Guru's Verification engine ensures consistency, confidence, and trust in the knowledge your organization shares. Learn more.

MikroTik RADIUS Configuration

Introduction

This page is to show step-by-step instructions for the correct way to configure the MikroTik Routers for RADIUS authentication with Microsoft 365 credentials. Before this can be done successfully the MikroTik Management and MikroTik Firewall Rules need to be properly setup on the device.

Interface Lists

RADIUS

Provisioning

Due to the Shared Secret having special characters it is easier to provision the RADIUS configuration through the Winbox GUI, so for this example that will be the only way shown.

To begin select the RADIUS tab on the left-hand side of the Winbox screen, this will open the "RADIUS" window. Once there select the blue + in the upper left-hand corner, which will open the "New RADIUS Server" window.

In the "New RADIUS Server" window select the check box next to login put the address of the RADIUS server, 10.7.17.10, in the Address field. Place the Shared Secret (found in LastPass in the Shared-NEO Mysteries folder) in the Secret field. Lastly, put the 192.168.21.0/24 address for the specific MikroTik in the Src. Address field. It should look like this. Then select the OK button.

You will now see it in the "RADIUS" window.

Next go select the System tab on the left-hand side, it will open a drop down and you will select Users. This will open the "User List" window. Select the AAA button and it will open the "Login Authentication&Accounting" window, select the check box next to Use RADIUS then select the OK button.

Testing RADIUS Rules

Once you have completed all the steps you can test by disconnecting your Winbox instance and attempting to login to the 192.168.21.0/24 IP for that MikroTik with your Microsoft 365 Username and Password.

You must have Author or Collection Owner permission to create Guru Cards. Contact your team's Guru admins to use this template.