12/2/2015
AboutWiFiHotSpot:MikrotikRADIUSandUserManager
MikrotikRADIUSandUserManager
Setup RADIUS & User Manager on Mikrotik RB
On the last post, we already create a hotspot with one administrator profile. Now, we will create
radius server to do the user management and accounting for your hotspot. It will control user
authentication and access to your hotspot system. First of all, you will need to create a Radius
Server. Mikrotik allows you to setup a basic Radius Server.
First, run WinBox and click onIP>Hotspot>Hotspot Profiles.
You can see [default] and [hsprof1] in the Hotspot Server Profiles window. Double click the
[hsprof1] to edit its properties. Enter or change the information as shown in the picture below.
Click image to enlarge
Click image to enlarge
Change Hotspot Address to match your ether1 IP Address.
On the Login tab, only select HTTP CHAP and disable everything else.
Next, on the RADIUS tab, select the Use RADIUS checkbox.
Finally, click OK to accept the configuration.
//////////@\\\\\\\\\\
The above steps are to activate your hotspot radius functionality with more control options than
data:text/htmlcharset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B
1/4
�12/2/2015
AboutWiFiHotSpot:MikrotikRADIUSandUserManager
WinBox Hotspot user account. Now you will need to enter userman and start managing your
clients account.
Firstly, change the web service port to 808 or any other unused port number besides 80 and
8080. Launch WinBox and go to IP > SERVICES. Change www to port 808 (I use this number
because I like it).
Next, launch your internet explorer (other browser dont work well with Mikrotik RB User
Management System). Go to http://192.168.5.10:808/userman/ or http://yourdns
name:808/userman/ to enter User Management System. Enter your username and password created
in hotspot via WinBox earlier.
If your information is correct, your browser should open the User Management System. Click on
ROUTER located at the upper left side of the window.
Addcaption
Give a name for your Radius Server for easy identification.
Enter the information that you supplied when setting up RADIUS on WinBox. It must be the exact
copy or your RADIUS Server wont work properly. Refer to image above if your setting is same as
mine. When finished, click on SAVE.
Now, your RADIUS Server is ready. All we need is at least one username. It will be used to login to
your hotspot before the client is allowed to access the internet through your hotspot.
//////////@\\\\\\\\\\
Click image to enlarge
Click on Profiles and go to Limitations tab to create speed limitation if you require it. I have 3
packages and each one will be assigned with different speed. This limitation is to create traffic
shaping so that you can make the most out of your internet connection.
Give it a name and enter limitation values in the box provided.
Limits:
data:text/htmlcharset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B
2/4
�12/2/2015
AboutWiFiHotSpot:MikrotikRADIUSandUserManager
Download: Limit account by download volume.
Upload: Limit account by upload volume.
Transfer: Limit account by total upload and download volume.
Uptime: Limit account by their logged in time / uptime.
Note: You can set Limits either by download or upload. If you want the account to be limited to
certain total volume calculated on download + upload, enter the value in Transfer box. I prefer
to leave it blank for unlimited transfer and uptime.
Rate Limits:
Rate Limit: Tx for download limit and Rx for upload limit.
Burst Rate: We dont set this.
Burst Threshold: We dont set this.
Burst Time: We dont set this.
Min Rate: Tx for download and Rx for upload.
Priority: This will prioritize queue on account. Leave it as default if you dont want to
use it.
When everything is in order, click on Save to accept the configuration.
Repeat it to add another limitation.
//////////@\\\\\\\\\\
Click image to enlarge
Now we will setup your account profile. Click on Profiles tab just beside the Limitations tab
and click on the + sign to add your account profile. For example, I create a yearly pass. Give it a
name to easily identify it and enter validity period of the profile. When expired, the account will
not be able to login to your hotspot.
If you want a free account profile, leave the price box empty.
Finally, add any limitation to that profile. The limitation has been created earlier.
/ / / / / / / / / /@ \ \ \ \ \ \ \ \ \ \
data:text/htmlcharset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B
3/4
�12/2/2015
AboutWiFiHotSpot:MikrotikRADIUSandUserManager
Click image to enlarge
Now, we will create a user for your hotspot. Click on Users located at the left panel of your
screen. You can see a menu on top. Click on Add and select One to create single username. A
new box will appear and all you need is to input the username/password and assign any profile to
be applied to the user. Thats it! Now the username can be used to login to you hotspot.
Repeat it to create additional users or click on Batch to create multiple users at the same time.
It will generate random username and password for login.
data:text/htmlcharset=utf8,%3Ch3%20class%3D%22posttitle%20entrytitle%22%20itemprop%3D%22name%22%20style%3D%22margin%3A%200px%3B
4/4
