As requested by few OP, following is a short technical reference guide on how you can enable TCP/UDP connections in Mikrotik to be stored in Radius manager connection tracking database so that you can view user base connection tracking report. In my personal view, it’s not much useful and at low end hardware it creates bottleneck, but if you have good resources with some fast storage (like SSD or RAID-10) it is better to set it up.
CTS is best described in the manual by dmasoftlab manual as mentioned below
Radius Manager has a special feature: the Connection Tracking System. It is available only in Radius Manager CTS version or higher. With the help of it the system can track and log all the TCP and UDP connections for all registered (online) users.
By default when You install the CTS enabled version of Radius Manager, it will use the default CTS database (CONNTRACK). It is strongly recommended to use a separate database host for the CONNTRACK database, due to the enormous amount of data stored daily. It can be even a 100-500 MegaBytes (and in my personal experience it can grow as much as 3-5 GB on busy network, ZAIB) per day. Fast disks (like SSD in RAID 10 mode, zaib) are also recommended to be able to seek and store the data in real time. Radius Manager periodically stores the traffic data to CONNTRACK database (typically in
every 5–60 seconds).
Mikrotik (6.x) Configuration to enable Firewall Logging to remote server (RM)
If you have already configured the radius manager, then the conntrack database also get configured via the installation script. Next step is to enable the firewall logging in the mikrotik router so that mikrotik can send the categorized TCP/UDP data to radius manager conntrack database.
In mikrotik, open terminal and issue following commands …
In below example, we have following IP scheme.
PPPoE users ip pool = 172.16.0.1-172.16.0.255
Radius Manager IP = 188.8.131.52
/ip firewall filter add chain=forward src-address=172.16.0.1-172.16.0.255 protocol=tcp connection-state=new action=log /ip firewall filter add chain=forward src-address=172.16.0.1-172.16.0.255 protocol=udp connection-state=new action=log /system logging action add name=rmctszaib remote=184.108.40.206 target=remote remote-port=4950 /system logging add topics=firewall action=rmctszaib
If you don’t see any errors , you are good to Go.
RADIUS MANAGER SECTION:
1. Radius Manager should be licensed with CTS level. Basic license wont gonna work ..
2. Make sure that RMCONNTRACK service is UP and running.To make sure it’s running , get its process by
ps aux |grep rmconntrack
and you should get result something like following
root@radius:/# ps aux |grep rmconntrack
root xxxx 0.0 0.0 xxxxxx xxx ? Ssl 13:22 0:00 /usr/local/bin/rmconntrack
if you see its running, proceed further , otherwise you may start it manually by
Now login to RM ACP > Reports > Connection Report
Here you can get report for all or individual user.
As showed in the image below …