private information such as Company, City, Country and Email.
If you want to allow sign up options of this customer’s user, check Signup allowed check box but you must set customer Public ID if you allow user signup.
You can also set customer Currency and Time Zone from Format
Click on Add button to add this customer.

Following the above steps, you can easily add a customer in MikroTik User Manager RADIUS Server. If you wish, you can edit or remove any customer using Edit menu.


Users in MikroTik User Manager RADIUS Server
In MikroTik User Manager RADIUS Server, Users are people who use internet services using MikroTik PPP Server, Hotspot, DHCP Server and so on provided by any customer. These users may be limited by time, traffic and speed. Users don’t belong to customer but to a specific subscriber because customers are only responsible to add, edit and remove one part of users and whole users including customers belong to a specific subscriber.

How To Create User in MikroTik User Manager RADIUS Server
By default no user is created in MikroTik User Manager RADIUS Server. Subscribers or Customers are responsible to create users in RADIUS server. The following steps will show how to create users in your MikroTik RADIUS Server.
Login to your User Manager RADIUS Server using either subscriber credentials or customer credentials.
Click on Users button from left button panel.
Now click on Add > One menu item from top menu bar. User Details window will appear now.
In Main panel, put username and password in Username and Password input field respectively. Also, you have to choose owner of this user from Owner dropdown menu.
In Private Information panel, you can put user first name, last name, email and so on. You should assign a user profile for this user where user’s time, traffic and speed limitation is assigned. If you don’t have any profile created, it will be better to create a profile first with limitations from Profiles area and then start creating a user.

Click on Add button to save this user information in RADIUS Server.
Following the above steps, a user can be created successfully. Similarly, you can enable, disable, change or remove a user using Edit menu.

Routers in MikroTik User Manager RADIUS Server
In MikroTik User Manager RADIUS Server, Routers are Client MikroTik Router that will inquire for user authentication. MikroTik User Manager is like a judge that means it receives question from Client Routers and must give answer. For example, a Hotspot Server asks: “Is user ‘bob’ is allowed to use Hotspot?”. Now User Manager replies: “Yes, but only 2 hours and give him IP 192.168.110.200”. If any unknown router ask any question, MikroTik User Manager RADIUS Server silently ignore that request. Router table of User Manager RADIUS Server keeps known router lists that are allowed to ask question to RADIUS Server.

How To Add Routers in MikroTik User Manager RADIUS Server
Both Subscriber and Customers are eligible to add routers in User Manager RADIUS Server. The following steps will show how to add client routers that will make query to authenticate users in RADIUS Server.





Login to your User Manager RADIUS Server with subscriber or customer credentials.
Click on Routers button from left button panel.
Now click on Add > New menu item from top menu bar. Router Details window will appear now.
Put a meaningful name for that client router in Name input field and choose owner from Owner dropdown menu.
Put the IP address of the client router that will use User Manager as its RADIUS client in IP address input field.
Put a password in Shared secret input field. This shared secret is important and has to provide while configuring RADIUS client. Otherwise, the RADIUS client cannot communicate with this RADIUS Server.

Click Add button to add this client router.
Following the above steps, a client router can be added easily in User Manager RADIUS Server. Similarly, you can enable, disable, change or remove any client router whenever you want using Edit menu.

The basic idea about MikroTik User Manager RADIUS Server’s Customers, Users and Routers has been explained in this article.

No comments:

Post a Comment