PPPoE With Mikrotik and Radius

Uploaded on

How to manage internet clients of an ISP with PPPoE and MikroTik. For …

How to manage internet clients of an ISP with PPPoE and MikroTik. For
centralized AAA (Authentication, Authorization and Accounting), freeRadius is used.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
  • Thank you for share
    please visit

    EasyZone Mikrotik Billing

    website : http://www.easyzonecorp.net
    keyword: hotspot,mikrotik,billing,truemoney,radius
    Are you sure you want to
    Your message goes here
No Downloads


Total Views
On Slideshare
From Embeds
Number of Embeds



Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

    No notes for slide


  • 1. Managing Internet Connections PPPoE, MikroTik and Radius Dashamir Hoxha <dashohoxha@gmail.com> Artur Nurja <tatanka@albaniaonline.net>● How to manage internet clients of an ISP● With PPPoE and MikroTik and Radius● Based on the work done at AlbaniaOnline
  • 2. Managing PPPoE Connections with Mikrotik is Easy ● PPPoE = Point-to-Point Protocol over Ethernet ● Why PPPoE and not Ethernet? ● Configuring Mikrotik for PPPoE 1.Install package PPP 2. Create PPP profiles 3. Create a PPPoE service and enable it 4. Create user accounts
  • 3. However it Doesnt Scale Up Well● A single Mikrotik can serve only a limited number of clients (400-500).● Managing clients and their profiles in Mikrotik cannot be integrated easily with CRM apps.● Managing clients manually in more than one Mikrotik server is difficult and error prone.● If a Mikrotik fails, the service to the clients is interrupted, until a new Mikrotik is prepared and a backup of the clients is restored.
  • 4. Centralized AAA is Required
  • 5. Centralized AAA is Required● AAA = Authentication, Authorization, Accounting● FreeRadius is used to check username/password, to provide client profiles, and to get usage statistics.● Client details are stored in a MySql database.● Mikrotik-s are dumb gateways with simple configs. No client details are stored on them!● Mikrotik-s use the central Radius for authentication, authorization, and for storing usage statistics.● Clients can connect through any Mikrotik available.
  • 6. Clients are Managed by anExternal CRM Application ● CRM = Customer Relationship Management ● SugarCRM is used to keep all the client details ● SugarCRM is integrated with the database of freeRadius ● Decisions about clients are taken by Customer Care on SugarCRM ● They are automatically enforced by applying them on Radius
  • 7. We Need Also High Availability and Load Balancing
  • 8. We Need Also High Availability and Load Balancing● There are 2 MySQL databases, replicating in Master-->Slave mode; if the first one fails, it is replaced by the second one, in order to minimise the service down time.● Each Mikrotik is configured with a primary and a secondary Radius server; if the primary server does not reply, the second one is tried. This provides HA.● Almost half of mikrotiks have the first radius as primary, and the others have the second one. This provides Load Balancing.
  • 9. Implementation Steps1. Install freeRadius2. Test freeRadius installation3. Set up freeRadius to use a MySQL database4. Test freeRadius with MySQL backend5. Configure Mikrotik for being a PPPoE server6. Test the PPPoE Service7. Get Mikrotik to work with Radius8. Add a second Radius server in Mikrotik9. Replicate MySQL databases of freeRadius
  • 10. SQL API for Radius Manager● API = Application Programing Interface● Helps to access the database of Radius Manager from an outside program (SugarCRM).● Encapsulates (hides) the complexity of the database from the outside programmer.● Makes simpler the code of the outside program.● The programmer is relived from the fear of touching something inappropriately in the database.● If structure of DB is modified in future releases, only the API needs to take them into account.
  • 11. SQL API for Radius Manager● user_get(user);● user_add(user, passwd, service_id, nr_conn, expiration_date);● user_update(user, service_id, nr_conn, expiration_date);● user_set_password(user, passwd);● user_change_service(old_srvid, new_srvid);● user_del(user);● service_get(service_id, service_name);● service_add(service_name, download_rate, upload_rate);● service_update(service_id, service_name, download_rate, upload_rate, enabled);● service_del(service_id);
  • 12. Managing Internet Connections PPPoE, MikroTik and RadiusDashamir Hoxha <dashohoxha@gmail.com> Artur Nurja <tatanka@albaniaonline.net> Thank you for your attention! Are there any questions?