Andrew Pakpahan: Installing and Conguring Fre...

Plus

http://andrewpakpahan.blogspot.com/2012/08/inst...

Blog suivant

Crer un blog

Connexion

Andrew Pakpahan
My Thoughts, My Ideas, My Experiences, My Friends
Sunday, August 19, 2012

Labels

Installing and Configuring Freeradius + MySQL and

Daloradius + MySQL on Ubuntu Server 12.04 for Mikrotik
Hotspot/PPoE/PPTP (updated)

apple (4)

Installing and Configuring Freeradius

Fedora Core (8)

The first step is to Install Freeradius (ensure you already update your apt with apt-update)
$sudo apt-get install freeradius
* Starting FreeRADIUS daemon freeradius

Bandwidth Management (2)

Bandwidthd (1)

Gak Penting (1)

Google Chrome (2)

[ OK ]

Setting up freeradius-utils (2.1.10+dfsg-3build2) ...

Info (4)

Then prepare the database for freeradius. Create database radius and assign username and
password for accessing it.

LAMP (1)

# mysql -u root -p

Mail Server (3)

Linux (12)

Enter password:
Welcome to the MySQL monitor.

Mikrotik (1)

Commands end with ; or \g.

Your MySQL connection id is 51

MyExperiences (12)

Server version: 5.5.24-0ubuntu0.12.04.1 (Ubuntu)

Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.

MySQL (1)
Network (9)

Oracle is a registered trademark of Oracle Corporation and/or its

New technologies (8)

affiliates. Other names may be trademarks of their respective

owners.

Security (1)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> create database radius;

mysql> grant all on radius.* to radius@localhost identified by "thepassword";
Query OK, 0 rows affected (0.00 sec)

Server (9)
Ubuntu (2)
Virus (1)

The next step was to insert the database schema and I realized that I could not find the database
scheme in /etc/freeradius.

Blog Archive
Obviously I should install freeradius-mysql package first.

2012 (5)
September (1)

#apt-get install freeradius-mysql

Setting up freeradius-mysql (2.1.10+dfsg-3build2) ...
* Reloading FreeRADIUS daemon freeradius

[ OK ]

August (2)
How to enable MySQL
remote access on
Ubuntu Server...

Then insert the database scheme

# mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql
Enter password:
# mysql -u root -p radius < /etc/freeradius/sql/mysql/nas.sql

Installing and
Configuring Freeradius
+ MySQL and ...

Enter password:

May (2)
Now we try to insert new user for testing purpose in database.

2011 (2)
# mysql -u root -p

2010 (5)

Enter password:
Welcome to the MySQL monitor.

Commands end with ; or \g.

Your MySQL connection id is 72

Server version: 5.5.24-0ubuntu0.12.04.1 (Ubuntu)

1 sur 9

2009 (3)
2008 (18)

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

2007 (19)
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.

2006 (9)
2005 (14)

Oracle is a registered trademark of Oracle Corporation and/or its

affiliates. Other names may be trademarks of their respective
owners.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

mysql> use radius;

Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('sqltest', 'Password',
'testpwd');
Query OK, 1 row affected (0.04 sec)

mysql> exit
Bye

The next step is we need to configure the Freeradius files.

Edit /etc/freeradius/sql.conf file. Setting database type, login and password that we already setup
before.
# vim /etc/freeradius/sql.conf

database = mysql
login = radius
password = thepassword

readclients = yes

Then edit the /etc/freeradius/sites-enabled/default file

# vim /etc/freeradius/sites-enabled/default

Uncomment sql on authorize{}

# See Authorization Queries in sql.conf
sql

Uncomment sql on accounting{}

# See Accounting queries in sql.conf
sql

Uncomment sql on session{}

# See Simultaneous Use Checking Queries in sql.conf
sql

Uncomment sql on post-auth{}

# See Authentication Logging Queries in sql.conf
sql

Then we edit /etc/freeradius/radiusd.conf file

# vim /etc/freeradius/radiusd.conf

#Uncomment #$INCLUDE sql.conf

$INCLUDE sql.conf

To test our configuration, first we must stop the freeradius service (if already running)
# /etc/init.d/freeradius stop
* Stopping FreeRADIUS daemon freeradius

[ OK ]

Then run this command to run freeradius in debugging mode. If there is no error, you are good to
go.
#freeradius -X

