Did you enable natting as mentioned in Step 1 on that guide (if you did, disabled it).
On 12/27/2013 11:23 AM, Mark Stephenson wrote: > We are setting up PPPOE using Mikrotik routers at our towers. We have an > external radius and the plan is to have username/password > authentication, radius assigned IPs, and PPP protocol from Ubiquiti > client equipment to the Mikrotik router at each tower. We setup these > parameters in the radius server to do this: > > radcheck table: > Cleartext-Password password > > radreply table: > Framed-IP-Address desired ip address > Framed-IP-Netmask desired net mask > MS-Primary-DNS-Server desired ip of the dns > MS-Secondary-DNS-Server desired ip of the second dns > Mikrotik-Rate-Limit rate limit like 1M/1M > > The Mikrotik router (currently version 5.21 RB750UP) has the PPPOE > service running and radius authentication to our external radius server. > We used http://wiki.mikrotik.com/wiki/Pppoe_with_external_radius as a > starting point, but it assumes dynamically assigned IPs from a local > pool not IPs assigned from the radius server. > > We set up our Ubiquiti client equipment as routed with PPPOE and entered > the PPPOE username and the password. The Ubiquiti client equipment > connects to a Ubiquiti access point that is bridged and then to a > Mikrotik router at the tower. The tower then connects to backhaul radios > to get back to our main tower and our core router. > > The good news is that this mostly works! The Ubiquiti client connects > wirelessly to the access point and via PPPOE to the Mikrotik. It gets > the IP address and the DNS set in radius. I know that because it shows > in the Ubiquiti user interface and I see it in the Mikrotik logs. And > the Mikrotik does the rate limiting beautifully. We can also browse the > web through the connection. From a client user perspective it all works. > But there is one big catch that we are missing. > > All outbound connections are using the IP of the Mikrotik router instead > of the assigned IP address. So the Ubiquiti client equipment has the > right IP but the connection is using network address translation through > the router. We need the assigned IP to be accessible through the > Mikrotik router so it shows as the IP address of the Ubiquiti client > connection and so we can login to the Ubiquiti client radio from our > network. Now the Ubiquiti client radio is hidden behind the Mikrotik > router. What needs to be changed on the router or the radius to fix > this? > > Thanks, > Mark > > _______________________________________________ > Wireless mailing list > Wireless@wispa.org > http://lists.wispa.org/mailman/listinfo/wireless _______________________________________________ Wireless mailing list Wireless@wispa.org http://lists.wispa.org/mailman/listinfo/wireless