SlideShare una empresa de Scribd logo

User manager

Descargar como DOC, PDF
HARRY CHAN PUTRA
HARRY CHAN PUTRA
1 de 4
User Manager/QA/How to make HotSpot and User Manager on the same router Introduction First make sure that router has enough hardware resources to manage User Manager and HotSpot on the same router. User manager requirements. To accomplish HotSpot and User Manager on the same router scenario, we need to add the following configuration: HotSpot configuration / radius add service=hotspot address=127.0.0.1 secret=123456 We add radius client to consult User Manager server for appropriate service. 'address=127.0.0.1' points RADIUS client to use local router as RADIUS server, 'secret' is shared secret to exchange information between RADIUS server and client. / ip hotspot profile set hsprof1 use-radius=yes To use RADIUS for HotSpot AAA. Create first subscriber First subscriber must be added using Mikrotik terminal (console). All the configuration is done under the /tool user-manager menu. To create a subscriber you should go to /tool user-manager customer menu and execute add command. It will ask for the username which you will use. or you can enter this into the command line: [admin@USER_MAN] tool user-manager customer> add login="admin" password="adminpassword" permissions=owner After that you can use print command to see what you have added and you can also set the password. [admin@USER_MAN] tool user-manager customer> print Flags: X - disabled 0 subscriber=admin login="admin" password="adminpassword" time-zone= 00:00 permissions=owner parent=admin After that you can use the web interface. [edit] Use web interface To log on customer web interface type the following address in your web browser: http://Router_IP_address/userman where "Router_IP_address" must be replaced with IP address of your router.
Use login and password of the subscriber you have created in console. User Manager configuration • First we need to create subscriber. / tool user-manager customer add login="MikroTik" password="qwerty" permissions=owner • Then add router information to the User Manager configuration, / tool user-manager router add subscriber=MikroTik ip-address=127.0.0.1 shared-secret=123456 'ip-address' is the address of the RADIUS client router. Note, 'shared-secret' should match on User Manager and RADIUS client. Centralized Authentication for Hotspot user Generally we are using external Radius servers for user authentication as MikroTik is not Radius server. But here in this example we use the MikroTik User Manager which works as a Radius server and does authentication and control of your Hotspot users. [edit] Requirements Central location: MikroTik OS with User Manager (suggested License is L6). Hotspot: Mikrotik Routerboard with at least a L4 License Network 192.168.1.0/24
R1-Hotspot Master WAN IP- <Connected to Internet> LAN IP – 192.168.1.1/24 R2-Hotspot IT Dept WAN IP – 192.168.1.2/24 LAN IP – 10.10.10.1/24 R3-Hotspot Account Dept. WAN IP – 192.168.1.3/24 LAN IP – 20.20.20.1/24 R4- Hotspot Purchase Dept WAN IP – 192.168.1.4/24 LAN IP – 30.30.30.1/24 R5- Hotspot Sales Dept. WAN IP – 192.168.1.5/24 LAN IP – 40.40.40.1/24 We assume that all the setup is ready and the hotspot is configured on R2, R3, R4, and R5 with local authentication. First, we will configure R2, R3, R4 & R5 to use MikroTik user manager as a Radius server. /ip hotspot profile use-radius=yes /radius add service=hotspot address=192.168.1.1 secret=123456 This configuration will apply to all the Hotspot router. Now, we will configure R1-Hotspot Master. /tool user-manager customer add subscriber=mikrotik login="mikrotik" password="ashish" time-zone=+05:30
permissions=owner parent=mikrotik /tool user-manager router add subscriber=mikrotik name="R2" ip-address=192.168.1.2 shared-secret="123456" subscriber=mikrotik name="R3" ip-address=192.168.1.3 shared-secret="123456" subscriber=mikrotik name="R4" ip-address=192.168.1.4 shared-secret="123456" subscriber=mikrotik name="R5" ip-address=192.168.1.5 shared-secret="123456" and finally add the user on R1 /tool user-manager user add username=ashish password=ashishpatel subscriber=mikrotik The user name and password will work for all the remote hotspot router…a user can login from any department of the company with same ID and password and we can have all the user data centrally. Now you can log into the User Manager web interface on the address http://192.168.1.1/userman and start setting up your user accounts.

