Q. How to Install FreeRadius on CentOS 7 with DaloRadius ?
Q. Step by Step Free Radius Server Configuration on Linux ?
Q. OpenSource Radius server
FreeRADIUS is the most popular open source & most widely deployed RADIUS server in the world. It supports all common authentication protocols. It’s Used PHP-based web user administration tool called dialupadmin.
FreeRADIUS supports LDAP, MySQL, PostgreSQL, Oracle, and many other databases. Also supports all popular EAP authentication types, including PEAP and
EAP-TTLS.
Step 1:
Disable SELinux
setenforce 0
vi /etc/selinux/config
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
Step 2:
Install MariaDB/MySQL
vi /etc/yum.repos.d/MariaDB.repo
[mariadb]
name=MariaDB
baseurl=http://yum.mariadb.org/10.1/centos7-amd64
gpgkey=https://yum.mariadb.org/RPM-GPG-KEY-MariaDB
gpgcheck=1
Step 3:
Update Server & Install Required Package
yum update -y
yum -y install freeradius freeradius-utils freeradius-mysql httpd httpd-devel mariadb-server mariadb
Step 4:
Enable FreeRadius, httpd & Mariadb
systemctl enable radiusd.service
systemctl enable httpd
systemctl enable mariadb
Start Service
systemctl start httpdStep 5:
systemctl start mariadb
Setup MariaDB and set ROOT password
mysql_secure_installation
Configure database :
mysql -u root -p
CREATE DATABASE radius
GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radiuspassword";
FLUSH PRIVILEGES;
\q
Import Database
mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql
Create a Soft Link for SQL:
ln -s /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
Step 6 :
Install PHP 7
yum -y install http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
vi /etc/yum.repos.d/remi-php71.repo
[remi-php71]
name=Remi's PHP 7.1 RPM repository for Enterprise Linux 7 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/7/php71/$basearch/
mirrorlist=http://rpms.remirepo.net/enterprise/7/php71/mirror
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
name=Remi's PHP 7.1 RPM repository for Enterprise Linux 7 - $basearch
#baseurl=http://rpms.remirepo.net/enterprise/7/php71/$basearch/
mirrorlist=http://rpms.remirepo.net/enterprise/7/php71/mirror
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-remi
yum -y install php mod_php php-cli php-mysqlnd php-devel php-gd php-mcrypt php-mbstring php-xml php-pear
pear install DB
apachectl restart
Step 7:
configure the SQL module and change the database connection:
vi /etc/raddb/mods-available/sql
sql {
driver = "rlm_sql_mysql"
dialect = "mysql"
# Connection info:
server = "localhost"
port = 3306
login = "radius"
password = "radiuspassword"
# Database table configuration for everything except Oracle
radius_db = "radius"
}
# Set to ‘yes’ to read radius clients from the database (‘nas’ table)
# Clients will ONLY be read on server startup.
read_clients = yes
# Table to keep radius client info
client_table = “nas”
ln -sf /etc/raddb/mods-available/sql /etc/raddb/mods-enabled/
Change the group for the SQL folder to radiusd:
chgrp -h radiusd /etc/raddb/mods-enabled/sql
Installing Daloradius:
cd /tmp
wget https://github.com/lirantal/daloradius/archive/master.zip
unzip master.zip
mv daloradius-master/ daloradius
cd daloradius
Step 8:
Import Daloradius MySQL:
mysql -u root -p radius < contrib/db/fr2-mysql-daloradius-and-freeradius.sql
mysql -u root -p radius < contrib/db/mysql-daloradius.sql
cd ..
mv daloradius /var/www/html
Step 09:
change permissions for httpd:
chown -R apache:apache /var/www/html/daloradius/
chmod 664 /var/www/html/daloradius/library/daloradius.conf.php
Step 10:
Modify configuration for MySQL:
vi /var/www/html/daloradius/library/daloradius.conf.php
CONFIG_DB_USER
CONFIG_DB_PASS
CONFIG_DB_NAME
Step 11:
To make sure everything works restart all services:
systemctl restart radiusd.service
systemctl restart mariadb.service
systemctl restart httpd
Step 12:
Allow Port in Firewall
firewall-cmd --zone=public --add-service=radius --permanent
firewall-cmd –reload
Step 13:
Access the web interface:
Default Login:
User: administrator
Pass: radius
Create user :
Management ---> New User
User lokesh
PWD server32
List User :
Step 14:
Define Client:
vi /etc/raddb/clients.conf
client NAME {
ipaddr = IPADDRESS
secret = SECRET
}
ipaddr = IPADDRESS
secret = SECRET
}
Testing
radtest lokesh password localhost 0 server32
Here :
radtest = command for testing
lokesh = User
password = User password
server32 = secret key
Note: we will run Radius in debug mode to make sure it runs correctly:
radiusd -X
Error 1:
Failed binding to authentication address * port 1812: Address already in use
/etc/freeradius/radiusd.conf[240]: Error binding to port for 0.0.0.0 port 1812
Solution
ps -ef | grep radiusError 2:
OR
ps ef | grep free
kill -9 <PID>
tail -f /var/log/httpd/error_log
PHP Warning: session_start(): open(/var/lib/php/session/sess_2bf357c7717eae8f1b9159deef9c912e6, O_RDWR) failed: Permission denied (13) in /var/www/html/daloradius/dologin.php on line 41, referer: http://172.17.25.200/daloradius/login.php
Solution :
chown apache:apache var/lib/php/session
This comment has been removed by the author.
ReplyDeleteI am new to freeradius. I have installed freeradius on centos-7 and planned to manage it using daloradius. After installing freeradius it was working fine and started normally by "systemctl start radiusd".freeradius is not starting and following is the error message.
ReplyDelete"Job for radiusd.service failed because the control process exited with error code. See "systemctl status radiusd.service" and "journalctl -xe" for details."
I am new to freeradius. I have installed freeradius on centos-7 and planned to manage it using daloradius.
ReplyDeleteBut when I login daloradius I meet error "DATABASE CONNECTION ERROR".
How to fix this error, please?
thanks
I am new to freeradius. I have installed freeradius on centos-7.4 and planned to manage it using daloradius.
ReplyDelete[root@sys1 ~]# radiusd -X
rlm_sql (sql): Opening additional connection (0), 1 of 32 pending slots used
rlm_sql_mysql: Starting connect to MySQL server
rlm_sql_mysql: Couldn't connect to MySQL server radius@localhost:radius
rlm_sql_mysql: MySQL error: Access denied for user 'radius'@'localhost' (using password: YES)
rlm_sql_mysql: Socket destructor called, closing socket
rlm_sql (sql): Opening connection failed (0)
rlm_sql (sql): Removing connection pool
/etc/raddb/mods-enabled/sql[20]: Instantiation failed for module "sql"
this error is generate so how it is solved..??//
thanks to adv...
Hi, What I have to do when I want to change password administrator of radius? Please help me.
ReplyDelete