New User Manager in RouterOS v7 (2024)

Is there any way to have more logging or debugging? I only have "rejects" out of this user manager setup.
What is wrong in this setup? Is there a possible short exemple for 802.1x to start from?
Is it the limit, the profile, the authentication method? Should be PEAP and MSCHAP2 for 802.1x , no ?

This is a lab setup, no real user environment. hAP ac2 (ROS 7.0beta4) as user manager (192.168.2.23) and wAP ac (ROS 6.46) as wifi AP (192.168.2.25)

user manager configuration

See Also
Android: Diese Metadaten werden permanent von PayPal gesammeltMotion X600 | High-Quality Sound Wireless SpeakerAeroFit Pro | Secure Open-Ear Sport EarbudsLiberty 4 NC | True-Wireless Noise Cancelling Earbuds

[admin@MikroTik hAPac2] /user-manager> export verbose
# dec/13/2019 13:21:29 by RouterOS 7.0beta4
# software id = B8YC-C4XL
#
# model = RBD52G-5HacD2HnD
# serial number = xxxxxxxxxxxxx
/user-manager limitation
add download-limit=0B name=tst rate-limit-burst-rx=0B rate-limit-burst-threshold-rx=0B rate-limit-burst-threshold-tx=0B rate-limit-burst-time-rx=0s \
rate-limit-burst-time-tx=0s rate-limit-burst-tx=0B rate-limit-min-rx=0B rate-limit-min-tx=0B rate-limit-priority=0 rate-limit-rx=0B rate-limit-tx=0B \
reset-counters-interval=disabled reset-counters-start-time="jan/01/1970 00:00:00" transfer-limit=0B upload-limit=0B uptime-limit=0s
add download-limit=0B name=test rate-limit-burst-rx=0B rate-limit-burst-threshold-rx=0B rate-limit-burst-threshold-tx=0B rate-limit-burst-time-rx=0s \
rate-limit-burst-time-tx=0s rate-limit-burst-tx=0B rate-limit-min-rx=0B rate-limit-min-tx=0B rate-limit-priority=0 rate-limit-rx=0B rate-limit-tx=0B \
reset-counters-interval=disabled reset-counters-start-time="jan/01/1970 00:00:00" transfer-limit=0B upload-limit=0B uptime-limit=16m40s
/user-manager profile
add name=userprof name-for-users=userprof override-shared-users=off price=0 starts-when=assigned validity=unlimited
/user-manager user group
set [ find default-name=default ] attributes="" inner-auths=ttls-pap,ttls-chap,ttls-mschap1,ttls-mschap2,peap-mschap2 name=default outer-auths=\
pap,chap,mschap1,mschap2,eap-tls,eap-ttls,eap-peap,eap-mschap2
set [ find default-name=default-anonymous ] attributes="" inner-auths="" name=default-anonymous outer-auths=eap-ttls,eap-peap
/user-manager user
add attributes="" disabled=no group=default name=bpwl password=bpwl shared-users=1
/user-manager
set accounting-port=1813 authentication-port=1812 certificate=none enabled=yes
/user-manager advanced
set paypal-allow=no paypal-currency=USD paypal-password="" paypal-signature="" paypal-use-sandbox=no paypal-user="" web-private-password="" web-private-username=""
/user-manager profile-limitation
add from-time=0s limitation=test profile=userprof till-time=23h59m59s weekdays=sunday,monday,tuesday,wednesday,thursday,friday,saturday
/user-manager router
add address=192.168.2.25 coa-port=3799 disabled=no name=wap shared-secret=mikrotik
/user-manager user-profile
add profile=userprof user=bpwl
[admin@MikroTik hAPac2] /user-manager>

The logging shows:manager,debug <<<<tx Access-reject after 2 request/challenge handshakes.