Recomendados

How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?QUBEE
 
07 VLAN Principle and Configuration.pdf
07 VLAN Principle and Configuration.pdf07 VLAN Principle and Configuration.pdf
07 VLAN Principle and Configuration.pdfHARRY CHAN PUTRA
 
12 link aggregation configuration
12 link aggregation configuration12 link aggregation configuration
12 link aggregation configurationHARRY CHAN PUTRA
 
11 mac address table characteristic configuration
11 mac address table characteristic configuration11 mac address table characteristic configuration
11 mac address table characteristic configurationHARRY CHAN PUTRA
 
05 interface appended characteristic configuration
05 interface appended characteristic configuration05 interface appended characteristic configuration
05 interface appended characteristic configurationHARRY CHAN PUTRA
 
Bdcom s2508 b hardware installation manual
Bdcom s2508 b hardware installation manualBdcom s2508 b hardware installation manual
Bdcom s2508 b hardware installation manualHARRY CHAN PUTRA
 
Mplsvpn seminar
Mplsvpn seminarMplsvpn seminar
Mplsvpn seminarHARRY CHAN PUTRA
 
Firewall ip filter
Firewall ip filterFirewall ip filter
Firewall ip filterHARRY CHAN PUTRA
 

Recomendados

How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?How to create a Wi-Fi hotspot using your?
How to create a Wi-Fi hotspot using your?QUBEE
 
07 VLAN Principle and Configuration.pdf
07 VLAN Principle and Configuration.pdf07 VLAN Principle and Configuration.pdf
07 VLAN Principle and Configuration.pdfHARRY CHAN PUTRA
 
12 link aggregation configuration
12 link aggregation configuration12 link aggregation configuration
12 link aggregation configurationHARRY CHAN PUTRA
 
11 mac address table characteristic configuration
11 mac address table characteristic configuration11 mac address table characteristic configuration
11 mac address table characteristic configurationHARRY CHAN PUTRA
 
05 interface appended characteristic configuration
05 interface appended characteristic configuration05 interface appended characteristic configuration
05 interface appended characteristic configurationHARRY CHAN PUTRA
 
Bdcom s2508 b hardware installation manual
Bdcom s2508 b hardware installation manualBdcom s2508 b hardware installation manual
Bdcom s2508 b hardware installation manualHARRY CHAN PUTRA
 
Mplsvpn seminar
Mplsvpn seminarMplsvpn seminar
Mplsvpn seminarHARRY CHAN PUTRA
 
Firewall ip filter
Firewall ip filterFirewall ip filter
Firewall ip filterHARRY CHAN PUTRA
 
Zxdsl 9210 guide
Zxdsl 9210 guideZxdsl 9210 guide
Zxdsl 9210 guideHARRY CHAN PUTRA
 
9210 commissioning manual
9210 commissioning manual9210 commissioning manual
9210 commissioning manualHARRY CHAN PUTRA
 
Bsd routers
Bsd routersBsd routers
Bsd routersHARRY CHAN PUTRA
 
Hacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHARRY CHAN PUTRA
 
Pfsense%20%20note
Pfsense%20%20notePfsense%20%20note
Pfsense%20%20noteHARRY CHAN PUTRA
 
66 pf sensetutorial
66 pf sensetutorial66 pf sensetutorial
66 pf sensetutorialHARRY CHAN PUTRA
 
Modul 1-instalasi
Modul 1-instalasiModul 1-instalasi
Modul 1-instalasiHARRY CHAN PUTRA
 
Modul 1-instalasi
Modul 1-instalasiModul 1-instalasi
Modul 1-instalasiHARRY CHAN PUTRA
 
Modul 0-pengantar
Modul 0-pengantarModul 0-pengantar
Modul 0-pengantarHARRY CHAN PUTRA
 
