AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

135

RouterOS v3 Configuration and User Guide

 

 

 

NAS-Port-Id- async PPP - serial port name; PPPoE - ethernet interface name on which server is running; HotSpot - name of the physical HotSpot interface (if bridged, the bridge port name is showed here); not present for ISDN, PPTP and L2TP

Framed-IP-Address- IP address of HotSpot client after Universal Client translation

Mikrotik-Host-IP- IP address of HotSpot client before Universal Client translation (the original IP address of the client)

User-Name- client login name

MS-CHAP-Domain- User domain, if present

Mikrotik-Realm- If it is set in /radius menu, it is included in every RADIUS request as Mikrotik- Realm attribute. If it is not set, the same value is sent as in MS-CHAP-Domainattribute (if MS- CHAP-Domainis missing, Realm is not included neither)

WISPr-Location-ID- text string specified in radius-location-idproperty of the HotSpot server

WISPr-Location-Name- text string specified in radius-location-nameproperty of the HotSpot server

WISPr-Logoff-URL- full link to the login page (for example, http://10.48.0.1/lv/logout)

￿

HotSpot uses CHAP by default and may use also PAP if unencrypted passwords are enabled, it can not use MSCHAP

Depending on authentication methods:

User-Password- encrypted password (used with PAP authentication)

CHAP-Password,CHAP-Challenge- encrypted password and challenge (used with CHAP authentication)

MS-CHAP-Response,MS-CHAP-Challenge- encrypted password and challenge (used with MS- CHAPv1 authentication)

MS-CHAP2-Response,MS-CHAP-Challenge- encrypted password and challenge (used with MS-CHAPv2 authentication)

Access-Accept

Framed-IP-Address- IP address given to client. If address belongs to 127.0.0.0/8 or 224.0.0.0/3 networks, IP pool is used from the default profile to allocate client IP address. If Framed-IP-Address is specified, Framed-Pool is ignored

Framed-IP-Netmask- client netmask. PPPs - if specified, a route will be created to the network Framed-IP-Address belongs to via the Framed-IP-Address gateway; HotSpot - ignored by HotSpot

Framed-Pool- IP pool name (on the router) from which to get IP address for the client. If Framed- IP-Address is specified, this attribute is ignored

￿If Framed-IP-Address or Framed-Pool is specified it overrides remote-address in default configuration

Idle-Timeout- overrides idle-timeout in the default configuration

Session-Timeout- overrides session-timeout in the default configuration

Port-Limit- maximal mumber of simultaneous connections using the same username (overrides te shared-usersproperty of the HotSpot user profile)

Class - cookie, will be included in Accounting-Request unchanged

Framed-Route- routes to add on the server. Format is specified in RFC2865 (Ch. 5.22), can be specified as many times as needed

Filter-Id- firewall filter chain name. It is used to make a dynamic firewall rule. Firewall chain name can have suffix .in or .out, that will install rule only for incoming or outgoing traffic. Multiple Filter-id can be provided, but only last ones for incoming and outgoing is used. For PPPs - filter rules in ppp chain that will jump to the specified chain, if a packet has come to/from the client (that means that

Page 135
Image 135
Allied Telesis AT-WR4500 manual