#TimeBufferTopicsMessage

See Also
soundcore Sleep A20 Earwings Kit - Slumber Beige

169Dec/13/2019 00:30:55memorymanager, debug>>> rx Access-Request from [192.168.2.25]:45652, id: 119
170Dec/13/2019 00:30:55memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:45652, id: 119
171Dec/13/2019 00:30:55memorymanager, debug>>> rx Access-Request from [192.168.2.25]:42899, id: 120
172Dec/13/2019 00:30:55memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:42899, id: 120
173Dec/13/2019 00:30:55memorymanager, debug>>> rx Access-Request from [192.168.2.25]:41869, id: 121
174Dec/13/2019 00:30:55memorymanager, debug<<< tx Access-Reject to [192.168.2.25]:41869, id: 121
175Dec/13/2019 00:31:44memorymanager, debug>>> rx Access-Request from [192.168.2.25]:35311, id: 122
176Dec/13/2019 00:31:44memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:35311, id: 122
177Dec/13/2019 00:31:44memorymanager, debug>>> rx Access-Request from [192.168.2.25]:57176, id: 123
178Dec/13/2019 00:31:44memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:57176, id: 123
179Dec/13/2019 00:31:44memorymanager, debug>>> rx Access-Request from [192.168.2.25]:60363, id: 124
180Dec/13/2019 00:31:44memorymanager, debug<<< tx Access-Reject to [192.168.2.25]:60363, id: 124
181Dec/13/2019 00:32:14memorymanager, debug>>> rx Access-Request from [192.168.2.25]:49734, id: 125
182Dec/13/2019 00:32:14memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:49734, id: 125
183Dec/13/2019 00:32:14memorymanager, debug>>> rx Access-Request from [192.168.2.25]:51911, id: 126
184Dec/13/2019 00:32:14memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:51911, id: 126
185Dec/13/2019 00:32:14memorymanager, debug>>> rx Access-Request from [192.168.2.25]:56187, id: 127
186Dec/13/2019 00:32:14memorymanager, debug<<< tx Access-Reject to [192.168.2.25]:56187, id: 127
187Dec/13/2019 00:32:44memorymanager, debug>>> rx Access-Request from [192.168.2.25]:36744, id: 128
188Dec/13/2019 00:32:44memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:36744, id: 128
189Dec/13/2019 00:32:45memorymanager, debug>>> rx Access-Request from [192.168.2.25]:55070, id: 129
190Dec/13/2019 00:32:45memorymanager, debug<<< tx Access-Challenge to [192.168.2.25]:55070, id: 129
191Dec/13/2019 00:32:45memorymanager, debug>>> rx Access-Request from [192.168.2.25]:54221, id: 130
192Dec/13/2019 00:32:45memorymanager, debug<<< tx Access-Reject to [192.168.2.25]:54221, id: 130

The requesting wifi seems normal with RADIUS debug logging.

Quick SetWebFigTerminal RouterOS v6.46 (stable)

