On this page, you can manage IP address ranges that will be assigned to clients connected through RADIUS.

A new range can be added to the system by clicking on + Add new IP range. Enter a network and its name. Define from which IP address IP addresses are to be offered. You may add reserved IP addresses, which will not be offered (+ Reserve IP address). Choose the type of range you want (static or dynamic). Then, pick a particular locality. Finally, select the router or routers that will use a given IP address range. In practice, it means that when you are creating a Internet service, IP addresses from the pool given will be offered only for those clients that are connected to a particular router. The dynamic pool is used for the dynamic assignment of IP addresses. Finish the process by clicking on Save.

A dynamic range can be assigned to a client here: Client card / page Add or Edit Internet Service / item Client IP Address. The Service Type item must be set to RADIUS. 

In the overview, you can alticon editalt edit and delete individual ranges.

When you hover over any of the items in the Router list column, a list appears of all routers that offer IP addresses from a given range.

On this page, you can define IP address ranges (public addresses) that will be used to NAT clients’ private IP addresses.

A new range can be added to the system by clicking on + Add new IP range. Enter a network and its name. Define from which IP address IP addresses are to be offered. You may add reserved IP addresses, which will not be offered (+ Reserve IP address). Choose a particular locality. Finally, select the router or routers that will use a given IP address range. Finish the process by clicking on Save. 

When you are in the process of adding an Internet service in the Client card, you will be able to enter an IP address (a public address) from the range you have specified. If NAT is enabled, it is automatically done for a client’s private IP address on a given router.

To activate it, it is necessary to set the mikrotik_nat_for_end_user key to 1 in Settings Syst. settings Mikrotik. In the opposite case (value = 0), NAT is not done on the router. When you activate the function, a dstnat and srcnat rule will be added to the router for each client.

/ip firewall nat add action=netmap chain=ispadmin_first_dstnat comment=ispadmin_NAT_1.2.3.4_10.10.0.100 dst-address=1.2.3.4 to-addresses=10.10.0.100
/ip firewall nat add action=netmap chain=ispadmin_last_srcnat comment=ispadmin_NAT_10.10.0.100_1.2.3.4 to-addresses=1.2.3.4 src-address=10.10.0.100

In the overview of NAT IP pools, you can find how many IP addresses there are in a particular subnet and how many of them are used and how many are unused. Individual IP pools can be edited and deleted here.

When you click on a particular item in the Number of engaged IP addresses column in the overview, a list appears of clients and IP addresses assigned to them.