implementing aaa through freeradius with mysql on ubuntu server 12
DESCRIPTION
Implementing AAA through Freeradius with MySQL on Ubuntu Server 12TRANSCRIPT
-
Implementing AAA through Freeradius with MySQL on Ubuntu Server 12.04 LTS with daloRadius Management
1. Login as root or super user
1: sudo su
2. Install the necessary applications 1: apt-get install mysql-client mysql-server 2: apt-get install freeradius freeradius-utils freeradius-mysql 3: apt-get install php5 php-pear php5-gd php-DB
3. Open users file
1: sudo nano etc/freeradius/users Edit the /etc/freeradius/users file, uncomment the following
1: steve Cleartext-Password := testing 2: Service-Type = Framed-User, 3: Framed-Protocol = PPP, 4: Framed-IP-Address = 192.168.26.3, 5: Framed-IP-Netmask = 255.255.255.0, 6: Framed-Routing = Broadcast-Listen, 7: Framed-Filter-Id = std.ppp, 8: Framed-MTU = 1500, 9: Framed-Compression = Van-Jacobsen-TCP-IP
4. Restart freeradius service
1: service freeradius restart
5. Test Locally 1: radtest steve testing localhost 1812 testing123
If rad_recv returned Access-Accept, it proved that the installation was successful. Then commented out the above in the /etc/freeradius/users file
1: 2: rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, 3: id=115, length=71 4:
Configure Freeradius for MySQL
1. Open sql.conf 1: nano /etc/freeradius/sql.conf
Change the 38th line 1: login = root
Change the 39th line 1: password = sqlrootpassword
Uncomment the 100th line 1: readclients = yes
2. Open radiusd.conf
1: nano /etc/freeradius/radiusd.conf Change the 544th line
1: proxy_requests = no
-
Change the 683rd line 1: $INCLUDE sql.conf
3. Open default file
1: nano /etc/freeradius/sites-available/default In section authorize, comment out line 152nd
1: #files Uncomment the 159th line
1: sql In section preactt, comment out line 354th
1: #files In section accounting, uncomment the 388th line
1: sql
4. Open inner-tunnel file 1: sudo nano /etc/freeradius/sites-enabled/inner-tunnel
In section authorize, comment out line 124th 1: #files
Uncomment the 131st line 1: sql
5. Open clients.conf
1: nano /etc/freeradius/clients.conf Add the following lines
1: client 192.168.26.0/24 { 2: secret = usersecret 3: shortname = private 4: }
6. Create database radius
1: mysql u root psqlrootpassword 2: mysql>create database radius; 3: mysql>exit
Create tables for radius database
1: mysql -u root psqlrootpassword radius < /etc/freeradius/sql/mysql/schema.sql
2: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/nas.sql
3: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/cui.sql
4: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/ippool.sql
5: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/wimax.sql
6: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/admin.sql
7. Add a test user
1: sudo mysql -u root psqlrootpassword 2: mysql> use radius; 3: mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES
(usertest, Password, passwordtest);
-
8. Test MySQL Radius
1: radtest usertest passwordtest localhost 1812 testing123 daloRadius
1. Download daloRadius 1: wget
http://sourceforge.net/projects/daloradius/files/daloradius/daloradius-0.9-8/daloradius-0.9-8.tar.gz
2. Extract the daloradius.tar.gz archive to /var/www 1: tar -zxvf daloradius-0.9-8.tar.gz 2: mv daloradius-0.9-8 daloradius 3: sudo cp daloradius/ /var/www R
3. Setting Permission
1: sudo chown www-data:www-data /var/www/daloradius -R 2: sudo chmod 644 /var/www/daloradius/library/daloradius.conf.php
4. Database Setup
1: mysql -u root -p radius < fr2-mysql-daloradius-and-freeradius.sql
5. Database connection setup 1: cd /var/www/daloradius/library/ 2: sudo nano -w daloradius.conf.php
6. Edit the following lines
1: $configValues['FREERADIUS_VERSION'] = '2'; 2: $configValues['CONFIG_DB_PASS'] = 'password'; 3: $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';
7. Installation Complete
Surf to http://your ip address/daloradius Login to the management: username: administrator password: radius