2 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

On a new shell or window we tested the connection

Live Trac Feed

$ radtest sqltest testpwd localhost 18128 testing123

Sending Access-Request of id 65 to 127.0.0.1 port 1812
User-Name = "sqltest"
User-Password = "testpwd"
NAS-IP-Address = 127.0.1.1
NAS-Port = 18128
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=65, length=20

The test running well with Accept response from the server.
To enable Mikrotik device to access our server we need to add client in clients.conf file.
#vim /etc/freeradius/clients.conf

client 10.0.0.0/8 {

secret = testingpassword
shortname = testing
nastype= mikrotik
}

*note: we need to stop freeradius -X and then running it again to test our configuration
Update (Jan 27, 2013): If we want to add specific value for Mikrotik, we need to add mikrotik
dictionary
#vim /etc/freeradius/dictionary

Then add this line below

$INCLUDE

/usr/share/freeradius/dictionary.mikrotik

Mikrotik Configuration
We need to configure our Mikrotik devices to use our new radius server. We need to login to
Mikrotik device and configure the radius in Radius menu.
Below image is an example of our configuration.

A visitor from
Cotonou, Littoral
viewed "Andrew
Pakpahan: Installing
and Conguring
Freeradius +
MySQL
A visitorand
from
Daloradius
Madagascar+viewed
MySQL
Ubuntu
Pakpahan:
"Andrewon
Server
12.04
Installing
andfor
Mikrotik
Conguring
Hotspot/PPoE/PPTP
Freeradius +
(updated)"
6 secs
MySQL
A visitorand
from
ago
Daloradius
+
Cotonou, Littoral
MySQL
on
Ubuntu
viewed "Andrew
Server
12.04
for
Pakpahan:
Installing
Mikrotik
and
Conguring
Hotspot/PPoE/PPTP
Freeradius +
(updated)"
33 mins
MySQL
A visitorand
from
ago
Daloradius
+
Islamabad viewed
MySQL
Ubuntu
Pakpahan:
"Andrewon
Server 12.04
Installing
andfor
Mikrotik
Conguring
Hotspot/PPoE/PPTP
Freeradius +
A visitorand
from
(updated)"
43 mins
MySQL
Indramayu,
Jawa
ago
Daloradius
+
Barat viewed
MySQL
on Ubuntu
Pakpahan:
"Andrew
Server
12.04
for
Membatasi
voucher
Mikrotik
A visitor from
hotspot
mikrotik
Hotspot/PPoE/PPTP
Curitiba,
Parana
berdasarkan
waktu
(updated)"
1 hr
16
viewed
"Andrew
aktif"
1
hr
28
mins
mins ago Installing
Pakpahan:
ago
and Conguring
Freeradius +
MySQL
A visitorand
from
Daloradius
+
Chicago, Illinois
MySQL
on Ubuntu
viewed "Andrew
Server
12.04
forto
Pakpahan:
How
Mikrotik
enable MySQL
Hotspot/PPoE/PPTP
remote
A
visitoraccess
from on
(updated)"
1 hr 38
Ubuntu
Server
Tunisia
viewed
mins ago
12.04"
2 hrs
15 mins
Pakpahan:
"Andrew
ago
Installing and
Conguring
Freeradius +
A visitorand
from
MySQL
Yerevan viewed
Daloradius
+
Pakpahan:
"Andrewon
MySQL
Ubuntu
How
to 12.04
enablefor
Server
A visitor
from
SNMP
Monitoring
Mikrotik
Yerevan
viewed
on
Ubuntu
Server
Hotspot/PPoE/PPTP
Pakpahan:
"Andrew 2
12.04.2"
hrs
3432
(updated)"
2 hrs
How
to
enable
mins
ago
mins ago
Real-time
view Menu

*Note: we increase timeout settting to 3000ms to enable invalid login notifications. (not working
with default 300ms)
Daloradius Installation

3 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

First, we need to download daloradius file

$wget http://downloads.sourceforge.net/project/daloradius/daloradius/daloradius0.9-9
/daloradius-0.9-9.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fdaloradius%2Ffiles%2F&
ts=1345296201&use_mirror=nchc

Rename and extract the file

# tar xvfz daloradius-0.9-9.tar.gz
# mv daloradius-0.9-9 daloradius

Move the file to the web server directory. In this case I use apache on Ubuntu so the location is at
/var/www
# mv daloradius-0.9-9 daloradius
# mv daloradius /var/www

Then we need to setup the database. Because already setup the freeradius using MySQL, so we
don't need new database. All we need to do is to import the daloradius scheme into our existing
radius database.
# cd /var/www/daloradius/contrib/db
# mysql -u root -p radius < mysql-daloradius.sql

After database successfully altered, we need to configure the daloradius setting.

