RADIUSdesk

Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
user_guide:mikrotik:openwrt_rb750gr3_coova [2021/02/16 13:57] – created adminuser_guide:mikrotik:openwrt_rb750gr3_coova [2021/03/15 09:09] (current) – [Edit Coova Chilli config file] admin
Line 5: Line 5:
   * We assume you have a Router freshly flashed with this built of OpenWRT   * We assume you have a Router freshly flashed with this built of OpenWRT
  
-===== The concept =====+===== The Concept ===== 
 +  * We will connect the Internet to the Internet port of the RB750 (Port1) 
 +  * We will then configure Coova to run on the LAN side (Ports 2-5) which is where OpenWRT typically used to run its DHCP service and have a gateway at 192.168.1.1 
 +  * Because Coova will now remove the IP Address on the LAN side we have to open the firewall on the WAN side for us to still reach the device even with the captive portal in place and running. 
 + 
 +===== Opening the Firewall on WAN side ===== 
 +  * The firewall rules are defined in **/etc/config/firewall** 
 +  * Edit this file and add the following items at the bottom 
 +  * Opening for Luci is optional 
 +<code bash> 
 + 
 +config rule 
 +    option name 'Allow-SSH' 
 +    option target ACCEPT 
 +    option src 'wan' 
 +    option dest_port '22' 
 +    option proto 'tcp' 
 +    option family 'ipv4' 
 + 
 +config rule 
 +    option name 'Allow-Luci' 
 +    option target ACCEPT 
 +    option src 'wan' 
 +    option dest_port '80' 
 +    option proto 'tcp' 
 +    option family 'ipv4' 
 + 
 +</code> 
 +  * Save the changes and reboot the router. 
 +  * See if you can access the device from the WAN port. 
 + 
 +===== Edit Coova Chilli config file ===== 
 +  * Coova Chilli is configured by the  **/etc/config/chilli** file. 
 +  * Take this file as a reference and modify where needed. 
 +<file bash chilli> 
 +config chilli 
 +    # option disabled 0     
 +    option radiusnasid "ZA-OpenWRT-MT1" 
 +    option radiussecret "testing123" 
 +    option uamsecret "greatsecret" 
 +     
 +    # Radius parameters (change to the one for your provider) 
 +    option radiusserver1 43.200.100.192 
 +    option dhcpif br-lan  
 +    option dns1 8.8.8.8 
 +    option dns2 8.8.4.4 
 +        
 +    option tundev         'tun0' 
 +    option net 10.1.0.0/16 # For 1000 addresses. Default is 182/24 subnet 
 +    option uamlisten 10.1.0.1 # keep it at 182.1 despite the 180/22 subnet 
 +     
 +    #Add this for the miniportal for proper captive portal detection on Apple 
 +    option uamhomepage "http://10.1.0.1:3990/www/coova.html" 
 +    option wwwdir "/etc/chilli/www" 
 + 
 +    # Universal access method (UAM) parameters 
 +    option uamserver "http://hotspot.radiusdesk.com/cake3/rd_cake/dynamic-details/chilli-browser-detect/" 
 +    option uamport 3990 
 +    option ssid                   demo1 
 +     
 +    # Various debug and optimization values 
 +    option swapoctets 1 # swap input and output octets 
 +    option interval 3600 # config file and host lookup refresh 
 +     
 +     
 +    # Add the chilli firewall rules 
 +    option ipup '/etc/chilli/up.sh' 
 +    option ipdown '/etc/chilli/down.sh' 
 +     
 +</file> 
 +  * Save the changes and reboot the router. 
 +  * After the reboot you should be redirected to a login page from RADIUSdesk when you connect to any of the ports on the LAN side. 
 + 
  
  
Last modified: 2021/02/16 13:57