Hi Mark, 1) if it goes out with the mikrotik IP, then probably you have some NAT rule doing it
2) remember that if you assign an IP to the pppoe client then it will go in the routing table or the PPPoE SERVER but it will not propagate unless you use a dynamic routing protocol (ospf,iBGP) or you are using the same IP address of the router (e.g. the same /24 of the router which is by itself already in the routing tables of your net) Regards Paolo > We are setting up PPPOE using Mikrotik routers at our towers. We have an > external radius and the plan is to have username/password > authentication, radius assigned IPs, and PPP protocol from Ubiquiti > client equipment to the Mikrotik router at each tower. We setup these > parameters in the radius server to do this: > > radcheck table: > Cleartext-Password password > > radreply table: > Framed-IP-Address desired ip address > Framed-IP-Netmask desired net mask > MS-Primary-DNS-Server desired ip of the dns > MS-Secondary-DNS-Server desired ip of the second dns > Mikrotik-Rate-Limit rate limit like 1M/1M > > The Mikrotik router (currently version 5.21 RB750UP) has the PPPOE > service running and radius authentication to our external radius server. > We used http://wiki.mikrotik.com/wiki/Pppoe_with_external_radius as a > starting point, but it assumes dynamically assigned IPs from a local > pool not IPs assigned from the radius server. > > We set up our Ubiquiti client equipment as routed with PPPOE and entered > the PPPOE username and the password. The Ubiquiti client equipment > connects to a Ubiquiti access point that is bridged and then to a > Mikrotik router at the tower. The tower then connects to backhaul radios > to get back to our main tower and our core router. > > The good news is that this mostly works! The Ubiquiti client connects > wirelessly to the access point and via PPPOE to the Mikrotik. It gets > the IP address and the DNS set in radius. I know that because it shows > in the Ubiquiti user interface and I see it in the Mikrotik logs. And > the Mikrotik does the rate limiting beautifully. We can also browse the > web through the connection. From a client user perspective it all works. > But there is one big catch that we are missing. > > All outbound connections are using the IP of the Mikrotik router instead > of the assigned IP address. So the Ubiquiti client equipment has the > right IP but the connection is using network address translation through > the router. We need the assigned IP to be accessible through the > Mikrotik router so it shows as the IP address of the Ubiquiti client > connection and so we can login to the Ubiquiti client radio from our > network. Now the Ubiquiti client radio is hidden behind the Mikrotik > router. What needs to be changed on the router or the radius to fix > this? > > Thanks, > Mark > > _______________________________________________ > Wireless mailing list > Wireless@wispa.org > http://lists.wispa.org/mailman/listinfo/wireless > -- Ing. Paolo Di Francesco Level7 s.r.l. unipersonale Sede operativa: Largo Montalto, 5 - 90144 Palermo C.F. e P.IVA 05940050825 Fax : +39-091-8772072 assistenza: (+39) 091-8776432 web: http://www.level7.it _______________________________________________ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless
