AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

171

RouterOS v3 Configuration and User Guide

 

 

 

Generally speaking, PPPoE is used to hand out IP addresses to clients based on the user (and workstation, if desired) authentication as opposed to workstation only authentication, when static IP addresses or DHCP are used. It is adviced not to use static IP addresses or DHCP on the same interfaces as PPPoE for obvious security reasons.

RouterOS can act as a RADIUS client - you can use a RADIUS server to authenticate PPPoE clients and use accounting for them.

A PPPoE connection is composed of a client and an access concentrator (server). The client may be any computer that has the PPPoE client protocol support installed. The RouterOS supports both - client and access concentrator implementations of PPPoE. The PPPoE client and server work over any Ethernet level interface on the router - wireless 802.11, 10/100/1000 Mbit/s Ethernet and EoIP (Ethernet over IP tunnel). No encryption, MPPE 40bit RSA and MPPE 128bit RSA encryption is supported.

￿

When RADIUS server is authenticating a user with CHAP, MS-CHAPv1 or MS-CHAPv2, the RADIUS protocol does not use shared secret, it is used only in authentication reply. So if you have a wrong shared secret, RADIUS server will accept the request. You can use /radius monitor command to see bad- replies parameter. This value should increase whenever a client tries to connect.

Supported connections:

RouterOS PPPoE client to any PPPoE server (access concentrator)

RouterOS server (access concentrator) to multiple PPPoE clients (clients are avaliable for almost all operating systems and most routers)

Quick Setup Guide

To configure RouterOS to be a PPPoE client Just add a pppoe-client:

/interface pppoe-client add name=pppoe-user-mike user=mike password=123 \ \... interface=wlan1 service-name=internet disabled=no

To configure RouterOS to be an Access Concentrator (PPPoE Server)

Add an address pool for the clients from 10.1.1.62 to 10.1.1.72, called pppoe-pool:

/ip pool add name="pppoe-pool" ranges=10.1.1.62-10.1.1.72

Add PPP profile, called pppoe-profilewhere local-addresswill be the router's address and clients will have an address from pppoe-pool:

/ppp profile add name="pppoe-profile" local-address=10.1.1.1 remote-address=pppoe-pool

Add a user with username mike and password 123:

/ppp secret add name=mike password=123 service=pppoe profile=pppoe-profile

Now add a pppoe server:

/interface pppoe-server server add service-name=internet interface=wlan1 \ \... default-profile=pppoe-profile

Specifications

Packages required: ppp

License required: Level1 (limited to 1 interface) , Level3 (limited to 200 interfaces) , Level4 (limited to 200 interfaces) , Level5 (limited to 500 interfaces) , Level6 (unlimited)

Submenu level: /interface pppoe-server, /interface pppoe-client

Standards and Technologies: PPPoE (RFC 2516)

Hardware usage: PPPoE server may require additional RAM (uses approx. 9KiB (plus extra 10KiB for packet queue, if data rate limitation is used) for each connection) and CPU power. Maximum of 65535 connections is supported.

Page 171
Image 171
Allied Telesis AT-WR4500 manual Add a user with username mike and password, Now add a pppoe server