FreeRADIUS daloRADIUS Debian9

Install FreeRADIUS with daloRADIUS on
Debian 9
By FreeRADIUS+daloRADIUS+Debian9
koromicha
-
January 12, 2019
14
10238
In this guide, we are going to learn how to Install FreeRADIUS with daloRADIUS on Debian 9 stretch.
As you already know, FreeRADIUS is an opensource high performance and highly configurable
RADIUS suite that provides centralized network authentication on systems such as 802.1x (WiFi),
dialup, PPPoE, VPN’s, VoIP, etc. Among the database back-ends that it supports include OpenLDAP,
MySQL, Redis, Microsoft AD, Apache Cassandra, PostgreSQL etc.
daloRADIUS on the other hand is an advanced web application for managing FreeRADIUS server. It
supports various database backends such as MySQL, Sqlite, PostgreSQL, MsSQL, MySQL. It provides
features such as Access Control Lists, support integration with Google Maps for geo-location of
hotspots/access points, graphical reporting…
Install FreeRADIUS with daloRADIUS on Debian 9

Prerequisites
• As a prerequisite, ensure that you have LAMP installed on your Debian 9 server. See our guide
on how to install LAMP stack on Debian 9.
• Install other required PHP extensions
apt install php-mail php-mail-mime php-pear
• Install PHP Pear DB library

pear install DB
You may also want to check our previous guide on how to install FreeRADIUS with daloRADIUS on
Fedora 29.
Install and Configure FreeRADIUS on Debian 9

Update and upgrade your system packages;
apt update
apt upgrade
FreeRADIUS packages are available on the default Debian 9 default repositories and thus can be
installed by running the command below;
apt-get install freeradius freeradius-mysql freeradius-utils
Once the installation is done, FreeRADIUS is running by default. Hence, run the command below to
enable it run on system restart.
systemctl enable freeradius
Open FreeRADIUS UDP port2 1812 and 1813 on UFW.

ufw allow to any port 1812 proto udp
ufw allow to any port 1813 proto udp
ufw reload
You can confirm port opening by running the command below;

ss -alun4 | grep -E '1812|1813'
UNCONN 0 0 *:1812 *:*
UNCONN 0 0 *:1813 *:*
UNCONN 0 0 127.0.0.1:18120 *:*
Stop FreeRADIUS and run it on debugging mode to confirm that it is ready to process the requests.
systemctl stop freeradius
freeradius -X
If all is well, you should be able to see the sample output below;
...
listen {
type = "acct"
ipv6addr = ::
port = 0
limit {
max_connections = 16
lifetime = 0
idle_timeout = 30
}
}
Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Listening on auth address * port 1812 bound to server default
Listening on acct address * port 1813 bound to server default
Listening on auth address :: port 1812 bound to server default
Listening on acct address :: port 1813 bound to server default
Listening on proxy address * port 58656
Listening on proxy address :: port 48643
Ready to process requests
Create FreeRADIUS database and database user. Be sure to grant the database user all the privileges on
FreeRADIUS database.
Login to MySQL as root user.
mysql -u root -p
Create the database and database user.

create database radius;
grant all privileges on radius.* to radius@localhost identified by 'P@ssWORD';
Reload the privileges tables to affect the changes.

flush privileges;
quit
After that, import the FreeRADIUS default database schema located under
/etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql to the RADIUS
database we created above.
mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql
Enable FreeRADIUS SQL module by creating a symbolic link of the sql module under
/etc/freeradius/3.0/mods-available/ to mods-enabled.
ln -s /etc/freeradius/3.0/mods-available/sql /etc/freeradius/3.0/mods-enabled/
Open the enabled SQL module and configure the radius database connection details as shown below;
...
# The dialect of SQL you want to use, this should usually match
# the driver you selected above.
#
# If you're using rlm_sql_null, then it should be the type of
# database the logged queries are going to be executed against.
#dialect = "sqlite"
dialect = "mysql"
# Connection info:
#
server = "localhost"
port = 3306
login = "radius"
password = "P@ssWORD"
# Database table configuration for everything except Oracle

radius_db = "radius"
Locate the line, # read_clients = yes and uncomment it to enable FreeRADIUS server read
clients from database.
...
# Set to 'yes' to read radius clients from the database ('nas' table)
# Clients will ONLY be read on server startup.
read_clients = yes
...
Save the changes and quit configuration file.

Change the ownership user and group of the enabled SQL module (symbolic link) to freerad as shown
below.
chown -h freerad.freerad /etc/freeradius/3.0/mods-enabled/sql
Once that is done, restart the FreeRADIUS service,

systemctl restart freeradius
Install and Configure daloRADIUS on Debian 9

To get the latest version of daloRADIUS, you would have to download the archive from the
Sourceforge downloads page.
Once you have downloaded the archive, run the command below to extract it.
tar -xzf daloradius-0.9-9.tar.gz
Next, you need to move the extracted daloRADIUS folder to the root directory of your web server.
mv daloradius-0.9-9 /var/www/html/daloradius
daloRADIUS ships with its default MySQL tables. You need to import these tables to the FreeRADIUS
database we created above.
mysql -u root -p radius < /var/www/html/daloradius/contrib/db/fr2-mysql-daloradius-
and-freeradius.sql
mysql -u root -p radius < /var/www/html/daloradius/contrib/db/mysql-daloradius.sql
Configure ownership of the daloRADIUS web configuration files to Apache web user as shown below;
chown -R www-data.www-data /var/www/html/daloradius/
Configure the permissions of the daloRADIUS main configuration file to 664 as shown below;
chmod 664 /var/www/html/daloradius/library/daloradius.conf.php
Open the daloRADIUS configuration file for editing and set the database connection parameters.
vim /var/www/html/daloradius/library/daloradius.conf.php
...
$configValues['DALORADIUS_VERSION'] = '0.9-9';
$configValues['FREERADIUS_VERSION'] = '2';
$configValues['CONFIG_DB_ENGINE'] = 'mysqli';
$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radius'; < RADIUS database user
$configValues['CONFIG_DB_PASS'] = 'P@ssWORD'; < radius user password
$configValues['CONFIG_DB_NAME'] = 'radius'; < RADIUS database
...
Be sure to change the value of $configValues['CONFIG_DB_ENGINE'] = 'mysqli'; from
mysql to mysqli lest you get the error, Error Message: DB Error: extension not
found.
Save the configuration file and restart FreeRADIUS.

systemctl restart freeradius
daloRADIUS configuration is done. Now, navigate to the browser and access daloRADIUS using the
address http://server_IP/daloradius. You should land on a login page.
The defualt login password for the default Administrator user is radius.
That is all it takes tonInstall FreeRADIUS with daloRADIUS on Debian 9. Enjoy.

FreeRADIUS daloRADIUS Debian9

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FreeRADIUS daloRADIUS Debian9

Uploaded by

Copyright:

Available Formats

Install FreeRADIUS with daloRADIUS on

Install FreeRADIUS with daloRADIUS on Debian 9

• Install PHP Pear DB library

Install and Configure FreeRADIUS on Debian 9

Open FreeRADIUS UDP port2 1812 and 1813 on UFW.

You can confirm port opening by running the command below;

Create the database and database user.

Reload the privileges tables to affect the changes.

# Database table configuration for everything except Oracle

Save the changes and quit configuration file.

Once that is done, restart the FreeRADIUS service,

Install and Configure daloRADIUS on Debian 9

Save the configuration file and restart FreeRADIUS.

You might also like