You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

Introduction

The introduction of the container feature into the RouterOS made it possible to run all kinds of servers for all sorts of tasks inside the router. This is especially relevant for people, who want to reduce the number of devices in their network. Instead of running a server on a separate device/machine, why not run it inside the router?

Radius is short for Remote Authentication Dial-In User Service. RouterOS has a RADIUS client feature supported that can authenticate for HotSpot, PPP, PPPoE, PPTPL2TP, and ISDN connections. Basically, this feature allows you to connect RouterOS to a Radius Server, and then, utilize the user database from the server for client authentication.

In our example, we will showcase freeradius/freeradius-server image installation.

Summary

Sub-menu: /container

note: container package is required.

Make sure to study our container guide before proceeding with the configuration. Make sure to check the disclaimer and requirements sections to understand all the risks and necessary steps you might be required to do.

At the time, when the guide was published, the image was available for linux/amd64 OS/architecture only. Meaning, you are not able to run this scenario on our arm32-bit and arm64-bit architecture RouterOS devices.

You can only run it on Cloud Hosted Router (CHR).

To help you set up a CHR in a Virtual Box, please check our youtube tutorial.

Configuration

Container mode

Enable container mode:

/system/device-mode/update container=yes

You will need to confirm the device-mode with a cold reboot if using the container on X86.

Networking

Add veth interface for the container:

/interface/veth/add name=veth8 address=172.17.0.2/24 gateway=172.17.0.1

Create a bridge for the container, assign an IP network to it, and add veth to the bridge:

/interface/bridge/add name=dockerfreeradius
/ip/address/add address=172.17.0.1/24 interface=dockerfreeradius
/interface/bridge/port add bridge=dockerfreeradius interface=veth8

Setup NAT for outgoing traffic if required:

/ip/firewall/nat/add chain=srcnat action=masquerade src-address=172.17.0.0/24

Getting image

To simplify the configuration, we will get the image from an external library but you can also import it via the .tar file.

Make sure that you have "Registry URL" set accordingly, limit RAM usage (if necessary), and set up a directory for the image:

/container/config/set registry-url=https://registry-1.docker.io tmpdir=pull

Pull image:

/container/add remote-image=freeradius/freeradius-server:latest interface=veth8 root-dir=freeradius

After running the command, RouterOS should start "extracting" the package. Check "File System" for newly created folders and monitor container status with the command /container/print.


  • No labels