Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
How to use OpenWisp-freeradius to authenticate users on Mikrotik
31 views
Skip to first unread message
Victor Barros
Apr 16, 2025, 5:32:24 PMApr 16
to OpenWISP
Hi, I'm running Openwisp in Docker and I'm having some difficulty understanding what steps to follow to configure it to use freeradius to authenticate my Mikrotik.
Hello, I'm running Openwisp in Docker and I'm having some difficulty understanding what steps to follow to configure it to use FreeRadius to authenticate my Mikrotic.
Where can I see if my server is ok? I'm getting timeouts on my Mikrotic and in the FreeRadius log it says that the IP is not allowed even though it's listed in: OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS
Where can I see if my server is ok? I'm getting timeouts on my Mikrotic and in the FreeRadius log it says that the IP is not allowed even though it's listed in: OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS
Enock Simiyu
Apr 19, 2025, 12:38:42 PMApr 19
to open...@googlegroups.com
Have you created a Nas entry in the admin dashboard? The Nas should have the IP address of the MikroTik or the subnet of the management interface
--
You received this message because you are subscribed to the Google Groups "OpenWISP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openwisp+u...@googlegroups.com.
To view this discussion, visit https://groups.google.com/d/msgid/openwisp/bd7d3006-0a18-42dd-adb4-10d7a373b07an%40googlegroups.com.
Federico Capoano (nemesisdesign)
Apr 19, 2025, 12:55:41 PMApr 19
to OpenWISP
Hi Victor,
On Wednesday, April 16, 2025 at 6:32:24 PM UTC-3 victor....@grupomoraes.net wrote:
[...]
Where can I see if my server is ok?
The OpenWISP RADIUS module has a section of its documentation dedicated to Debugging & Troubleshooting which should help.
I'm getting timeouts on my Mikrotic and in the FreeRadius log it says that the IP is not allowed even though it's listed in: OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS
This means that OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS is not configured to let OpenWISP accept API requests to /api/v1/freeradius/*/ from your freeradius instance.
For security reasons all API requests to use the OpenWISP API endpoints dedicated to the freeradius integration need to come from IP addresses that are explicitly whitelisted, the docs indicates how to do this either globally or per organization.
Are you using docker-openwisp? Or what deployment/installation method are you using?
I see that docker-openwisp has a default setting for this:
What's the IP address that you're receiving which is not allowed?
As Enocks wrote in another reply, you will also need to define the NAS.
I hope this helps.
Federico
Victor Barros
Apr 22, 2025, 2:23:56 PMApr 22
to OpenWISP
Hi, I'm deploying via Docker and I've also added a NAS and my network IP to ALLOWED_HOSTS
I'll check the debugging for issues and share them here. Thanks for your help.
I'll check the debugging for issues and share them here. Thanks for your help.
Federico Capoano
Apr 22, 2025, 6:31:31 PMApr 22
to open...@googlegroups.com
On Tue, 22 Apr 2025 at 15:23, Victor Barros <victor....@grupomoraes.net> wrote:
Hi, I'm deploying via Docker
Please specify the URL of the instructions you're following to deploy.
and I've also added a NAS and my network IP to ALLOWED_HOSTS
Watch out ALLOWED_HOSTS is a different setting than OPENWISP_RADIUS_FREERADIUS_ALLOWED_HOSTS.
Federico
Reply all
Reply to author
Forward
0 new messages