Modul 0-pengantar
Modul 0-pengantarModul 0-pengantar
Modul 0-pengantarHARRY CHAN PUTRA
 
Slimsinserver2go
Slimsinserver2goSlimsinserver2go
Slimsinserver2goHARRY CHAN PUTRA
 
Olivevme110usermanualid
Olivevme110usermanualidOlivevme110usermanualid
Olivevme110usermanualidHARRY CHAN PUTRA
 
Modul 10 vicon
Modul 10 viconModul 10 vicon
Modul 10 viconHARRY CHAN PUTRA
 
Modul 9 pengelolaan_infra
Modul 9 pengelolaan_infraModul 9 pengelolaan_infra
Modul 9 pengelolaan_infraHARRY CHAN PUTRA
 
Modul 8 vo_ip
Modul 8 vo_ipModul 8 vo_ip
Modul 8 vo_ipHARRY CHAN PUTRA
 
Modul 7 infrastruktur
Modul 7 infrastrukturModul 7 infrastruktur
Modul 7 infrastrukturHARRY CHAN PUTRA
 
Wireless
WirelessWireless
WirelessHARRY CHAN PUTRA
 
W2k router
W2k routerW2k router
W2k routerHARRY CHAN PUTRA
 
Vpn gw2gw
Vpn gw2gwVpn gw2gw
Vpn gw2gwHARRY CHAN PUTRA
 
Vo ip rt-rw-net
Vo ip rt-rw-netVo ip rt-rw-net
Vo ip rt-rw-netHARRY CHAN PUTRA
 

Más contenido relacionado

Más de HARRY CHAN PUTRA

Hacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHARRY CHAN PUTRA
 

Más de HARRY CHAN PUTRA (20)

Zxdsl 9210 guide
Zxdsl 9210 guideZxdsl 9210 guide
Zxdsl 9210 guide
 
9210 commissioning manual
9210 commissioning manual9210 commissioning manual
9210 commissioning manual
 
Bsd routers
Bsd routersBsd routers
Bsd routers
 
Hacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guideHacom%20pf sense%20quick start%20guide
Hacom%20pf sense%20quick start%20guide
 
Pfsense%20%20note
Pfsense%20%20notePfsense%20%20note
Pfsense%20%20note
 
66 pf sensetutorial
66 pf sensetutorial66 pf sensetutorial
66 pf sensetutorial
 
Modul 1-instalasi
Modul 1-instalasiModul 1-instalasi
Modul 1-instalasi
 
Modul 1-instalasi
Modul 1-instalasiModul 1-instalasi
Modul 1-instalasi
 
Modul 0-pengantar
Modul 0-pengantarModul 0-pengantar
Modul 0-pengantar
 
Modul 0-pengantar
Modul 0-pengantarModul 0-pengantar
Modul 0-pengantar
 
Slimsinserver2go
Slimsinserver2goSlimsinserver2go
Slimsinserver2go
 
Olivevme110usermanualid
Olivevme110usermanualidOlivevme110usermanualid
Olivevme110usermanualid
 
Modul 10 vicon
Modul 10 viconModul 10 vicon
Modul 10 vicon
 
Modul 9 pengelolaan_infra
Modul 9 pengelolaan_infraModul 9 pengelolaan_infra
Modul 9 pengelolaan_infra
 
Modul 8 vo_ip
Modul 8 vo_ipModul 8 vo_ip
Modul 8 vo_ip
 
Modul 7 infrastruktur
Modul 7 infrastrukturModul 7 infrastruktur
Modul 7 infrastruktur
 
