Поднятие freeradius на debian 8
Настройки сетевого интерфейса:
# IPv4 address
iface eth0 inet static
address 192.168.1.200
netmask 255.255.255.0
network 192.168.1.12
broadcast 192.168.1.255
gateway 192.168.1.12
FreeRadius
root@debian2:~# apt-get install freeradius freeradius-mysql freeradius-utils mysql-server mysql chkconfig php5 php5-mysql php5-db
# mysql -uroot -p
Next create the database and grant all privileges to user radius
mysql> CREATE DATABASE radius;
mysql> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY «radius»;
mysql> flush privileges;
mysql> exit
Now we need to build the schema for radius database
# mysql -u radius -p radius < /etc/freeradius/sql/mysql/schema.sql
# mysql -u radius -p radius < /etc/freeradius/sql/mysql/nas.sql
# vi /etc/freeradius/sql.conf
Enter your mysql database details you just created
# Connection info:
server = «localhost»
port = 3306
login = «radius»
password = «radius»
# Database table configuration for everything except Oracle
radius_db = «radius»
Next open /etc/raddb/radiusd.conf
# vi /etc/freeradius/radiusd.conf
Uncomment Line 700 to include sql.conf
Next edit /etc/freeradius/sites-available/default and uncomment the line 177 containing ‘sql’ under the authorize {} section and line 406 ‘sql’ under the accounting {} section, also uncomment ‘sql’ under session {} line 454, and post-auth {}.
Now, edit /etc/freeradius/sites-available/inner-tunnel and uncomment the line 131 and line 255 containing ‘sql’ under authorize {} and under session {}
# vi /etc/freeradius/clients.conf
To add NAS clients that will use RADIUS server for AAA you have to add the following to the clients.conf file. Append a block such as this, replace 192.168.209.1 with the ip address of your NAS client that will use FreeRADIUS for AAA.
client 192.168.1.11 {
secret = cisco2privet
nastype = other
}
# service freeradius restart
или
/etc/init.d/freeradius stop
freeradius -X
в режиме отладки
Проверка работоспособности:
radtest sqltest testpwd localhost 18128 testing123
Проверка
mysql -uradius -p radius
use radius;
INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUES (1,’test’,’User-Password’,’:=’,’test’);
wget http://sourceforge.net/projects/daloradius/files/latest/download?source=files
cp ‘download?source=files’ daloradius-0.9-9.tar.gz
mysql -uradius -p radius < daloradius-0.9-9/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
vi daloradius-0.9-9/library/daloradius.conf.php
Add the database username, password and db name.
$configValues[‘DALORADIUS_VERSION’] = ‘0.9-9’;
$configValues[‘FREERADIUS_VERSION’] = ‘2’;
$configValues[‘CONFIG_DB_ENGINE’] = ‘mysql’;
$configValues[‘CONFIG_DB_HOST’] = ‘localhost’;
$configValues[‘CONFIG_DB_USER’] = ‘radius’;
$configValues[‘CONFIG_DB_PASS’] = ‘radius’;
$configValues[‘CONFIG_DB_NAME’] = ‘radius’;
Move daloradius to the web root directory
mv daloradius-0.9-9 /var/www/daloradius
Point your browser to http://ip-address-or-hostname/daloradius
Login using
Username administrator
Password radius
Возможно понадобиться доустановить программы:
apt-get install php5-gd php-pearphp-db
Если после авторизацию видите пустую страницу то устанавливаем модуль
apt-get install php-db
Литература: https://poltakjefferson.wordpress.com/2014/01/07/install-freeradius-with-web-based-management-daloradius-on-centosrhel-debian-ubuntu/
http://andrewpakpahan.blogspot.ru/2012/08/installing-and-configuring-freeradius.html
http://shom.kz/freeradius-mysql-daloradius-install/
http://andrey.org/freeradiusmysql/