Radius, Mikrotik, Cisco, ChilliSpot, StarOS, pfSense, DD-WRT, DOCSIS (WLAN, PPPoE, VPN, Hotspot, Dialup) ISP billing

DMA Radius Manager billing system

Overview

DMA Radius Manager is a easy to use administration system for Mikrotik, Cisco, StarOS, Chillispot, DD-WRT, pfSense NAS devices and DOCSIS CMTS. It provides centralized authentication, accounting and billing functions.

Feature overview:

RADIUS and DOCSIS account support
Traffic accounting (RADIUS)
Prepaid and postpaid billing, invoicing
Linux mailbox account synchronization
Supporting multiple NAS, CMTS and AP devices
Payment tracking
Financial reports
Prepaid card system
Instant Access Service system (IAS)
Online payment gateway support (PayPal etc.)
Connection Tracking System (CTS)
Wireless and DOCSIS signal monitoring
Account self registration option
Automatic expired account disconnection (RADIUS, DOCSIS)

Screenshots

DMA Radius Manager screenshots are available here.

Basic network diagrams

One of the basic system diagrams is shown on the picture below. Mikrotik device is used as PPP / Hotspot server.

Mikrotik based system
(click the picture for more schematics)

The system consists of the following components:

Mikrotik PPP / Hotspot server: It controls the Hotspot and PPP sessions, sends authentication requests and accounting information to DMA Radius Manager server. Mikrotik host requires at least two interfaces: WAN for connecting to the Internet and LAN for connecting the clients.
Linux server: This server hosts the DMA Radius Manager application, MySQL database, WEB server and optionally an email server. Static routing is required between the Mikrotik and Linux hosts due to the naturity of RADIUS packets (UDP). To realize the easiest IP setup configure both servers in the same subnet. With static, public IP address remote NAS devices are also controllable.

Radius Manager offers a well organised WEB interface for user administration and for other tasks: traffic accounting, tracking the online users, displaying various statistics etc. It is OS independent and accessible with any Javascript enabled WEB browser.

Click here for additional network diagrams.

SMS and email alerts

The system can send SMS and email alerts for users if an account is going to expire. External authenticated SMTP servers are also supported. The SMS gateway glue code is fully customizable in a separate PHP module.

Self registration

Users can register themselves to gain Internet access: user name and mobile number based accounts are supported. Account identity verification is also available (SMS code).

Hotspot login with Instant Access Services (IAS)

With Instant Access Services users can purchase Internet access codes online. IAS payments are realized with the help of online payment gateways (PayPal, Authorize.net, SagePay etc.).

IAS code can be purchased directly on the Hotspot login page as show on the screenshot below:

Mikrotik hotspot login page with Instant Access Services

For unregistered users the following options are available on the Hotspot login page:

Purchase an Instant Access Service
Register a new account

When a user clicks an Instant Access Service, the system redirects him to the payment page where he can complete the order with Credit Card or PayPal. If the transaction succeeded, Radius Manager will displays and email / SMS the IAS PIN code and password.

New user registration is also available on the Hotspot login page. When a user clicks the "Register an account" link, a registration screen will appear. This form can be completed in 2-3 minutes to register and activate a new account.

Accessing the User Control Panel (UCP) is simple, clicking the direct link available on the Hotspot login page.

The explained functions require a properly configured Mikrotik walled garden.

Purchase credits online

DMA Radius Manager accepts online payments for both registered and unregistered (IAS) accounts. The available payment gateways are listed in the table below:

Payment gateway	Availability	Payment type
PayPal Website Payments Standard	Multiple countries	CC and PayPal balance
PayPal Website Payments Pro	UK / US	CC
PayPal Express Checkout	Multiple countries	CC and PayPal balance
Authorize.net	US	CC
SagePay / Netcash	South Africa	CC
Payfast	South Africa	CC
DPS Payment Express	Multiple countries	CC
PayU (former CitrusPay)	India	multiple
Paytm	India	CC
2Checkout	Multiple countries	CC
bKash	Bangladesh	App
Flutterwave	Nigeria	CC
Easypay (Easypaisa)	Pakistan	App / CC
MPESA	Tanzania, Kenya, Burundi, Rwanda, Congo DRC, Uganda	App
Custom (user definable)	Any country	Any type

Prepaid card system

With the integrated prepaid card system DMA Radius Manager is capable for generating and controlling classic prepaid and refill cards. The PIN code and password length is freely definable in the card generator module. The system supports the following cards:

Classic prepaid cards: used for Hotspot / PPP authentication. The PIN code and password are printed on the card.
Refill cards: used to refill an account balance, entering the PIN code in UCP.

The system produces press ready, professionaly looking cards in PDF format. Find an example screenshot here or try the online demo.

Connection Tracking System (CTS)

Connection Tracking System (CTS) is a great feature of DMA Radius Manager: with the help of it the administrators can record the IP connections for authenticated users (TCP, UDP). The system stores the following connection details:

User name
Date and time
Source IP and port
Destination IP and port
Used protocol

The database is fully searchable in Administration Control Panel. The CTS database requires large and fast disks. A typical daily data amount can take 100-500 MB disk space with 200-300 online users.

The CTS setup requires a large HDD (1 TB or more). No need for an external MySQL db server.