Wireless
WirelessWireless
Wireless
 
W2k router
W2k routerW2k router
W2k router
 
Vpn gw2gw
Vpn gw2gwVpn gw2gw
Vpn gw2gw
 
Vo ip rt-rw-net
Vo ip rt-rw-netVo ip rt-rw-net
Vo ip rt-rw-net
 

User manager

  • 1. User Manager/QA/How to make HotSpot and User Manager on the same router Introduction First make sure that router has enough hardware resources to manage User Manager and HotSpot on the same router. User manager requirements. To accomplish HotSpot and User Manager on the same router scenario, we need to add the following configuration: HotSpot configuration / radius add service=hotspot address=127.0.0.1 secret=123456 We add radius client to consult User Manager server for appropriate service. 'address=127.0.0.1' points RADIUS client to use local router as RADIUS server, 'secret' is shared secret to exchange information between RADIUS server and client. / ip hotspot profile set hsprof1 use-radius=yes To use RADIUS for HotSpot AAA. Create first subscriber First subscriber must be added using Mikrotik terminal (console). All the configuration is done under the /tool user-manager menu. To create a subscriber you should go to /tool user-manager customer menu and execute add command. It will ask for the username which you will use. or you can enter this into the command line: [admin@USER_MAN] tool user-manager customer> add login="admin" password="adminpassword" permissions=owner After that you can use print command to see what you have added and you can also set the password. [admin@USER_MAN] tool user-manager customer> print Flags: X - disabled 0 subscriber=admin login="admin" password="adminpassword" time-zone= 00:00 permissions=owner parent=admin After that you can use the web interface. [edit] Use web interface To log on customer web interface type the following address in your web browser: http://Router_IP_address/userman where "Router_IP_address" must be replaced with IP address of your router.
  • 2. Use login and password of the subscriber you have created in console. User Manager configuration • First we need to create subscriber. / tool user-manager customer add login="MikroTik" password="qwerty" permissions=owner • Then add router information to the User Manager configuration, / tool user-manager router add subscriber=MikroTik ip-address=127.0.0.1 shared-secret=123456 'ip-address' is the address of the RADIUS client router. Note, 'shared-secret' should match on User Manager and RADIUS client. Centralized Authentication for Hotspot user Generally we are using external Radius servers for user authentication as MikroTik is not Radius server. But here in this example we use the MikroTik User Manager which works as a Radius server and does authentication and control of your Hotspot users. [edit] Requirements Central location: MikroTik OS with User Manager (suggested License is L6). Hotspot: Mikrotik Routerboard with at least a L4 License Network 192.168.1.0/24
  • 3. R1-Hotspot Master WAN IP- <Connected to Internet> LAN IP – 192.168.1.1/24 R2-Hotspot IT Dept WAN IP – 192.168.1.2/24 LAN IP – 10.10.10.1/24 R3-Hotspot Account Dept. WAN IP – 192.168.1.3/24 LAN IP – 20.20.20.1/24 R4- Hotspot Purchase Dept WAN IP – 192.168.1.4/24 LAN IP – 30.30.30.1/24 R5- Hotspot Sales Dept. WAN IP – 192.168.1.5/24 LAN IP – 40.40.40.1/24 We assume that all the setup is ready and the hotspot is configured on R2, R3, R4, and R5 with local authentication. First, we will configure R2, R3, R4 & R5 to use MikroTik user manager as a Radius server. /ip hotspot profile use-radius=yes /radius add service=hotspot address=192.168.1.1 secret=123456 This configuration will apply to all the Hotspot router. Now, we will configure R1-Hotspot Master. /tool user-manager customer add subscriber=mikrotik login="mikrotik" password="ashish" time-zone=+05:30
  • 4. permissions=owner parent=mikrotik /tool user-manager router add subscriber=mikrotik name="R2" ip-address=192.168.1.2 shared-secret="123456" subscriber=mikrotik name="R3" ip-address=192.168.1.3 shared-secret="123456" subscriber=mikrotik name="R4" ip-address=192.168.1.4 shared-secret="123456" subscriber=mikrotik name="R5" ip-address=192.168.1.5 shared-secret="123456" and finally add the user on R1 /tool user-manager user add username=ashish password=ashishpatel subscriber=mikrotik The user name and password will work for all the remote hotspot router…a user can login from any department of the company with same ID and password and we can have all the user data centrally. Now you can log into the User Manager web interface on the address http://192.168.1.1/userman and start setting up your user accounts.