FREERADIUS, MYSQL & DALORADIUS SERVER ON UBUNTU 18 & ABOVE
FreeRADIUS is an open source application that allows network to authenticate users who want to access network resources, such as the internet. It was built in the dial-up era to manage users and keep track of the bandwidth usage by each connection for billing purposes. RADIUS, which stands for “Remote Authentication Dial-In User Service“, is a network protocol used for remote user authentication and accounting. It provides AAA services; namely Authorization, Authentication, and Accounting. It is fast to set up and many networking programs like OpenVPN, SotfEther, Squid proxy and wifi managing tools can be integrated with FreeRADIUS.
root@snet[~]# sudo apt -y install freeradius freeradius-mysql freeradius-utilsroot@snet[~]# sudo nano /etc/freeradius/3.0/radiusd.confOn line 313 change auth_badpass = no to auth_badpass = yes
On line 314 change auth_goodpass = no to auth_goodpass = yes
Save file and exit. (Press CTRL + X, press Y and then press ENTER)
DATABASE CREATION AND CONFIGURATION FOR FREERADIUS
INSTALLATION OF MYSQL SERVER
root@snet[~]# sudo apt-get -y install mysql-server mysql-clientroot@snet[~]# mysql_secure_installationEnter password for user root: <– Enter the MySQL root password
Change the password for root? (Press y|Y for Yes, any other key for No): <– n
Disallow root login remotely? (Press y|Y for Yes, any other key for No) : <– y
Remove test database and access to it? (Press y|Y for Yes, any other key for No) : <– y Reload privilege tables now? (Press y|Y for Yes, any other key for No) : <– y
root@snet[~]# sudo mysql -u root -proot@snet[~]# CREATE DATABASE radius;root@snet[~]# mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sqlroot@snet[~]# sudo nano /etc/freeradius/3.0/mods-enabled/sqlYour sql section should look similar to below.
sql {
driver = "rlm_sql_${dialect}"
dialect = "mysql"
# Connection info:
server = "localhost"
port = 3306
login = "radius"
password = "Str0ngR@diusPass"
# Database table configuration for everything except Oracle
radius_db = "radius"
}
# Set to ‘yes’ to read radius clients from the database (‘nas’ table)
# Clients will ONLY be read on server startup.
read_clients = yes
# Table to keep radius client info
client_table = "nas"Save file and exit. (Press CTRL + X, press Y and then press ENTER)
root@snet[~]# nano /etc/freeradius/3.0/mods-config/sql/main/mysql/queries.confUncomment default_user_profile = “DEFAULT”
Save file and exit. (Press CTRL + X, press Y and then press ENTER)
root@snet[~]# nano /etc/freeradius/3.0/sites-available/defaultAt authorize change -sql to sql at accounting change -sql to sql
Save file and exit. (Press CTRL + X, press Y and then press ENTER)
root@snet[~]# systemctl stop freeradiusroot@snet[~]# freeradius -Xroot@snet[~]# ps aux | grep radiroot@snet[~]# kill -9 25042root@snet[~]# systemctl start freeradiusroot@snet[~]# systemctl enable freeradiusroot@snet[~]# systemctl restart freeradius.serviceINSTALL AND CONFIGURE DALORADIUS
INSTALLATION OF APACHE2 SERVER
root@snet[~]# sudo apt-get -y install apache2root@snet[~]# sudo apt-get install php7.3-dbroot@snet[~]# cd /var/www/htmlroot@snet[~]# wget https://sourceforge.net/projects/daloradius/files/latest/downloadroot@snet[~]# unzip master.ziproot@snet[~]# mv daloradius-master daloradiusroot@snet[~]# cd daloradiusroot@snet[~]# sudo mysql -u root -p radius < contrib/db/fr2-mysql-daloradius-and-freeradius.sqlroot@snet[~]# sudo mysql -u root -p radius < contrib/db/mysql-daloradius.sqlroot@snet[~]# sudo chown -R www-data:www-data /var/www/html/daloradius/root@snet[~]# sudo chmod 664 /var/www/html/daloradius/library/daloradius.conf.phproot@snet[~]# sudo nano /var/www/html/daloradius/library/daloradius.conf.phpAdjust the MySQL database information
$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radius';
$configValues['CONFIG_DB_PASS'] = 'Str0ngR@diusPass';
$configValues['CONFIG_DB_NAME'] = 'radius';
Save file and exit. (Press CTRL + X, press Y and then press ENTER)
root@snet[~]# sudo systemctl restart freeradius.service apache2Open Admin link using your system IP address or domain name:
http://ip-address/daloradius/login.php
A page like this will appear:
Default login details are:
Username: administrator
Password: radius
root@snet[~]# sudo tail -f /var/log/freeradius/radius.log
