Implementing AAA through Freeradius with MySQL on Ubuntu Server 12.04 LTS with daloRadius Management

1. Login as root or super user

1: sudo su

2. Install the necessary applications 1: apt-get install mysql-client mysql-server 2: apt-get install freeradius freeradius-utils freeradius-mysql 3: apt-get install php5 php-pear php5-gd php-DB

3. Open users file

1: sudo nano etc/freeradius/users Edit the /etc/freeradius/users file, uncomment the following

1: steve Cleartext-Password := testing 2: Service-Type = Framed-User, 3: Framed-Protocol = PPP, 4: Framed-IP-Address = 192.168.26.3, 5: Framed-IP-Netmask = 255.255.255.0, 6: Framed-Routing = Broadcast-Listen, 7: Framed-Filter-Id = std.ppp, 8: Framed-MTU = 1500, 9: Framed-Compression = Van-Jacobsen-TCP-IP

4. Restart freeradius service

1: service freeradius restart

5. Test Locally 1: radtest steve testing localhost 1812 testing123

If rad_recv returned Access-Accept, it proved that the installation was successful. Then commented out the above in the /etc/freeradius/users file

1: 2: rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, 3: id=115, length=71 4:

Configure Freeradius for MySQL

1. Open sql.conf 1: nano /etc/freeradius/sql.conf

Change the 38th line 1: login = root

Change the 39th line 1: password = sqlrootpassword

Uncomment the 100th line 1: readclients = yes

2. Open radiusd.conf

1: nano /etc/freeradius/radiusd.conf Change the 544th line

1: proxy_requests = no

Change the 683rd line 1: $INCLUDE sql.conf

3. Open default file

1: nano /etc/freeradius/sites-available/default In section authorize, comment out line 152nd

1: #files Uncomment the 159th line

1: sql In section preactt, comment out line 354th

1: #files In section accounting, uncomment the 388th line

1: sql

4. Open inner-tunnel file 1: sudo nano /etc/freeradius/sites-enabled/inner-tunnel

In section authorize, comment out line 124th 1: #files

Uncomment the 131st line 1: sql

5. Open clients.conf

1: nano /etc/freeradius/clients.conf Add the following lines

1: client 192.168.26.0/24 { 2: secret = usersecret 3: shortname = private 4: }

6. Create database radius

1: mysql u root psqlrootpassword 2: mysql>create database radius; 3: mysql>exit

Create tables for radius database

1: mysql -u root psqlrootpassword radius < /etc/freeradius/sql/mysql/schema.sql

2: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/nas.sql

3: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/cui.sql

4: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/ippool.sql

5: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/wimax.sql

6: mysql -u root psqlrootpassword radius < /etc/ freeradius /sql/mysql/admin.sql

7. Add a test user

1: sudo mysql -u root psqlrootpassword 2: mysql> use radius; 3: mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES

(usertest, Password, passwordtest);

8. Test MySQL Radius

1: radtest usertest passwordtest localhost 1812 testing123 daloRadius

1. Download daloRadius 1: wget

http://sourceforge.net/projects/daloradius/files/daloradius/daloradius-0.9-8/daloradius-0.9-8.tar.gz

2. Extract the daloradius.tar.gz archive to /var/www 1: tar -zxvf daloradius-0.9-8.tar.gz 2: mv daloradius-0.9-8 daloradius 3: sudo cp daloradius/ /var/www R

3. Setting Permission

1: sudo chown www-data:www-data /var/www/daloradius -R 2: sudo chmod 644 /var/www/daloradius/library/daloradius.conf.php

4. Database Setup

1: mysql -u root -p radius < fr2-mysql-daloradius-and-freeradius.sql

5. Database connection setup 1: cd /var/www/daloradius/library/ 2: sudo nano -w daloradius.conf.php

6. Edit the following lines

1: $configValues['FREERADIUS_VERSION'] = '2'; 2: $configValues['CONFIG_DB_PASS'] = 'password'; 3: $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';

7. Installation Complete

Surf to http://your ip address/daloradius Login to the management: username: administrator password: radius