Professional Documents
Culture Documents
FreeRADIUS daloRADIUS Debian9
FreeRADIUS daloRADIUS Debian9
Debian 9
By FreeRADIUS+daloRADIUS+Debian9
koromicha
-
January 12, 2019
14
10238
In this guide, we are going to learn how to Install FreeRADIUS with daloRADIUS on Debian 9 stretch.
As you already know, FreeRADIUS is an opensource high performance and highly configurable
RADIUS suite that provides centralized network authentication on systems such as 802.1x (WiFi),
dialup, PPPoE, VPN’s, VoIP, etc. Among the database back-ends that it supports include OpenLDAP,
MySQL, Redis, Microsoft AD, Apache Cassandra, PostgreSQL etc.
daloRADIUS on the other hand is an advanced web application for managing FreeRADIUS server. It
supports various database backends such as MySQL, Sqlite, PostgreSQL, MsSQL, MySQL. It provides
features such as Access Control Lists, support integration with Google Maps for geo-location of
hotspots/access points, graphical reporting…
You may also want to check our previous guide on how to install FreeRADIUS with daloRADIUS on
Fedora 29.
Once the installation is done, FreeRADIUS is running by default. Hence, run the command below to
enable it run on system restart.
systemctl enable freeradius
Stop FreeRADIUS and run it on debugging mode to confirm that it is ready to process the requests.
systemctl stop freeradius
freeradius -X
If all is well, you should be able to see the sample output below;
...
listen {
type = "acct"
ipv6addr = ::
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Listening on auth address * port 1812 bound to server default
Listening on acct address * port 1813 bound to server default
Listening on auth address :: port 1812 bound to server default
Listening on acct address :: port 1813 bound to server default
Listening on proxy address * port 58656
Listening on proxy address :: port 48643
Ready to process requests
Create FreeRADIUS database and database user. Be sure to grant the database user all the privileges on
FreeRADIUS database.
Login to MySQL as root user.
mysql -u root -p
After that, import the FreeRADIUS default database schema located under
/etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql to the RADIUS
database we created above.
mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql
Enable FreeRADIUS SQL module by creating a symbolic link of the sql module under
/etc/freeradius/3.0/mods-available/ to mods-enabled.
ln -s /etc/freeradius/3.0/mods-available/sql /etc/freeradius/3.0/mods-enabled/
Open the enabled SQL module and configure the radius database connection details as shown below;
...
# The dialect of SQL you want to use, this should usually match
# the driver you selected above.
#
# If you're using rlm_sql_null, then it should be the type of
# database the logged queries are going to be executed against.
#dialect = "sqlite"
dialect = "mysql"
# Connection info:
#
server = "localhost"
port = 3306
login = "radius"
password = "P@ssWORD"
Locate the line, # read_clients = yes and uncomment it to enable FreeRADIUS server read
clients from database.
...
# Set to 'yes' to read radius clients from the database ('nas' table)
# Clients will ONLY be read on server startup.
read_clients = yes
...
Next, you need to move the extracted daloRADIUS folder to the root directory of your web server.
mv daloradius-0.9-9 /var/www/html/daloradius
daloRADIUS ships with its default MySQL tables. You need to import these tables to the FreeRADIUS
database we created above.
mysql -u root -p radius < /var/www/html/daloradius/contrib/db/fr2-mysql-daloradius-
and-freeradius.sql
mysql -u root -p radius < /var/www/html/daloradius/contrib/db/mysql-daloradius.sql
Configure ownership of the daloRADIUS web configuration files to Apache web user as shown below;
chown -R www-data.www-data /var/www/html/daloradius/
Configure the permissions of the daloRADIUS main configuration file to 664 as shown below;
chmod 664 /var/www/html/daloradius/library/daloradius.conf.php
Open the daloRADIUS configuration file for editing and set the database connection parameters.
vim /var/www/html/daloradius/library/daloradius.conf.php
...
$configValues['DALORADIUS_VERSION'] = '0.9-9';
$configValues['FREERADIUS_VERSION'] = '2';
$configValues['CONFIG_DB_ENGINE'] = 'mysqli';
$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radius'; < RADIUS database user
$configValues['CONFIG_DB_PASS'] = 'P@ssWORD'; < radius user password
$configValues['CONFIG_DB_NAME'] = 'radius'; < RADIUS database
...
Be sure to change the value of $configValues['CONFIG_DB_ENGINE'] = 'mysqli'; from
mysql to mysqli lest you get the error, Error Message: DB Error: extension not
found.
daloRADIUS configuration is done. Now, navigate to the browser and access daloRADIUS using the
address http://server_IP/daloradius. You should land on a login page.
The defualt login password for the default Administrator user is radius.
That is all it takes tonInstall FreeRADIUS with daloRADIUS on Debian 9. Enjoy.