RADIUS authentication + Connection Tracking System (CTS) setup

Linux 1 is the DMA Radius Manager server. It uses the local MySQL db engine for storing the RADIUS and CTS databases. Mikrotik 1 is a PPP / Hotspot server with special firewall rule to send the traffic details to Linux 1.

OS compatibility

Radius Manager 4 or newer version require a Linux server with Intel compatible CPU (32 or 64 bit). The recommended OS are: CentOS 5, 6, 7, Ubuntu 10-14 (64 bit version if possible).

Hardware requirements:

CPU 2 GHz+ multi core recommended
2 GB RAM or more
160 GB HDD or more (fast SATA / SCSI RAID array is recommended)
1 TB or more CTS storage area (only for CTS module)

Please note, we don't recommend the usage of virtual servers, due to:

licensing problems
system performance issues

Virtual servers are very slow. DMA Radius Manager running on a virtual server has a low performance and can control 100-200 users only. 95% of customer complaints are caused by the slow virtual servers. A RADIUS based NAS requires real time response from the RADIUS server. If the RADIUS server response is too slow, the clients will get RADIUS timeout error or Authentication error (they will not be able to log in). Always install DMA Radius Manager on a native server, except if You have a really small user base (100-200 accounts max).

If You have a non standard Linux system, please contact us first. We'll install a demo version on your server to be 100% sure your host will work properly later in a live environment.

NAS compatibility

Functionality	Mikrotik 2.9 - 7.x	Cisco	StarOS	*Chillispot	DD-WRT	pfSense	Protocol
Authentication / accounting							Hotspot
Automatic disconnection of expired accounts
Data rate management
Static IP address
MAC authentication
Authentication / accounting							PPPoE
Automatic disconnection of expired accounts
Data rate management
Static IP address
Authentication / accounting							PPtP
Automatic disconnection of expired accounts
Data rate management
Static IP address
Authentication / accounting							L2tP
Automatic disconnection of expired accounts
Data rate management
Static IP address
Authentication / accounting							OpenVPN
Automatic disconnection of expired accounts
Data rate management
Static IP address
RADIUS Access List support			**				WiFi
MAC authentication / accounting
WPA/WPA2-PSK 802.1x authentication / accounting

Chillispot v1.1 running on a Linux server
**StarOS has limited RADIUS Access List compatibility

DOCSIS support

Radius Manager DOCSIS version is capable for controlling DOCSIS compliant CMTS and cable modem based network.

The system is DHCP based; it manages DHCP server records automatically (CPE and CM entries). The available functions are:

WEB based account and service management
Detailed overview of registered cable modems
Multiple CMTS support
Data rate control
Account expiry control; automatically disables the expired accounts (*)
Postpaid and prepaid service plans
Connection Tracking System (CTS)
Cable modem traffic, signal quality monitoring and graphing
CM latency graphing
TFTP boot file template (web based service plan editor) and fully customizable TFTP boot file support

*Automatic disconnection is available for date capped DOCSIS accounts.

DOCSIS cable modem TFTP boot files are generated automatically. The administrator defines the cable service as a regular RADIUS service. Data rates can be entered directly in the WEB form. The system uses a predefined DOCSIS TFTP boot file template for generating the boot file which is customizable globally or per service.

CMTS compatibility

DMA Radius Manager DOCSIS system supports both router and bridge mode CMTS devices.

The system is compatible with the most widely used DOCSIS 2-3 CMTSs: Cisco UBR series, Motorola BSR series, Arris, Juniper etc.

	Key features

	WEB interface. Easy to use and always available multi lingual WEB interface. Fully separated code and design. You can easily customize the GUI to fit your needs. Compatibility.100% compatible with FreeRadius and Mikrotik router OS v 2.7 and newer. MySQL database integration. Utilizes a free MySQL database engine which is a part of every Linux distribution. Account management. All operations are realizable using the WEB GUI. RADIUS and DOCSIS account support. Control multiple NAS and CMTS devices and DOCSIS compliant cable modems. Traffic statistics. You can easily track the user's traffic on a yearly, monthly and daily basis. Users Control Panel. Users can track their traffic, used and remaining MegaBytes, online time, they can change their RADIUS and Linux password, purchase credits online etc. Online users list. Detailed list of the connected users. Find users easily. Search the database by various criterias. Payment tracking. Users and resellers can track the payments and generate reports. IP connection tracking. CTS module logs the source and destination IP addresses, ports, the used protocol, date and time... Services. You can group the accounts using freely definable services and user groups. Clear design. Clear and logical design helps You to control thousands of accounts easily. Accept payments online. Accept Credit Cards online. Multiple payment gateways are supported (PayPal, Authorize.net, SagePay, DPS Express Payments etc.).

	Online demo

	Administration Control Panel (ACP) User name: admin Password: 1111 User Control Panel (UCP) User name: user Password: 1111 Self registration Purchase Instant Access Service Please note, the online demo system contains fictive user data for demonstration purposes only. All changes made to the database will be reset every hour.

	Software awards

	Testimonials

	Thanks very much for you help. I am very happy and I must say the website does not lie, you must have the best support for your product out there, I have never come across better support for any other product, I would like to buy you a beer but we are a few thousand kilometres apart! Matthew Harrison We have dealt with more than 20 companies through the Internet and we did not really find technical support for any service at this speed. I am delighted that the deal with DMA Softlab. Thank you very much! Ahmed Adel Just like to say your response and support is unbelievable, keep up the good work. Rolf Bartels

Our partners