in Network

How to: Install a FreeRADIUS & daloRADIUS Server

Introduction

This guide will tell you how to install a daloRADIUS & FreeRADIUS Server. As TechTarget says, a RADIUS server is:

Remote Authentication Dial-In User Service (RADIUS) is a client/server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service. RADIUS allows a company to maintain user profiles in a central database that all remote servers can share. It provides better security, allowing a company to set up a policy that can be applied at a single administered network point. Having a central service also means that it’s easier to track usage for billing and for keeping network statistics. Created by Livingston (now owned by Lucent), RADIUS is a de facto industry standard used by a number of network product companies and is a proposed IETF standard.

daloRADIUS is free to use software and works as the front-end. FreeRADIUS works as the back-end. Both are free and do not require any purchase.

Prepartions

Before we start the installation of daloRADIUS. We need to make sure we have the following:

  • An operating system as Ubuntu, Debian or Raspbian. Other operating systems can be used, but please keep in mind the commands used might not work on your OS. So if needed, tweak them a bit for the corresponding OS.
  • This software requires you to have a static IP address on your device. Citricks created a guide to do so on CentOS. See other guides for how to set a static IP address on your device.
  • Basic knowledge about how Linux operating system work is recommended, but not needed. It will help you to better understand what’s going on.
  • Time: around 30 minutes – 1 hour!

Dependencies

Dependencies is software that is required to make another software work. To make daloRADIUS work we need to run the following command:

Once the dependencies are installed we can continue to the next step!

Install FreeRADIUS

To install FreeRADIUS, use the following command:

As you can see FreeRADIUS is available on a repository. If you wish to use a manual install, you can download it here.

Install daloRADIUS

As daloRADIUS is a front-end application, we need to move it to a place where people can view it. To make this possible we will move daloRADIUS to the root website folder. In case you already have a website running, move it to another location (subfolder).

First we move to the current users home folder and start the download of daloRADIUS:

Now we tar the downloaded file to the website root folder. If you’re hosting another website already, please change the location of the destination.

Download + Extraction daloRADIUS

Optionally I will move the files from the temporary folder to the root folder and delete the temporary folder.

Configuring MySQL for daloRADIUS

daloRADIUS is using a database to store its content. So we need to configure a database user, database and set it up for dalo. Log-in to MySQL with the correct credentials:

Once you’re in, create a database:

Create Database RADIUS

Now we need to import the .sql script into the database. The .sql file is located in the ‘/contrib/db/’ folder. If you didn’t install daloRADIUS in the root destination, you might need to change the location of the .sql down below. To import the file run:

To strengthen our security, we will use a new MySQL account to connect to the database. In case there is a security breach and someone manages to access your database configuration file, they will only be able to open the database ‘radius’ with the user we will create now. If you use the root account in the configuration files there is a chance more information will be compromised. Please note that you still need to add your own password in the command below. To create a new user and allow him to access the database run:

Creating User Database

You’ve now created a new user with your own password and granted the new user access to the newly created database and all its tables.

Configure daloRADIUS

First we will configure daloRADIUS so it points to the database. To do so we need to edit a configuration file found on ‘./www/library/daloradius.conf.php’. For editing text on the CLI I prefer to use nano. Edit the file by running:

Change the following values to your own credentials:

Settings Config File daloRADIUS

Press ‘CTRL-O’ to save your file, following with ‘CTRL-X’ to close the document.

Configure FreeRADIUS

Just like daloRADIUS, we need FreeRADIUS to point to our database. We need to change the config file(s) again. With FreeRADIUS we also need to edit another file which allows the software to check the database. This config file is located in ‘/etc/freeradius’. To edit the file run:

FreeRADIUS Enable MySQL

Remove the ‘#’ from the following lines, don’t remove anything else:

Once you’re done editing press ‘CTRL-O’ to save the document and press ‘CTRL-X’ to close.

Because the database doesn’t know how to connect to the correct database, we need to change the configuration file so he will be able to do so. Edit the ‘sql.conf’ file located in the same folder by running:

Remove the ‘#’ in font of ‘port’ and change the following information to your database settings:

FreeRADIUS SQL Settings

Once done, save and close your document.

To start using FreeRADIUS we need to enable a user. This line is blocked out in the config file so we need to unblock it. The configuration file is located in ‘/etc/freeradius’. To edit the file run:

FreeRADIUS Configuration

Delete the ‘#’ on the last two lines shown in the above picture. This means the line with ‘John Doe’ and ‘Reply-Message’. If you can’t find these lines, press ‘CTRL-W’ to search the current document. Once edited press ‘CTRL-O’ to save the document and press ‘CTRL-X’ to close.

Now open the ‘default’ config file located at ‘/etc/freeradius/sites-enabled/’ by running:

Now remove every ‘#’ in front of every sql row in the following sections:

Remove # Defaults Citricks

To make sure everything is applied correctly, we will reboot our system:


Your RADIUS server is now up and running! Please leave a comment down below if you have any questions or suggestions.

Related Posts

  • Murilo Rodrigues

    Great… Thanks man… Your explanation is very cool.