#vim /var/www/daloradius/library/daloradius.conf.php

Change the database password

$configValues['CONFIG_DB_PASS'] = 'thepassword';

Then we can try to access daloradius using http://ipaddressoftheserver/daloradius

*Note: In my installation, i had a problem because I didn't have php5-gd php-pear and php-db
packages installed on my Ubuntu server.
To deal with this problem you can install the packages using
# apt-get install php5-gd php-pear php-db

References,
Mastaqim (2012), http://www.mastaqim.web.id/2012/08/install-freeradius-mysql-ubuntu-server.html
Daud (2012), http://daud.rasadigital.com/install-daloradius-di-ubuntu-server/

Posted by Andrew Pakpahan at 3:23 PM

28 comments:
Anonymous said...
am totally new to ubuntu.

4 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

suppose i run something like this"vi debian/rules" and i finish with editing the script,
how do i save it and go back to the main terminal.
i am stranded here. i end up closing the terminal thinking it would ask me to save
changes but nothing. The changes are not effected when i go back to check on the
script again.
Wednesday, August 22, 2012
Andrew Pakpahan said...
To exit from vi you can press [esc] then press [:wq!] then enter.
Wednesday, August 22, 2012
Golgot said...
Great job, Thanks ,
at the end to log into daloradius page :
http://your ip address/daloradius
Login to the management:
username: administrator
password: radius
Wednesday, September 19, 2012
Rizha Ardianto said...
Thanks for your nice post Andrew.
Im trying to use coova-chilli but still not working. Any ideas how to use it with daloradius
in this post?
Thank you
Monday, September 24, 2012
Rizha Ardianto said...
Thanks for your nice post Andrew.
Im trying to get coova-chilli work, but still no luck. Any ideas how to make it work with
this setup?
Big thanks
Monday, September 24, 2012
Andrew Pakpahan said...
@Golgot: Thanks :)
@ Rizha: I haven't tried coova chilli , but I think your problem is in the coova chilli
configuration with freeradius.
Tuesday, September 25, 2012
hidrargium said...
Hi, Andrew.
Thank you for a good article.
Some notes:
After adding new granst in MySQL:
-----grant all on radius.* to radius@localhost identified by "thepassword";
---You need to preform next command:
-----flush privileges;
-----Tuesday, October 09, 2012

5 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

Rizha said...
Andrew,
how if we want to use an external radius server?
Thursday, October 11, 2012
GoldenNetworks said...
#vim /etc/freeradius/clients.conf
client 10.0.0.0/8 {
secret = testingpassword
shortname = testing
nastype= mikrotik
}
when i enter down in the last already 3 4 entries /24 /32 etc
where i have to add this entry or edit the existing one ???
Please quick reply im stuck on the edge.
Monday, October 22, 2012
Andrew Pakpahan said...
@GoldenNetwork:
Just add as new lines. Put comments on all previous lines.
Monday, October 22, 2012
GoldenNetworks said...
Well i have done everything through ur blog n i got the result in positive when i give
command for radtest. it seems to b ok
but as im using ubuntu server 12.04 Lts so im unable to access daloradius page.
127.0.0.1/daloradius.
i dont know how to attach it with the mikrotik by cable
Tuesday, October 23, 2012
Andrew Pakpahan said...
@GoldenNetwork
Do you understand IP address concept? You need to understand this before even
trying this setup.
Thursday, October 25, 2012
GoldenNetworks said...
Thanx for reply... i did same as u mentioned the same ips 10.0.0.0/8 even in mikrotik
10.0.0.50
hotspot setup already working in routerboard.
should i use 1 simple ethernet cable between daloradius n mikrotik ???
what ip would be assigned to the mikrotik interface ???
should i use this topology: http://bejatijampang.files.wordpress.com/2012/07
/slide2-300x296.jpg
should i have to add 2 lan cards in ubuntu box or after the setup remove the internet
from ubuntu and put 1 jumper between mikrotik n ubuntu as i linked up topology ???
The daloradius box is ready my problem is how to make connections between
routerboard and daloradius box to get access daloradious webpage
Friday, October 26, 2012
Vanderwyk Siahaan said...
why i found message
"no response from server for ID 210 socket 3"

6 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

how to resolft it?