#TimeBufferTopicsMessage

506Dec/13/2019 00:30:55memoryradius, debug, packetdebug: NAS-IP-Address = 192.168.2.25
507Dec/13/2019 00:30:55memoryradius, debug, packetdebug: received Access-Reject with id 121 from 192.168.2.23:1812
508Dec/13/2019 00:30:55memoryradius, debug, packetdebug: Signature = 0xc74e9aa1891a0423b0680031b52e63a5
509Dec/13/2019 00:30:55memoryradius, debug, packetdebug: EAP-Message = 0x04020004
510Dec/13/2019 00:30:55memoryradius, debug, packetdebug: Message-Authenticator = 0x406d0b9b63b2573f54e206f1139f1ce5
511Dec/13/2019 00:30:55memoryradius, debugdebug: received reply for 58:c3
512Dec/13/2019 00:30:55memorywireless, info54:A0:50:96:A9:99@wlan5: disconnected, 802.1x authentication failed
513Dec/13/2019 00:31:44memorywireless, info54:A0:50:96:A9:99@wlan5: connected, signal strength -64
514Dec/13/2019 00:31:44memoryradius, debugdebug: new request 58:c4 code=Access-Request service=wireless called-id=test
515Dec/13/2019 00:31:44memoryradius, debugdebug: sending 58:c4 to 192.168.2.23:1812
516Dec/13/2019 00:31:44memoryradius, debug, packetdebug: sending Access-Request with id 122 to 192.168.2.23:1812
517Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Signature = 0x3dd925fc93baf700562a0cf27abc6fd4
518Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Service-Type = 2
519Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Framed-MTU = 1400
520Dec/13/2019 00:31:44memoryradius, debug, packetdebug: User-Name = "bpwl"
521Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Port-Id = "wlan5"
522Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Port-Type = 19
523Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Calling-Station-Id = "54-A0-50-96-A9-99"
524Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Called-Station-Id = "test"
525Dec/13/2019 00:31:44memoryradius, debug, packetdebug: EAP-Message = 0x02000009016270776c
526Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Message-Authenticator = 0x7a2e3e7c4a67cf445a4655b18063ad73
527Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Identifier = "MktwAPac"
528Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-IP-Address = 192.168.2.25
529Dec/13/2019 00:31:44memoryradius, debug, packetdebug: received Access-Challenge with id 122 from 192.168.2.23:1812
530Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Signature = 0xbac9bd4fa4ff68bf517a95ac5ff23afc
531Dec/13/2019 00:31:44memoryradius, debug, packetdebug: EAP-Message = 0x0101001b1a0100001610486eefc353bc
532Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 6b2ecdf458c26fbb026120
533Dec/13/2019 00:31:44memoryradius, debug, packetdebug: State = 0xfd2e0e32cc6a3137c874bf3dd1865924
534Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Message-Authenticator = 0xa49772870be90db17f19d97505f1a863
535Dec/13/2019 00:31:44memoryradius, debugdebug: received reply for 58:c4
536Dec/13/2019 00:31:44memoryradius, debugdebug: new request 58:c5 code=Access-Request service=wireless called-id=test
537Dec/13/2019 00:31:44memoryradius, debugdebug: sending 58:c5 to 192.168.2.23:1812
538Dec/13/2019 00:31:44memoryradius, debug, packetdebug: sending Access-Request with id 123 to 192.168.2.23:1812
539Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Signature = 0x5ff13abc8302675e71b62c41759dc0fe
540Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Service-Type = 2
541Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Framed-MTU = 1400
542Dec/13/2019 00:31:44memoryradius, debug, packetdebug: User-Name = "bpwl"
543Dec/13/2019 00:31:44memoryradius, debug, packetdebug: State = 0xfd2e0e32cc6a3137c874bf3dd1865924
544Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Port-Id = "wlan5"
545Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Port-Type = 19
546Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Calling-Station-Id = "54-A0-50-96-A9-99"
547Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Called-Station-Id = "test"
548Dec/13/2019 00:31:44memoryradius, debug, packetdebug: EAP-Message = 0x020100060319
549Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Message-Authenticator = 0x0201fd3d97e48f7cff4bec8a16a18299
550Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Identifier = "MktwAPac"
551Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-IP-Address = 192.168.2.25
552Dec/13/2019 00:31:44memoryradius, debug, packetdebug: received Access-Challenge with id 123 from 192.168.2.23:1812
553Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Signature = 0x020a7b6a38e9c131011fdadb4d9e49a1
554Dec/13/2019 00:31:44memoryradius, debug, packetdebug: EAP-Message = 0x010200061920
555Dec/13/2019 00:31:44memoryradius, debug, packetdebug: State = 0xfd2e0e32cc6a3137c874bf3dd1865924
556Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Message-Authenticator = 0xb7f791633cf57d3ec49c18fd30624470
557Dec/13/2019 00:31:44memoryradius, debugdebug: received reply for 58:c5
558Dec/13/2019 00:31:44memoryradius, debugdebug: new request 58:c6 code=Access-Request service=wireless called-id=test
559Dec/13/2019 00:31:44memoryradius, debugdebug: sending 58:c6 to 192.168.2.23:1812
560Dec/13/2019 00:31:44memoryradius, debug, packetdebug: sending Access-Request with id 124 to 192.168.2.23:1812
561Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Signature = 0xe3ffe217f2d1fff1d891e45c08228605
562Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Service-Type = 2
563Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Framed-MTU = 1400
564Dec/13/2019 00:31:44memoryradius, debug, packetdebug: User-Name = "bpwl"
565Dec/13/2019 00:31:44memoryradius, debug, packetdebug: State = 0xfd2e0e32cc6a3137c874bf3dd1865924
566Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Port-Id = "wlan5"
567Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Port-Type = 19
568Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Calling-Station-Id = "54-A0-50-96-A9-99"
569Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Called-Station-Id = "test"
570Dec/13/2019 00:31:44memoryradius, debug, packetdebug: EAP-Message = 0x020200d01980000000c616030100c101
571Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 0000bd0301b3d0d7ae846d0dbac970c9
572Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 81cba0b50c44a2aa4593d99ee9318b59
573Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 6a5eef810d000054c014c00ac022c021
574Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 00390038c00fc0050035c012c008c01c
575Dec/13/2019 00:31:44memoryradius, debug, packetdebug: c01b00160013c00dc003000ac013c009
576Dec/13/2019 00:31:44memoryradius, debug, packetdebug: c01fc01e00330032c00ec004002fc011
577Dec/13/2019 00:31:44memoryradius, debug, packetdebug: c007c00cc00200050004001500120009
578Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 0014001100080006000300ff01000040
579Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 000b000403000102000a00340032000e
580Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 000d0019000b000c00180009000a0016
581Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 00170008000600070014001500040005
582Dec/13/2019 00:31:44memoryradius, debug, packetdebug: 00120013000100020003000f00100011
583Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Message-Authenticator = 0xb262b821f948349f54d16ca558b4749d
584Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-Identifier = "MktwAPac"
585Dec/13/2019 00:31:44memoryradius, debug, packetdebug: NAS-IP-Address = 192.168.2.25
586Dec/13/2019 00:31:44memoryradius, debug, packetdebug: received Access-Reject with id 124 from 192.168.2.23:1812
587Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Signature = 0x11b7cd725a0d5086a68c659a3a2ed706
588Dec/13/2019 00:31:44memoryradius, debug, packetdebug: EAP-Message = 0x04020004
589Dec/13/2019 00:31:44memoryradius, debug, packetdebug: Message-Authenticator = 0x5345932c7690016ac6bd851a1cc54aea
590Dec/13/2019 00:31:44memoryradius, debugdebug: received reply for 58:c6
591Dec/13/2019 00:31:44memorywireless, info54:A0:50:96:A9:99@wlan5: disconnected, 802.1x authentication failed
592Dec/13/2019 00:32:14memorywireless, info54:A0:50:96:A9:99@wlan5: connected, signal strength -64