Monday, December 03, 2012
Divya S said...
thank u sir..it helped us a lot :)
Tuesday, January 29, 2013
Rosso said...
Hello Andrew, thnk for this blog.
I have a small question, can i put the server on a different location.
Will this make all traffic go to the external server?
Friday, March 29, 2013
Hamad Ahmed said...
Hi All,
First thanks to Andrew.
I am trying to install daloRADIUS , but I am facing some issues with sql module
configurations. When I uncomment the sql from the configuration file I received the
following error.
/etc/freeradius/sql.conf[22]: Instantiation failed for module "sql"
/etc/freeradius/sites-enabled/default[159]: Failed to load module "sql".
/etc/freeradius/sites-enabled/default[62]: Errors parsing authorize section.
anyone can help ?
Thanks,
Hamad
Wednesday, April 24, 2013
Pavlos said...
Great article. I followed it and it seams it works.
I have a question. Now after configuring the server and the mikrotik.
First how can I check if they communicate?
Second how can I test if a user authenticates when it connects to wifi ?
Thank you
Monday, May 20, 2013
Andrew Pakpahan said...
@Pavlos: You can try to activate hotspot on your wireless interface. Then try to login
with you radius account.
Tuesday, May 21, 2013
Alejandro said...
Congratulations for your cool post and thanks for sharing your experience.
I've two questions:
- Is the number of users limited?
- Which is the home page for the hotspot login users and can I configure a new one?
Thanks in advance.
Greetings.
Wednesday, September 04, 2013
Kevin said...
Thanks Andrew. After follow your blog, I got to http://localhost/daloradius after typing in:
user name: administrator
password: radius
I receive an error message. "Database connection error DB error extension not found.

7 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

Please help.
Thanks.
Saturday, January 11, 2014
Anonymous said...
Thanks you for your help, Great job worked for me without much trouble.
Wednesday, February 12, 2014
Anonymous said...
I have been working my way through this config as new to Ubuntu
All seemed to be going well until i tested using radtest which returns the following
error:- Invalid octet string "sqltest" for attribute name "User-Name"
radclient: Nothing to send.
I have viewed the table contents and it all looks in order and double checked the
config??
Any help would be very much appreciated. Thanks
Wednesday, March 26, 2014
alfurqan said...
hi,
would you help me, what means that: unable to open file "/etc/freeradius/sql/mysql
/ippool-dhcp.conf": no such file or directory
errors reading or parsing /etc/freeradius/radiusd.conf
Saturday, June 14, 2014
Anonymous said...
Hi,
I have followed this link for reference in running daloradius with freereadius.
https://help.ubuntu.com/community/CategoryNetworking/daloRADIUS
but I can't seem to get pass the login page.
http://192.168.2.133/daloradius/dologin.php
Database connection error
Error Message: DB Error: connect failed
could you point out what I have missed?
I have used both 12.04 and 14.04 LTS and both have same error message
what output do you need in order to further troubleshoot this?
many thanks,
Tuesday, July 08, 2014
Anonymous said...
I have Freeradius running on Ubuntu 12.04 server, to authenticate iBurst clients of my
ISP. It is working fine, the only issue is that I don't know how to manage these clients.
For example if a client has not payed to use Internet, I need to be able to disconnect
him/her and reconnect him/her once the payment has been done. The only way that I
know is to edit the /etc/freeradius/users file and comment the Framed-IP-Address line
which is not easy to do every time. Also, I fear that I might accidentally damage the file
if I continue accessing it everyday and modifying it.
I would like to know if there is any other way to do this (preferably through a web
client). I found one called Dialupadmin web interface, but I don't know if I have to install
Freeradius from scratch to be able to use the web interface or if I can just install this

8 sur 9

11/11/2014 19:46

Andrew Pakpahan: Installing and Conguring Fre...

http://andrewpakpahan.blogspot.com/2012/08/inst...

and use the existing Freeradius without re-installation.

Thursday, July 17, 2014
odik's said...
Andrew, pls help! i am am trying to install daloRADIUS , but I am facing some issues
with sql module configurations. When I uncomment the sql from the configuration file I
received the following error.
/etc/freeradius/sql.conf[22]: Instantiation failed for module "sql"
/etc/freeradius/sites-enabled/default[159]: Failed to load module "sql".
/etc/freeradius/sites-enabled/default[62]: Errors parsing authorize section.
Monday, July 28, 2014
Herman said...
Thank you for the great guide!
Works like a charm.
Herman
Monday, October 20, 2014
Post a Comment

Newer Post

Home

Older Post

Subscribe to: Post Comments (Atom)

Awesome Inc. template. Powered by Blogger.

9 sur 9

11/11/2014 19:46