Device is an old Android tablet with PEAP and MSChap2 set for wifi network security,. or even my laptop Windows 10. Both cannot connect.

This same AP setup with the wAP works with a Draytek router and Synology-NAS RADIUS server. But there is poor logging in the Draytek never logging the requesting device, and the Synology NAS is overkill.

New User Manager in RouterOS v7 (2024)
Top Articles
Women&#039;s Shorts Stores in Ocala
Tampa Bay Times from St. Petersburg, Florida
Bristol News | Latest Headlines
Tri-City Herald from Pasco, Washington
Bloxburg Codes For Hair / Roblox Welcome To Bloxburg Hair Codes List Pro Game Guides : Welcome to bloxburg is arguably one of the most visited games on roblox.
2024 Ford Mustang EcoBoost Premium in Bowie, TX | Fort Worth Ford Mustang | Lipscomb Dealerships
Alec Ringdahl
Craigslist Keosauqua Iowa
Pxg Gen4 Driver Adjustment Chart
UCLA extends SafeRide hours during finals in effort to increase student safety - Daily Bruin
Roto Lineup Optimizer
Prc Lackland Afb
Latest Posts
R-407C Refrigerant Facts & Info Sheet - Refrigerant HQ
407c Refrigerant: The Complete Guide To Cooling With Confidence - In-depth Refrigerators Reviews
Article information

Author: Amb. Frankie Simonis

Last Updated:

Views: 6294

Rating: 4.6 / 5 (76 voted)

Reviews: 91% of readers found this page helpful

Author information

Name: Amb. Frankie Simonis

Birthday: 1998-02-19

Address: 64841 Delmar Isle, North Wiley, OR 74073

Phone: +17844167847676

Job: Forward IT Agent

Hobby: LARPing, Kitesurfing, Sewing, Digital arts, Sand art, Gardening, Dance

Introduction: My name is Amb. Frankie Simonis, I am a hilarious, enchanting, energetic, cooperative, innocent, cute, joyous person who loves writing and wants to share my knowledge and understanding with you.