28/5/2014
Install and Setup Fr eeR ADIU S on C entOS 5, C entOS 6 and Ubuntu 11.10
Install and Setup FreeRADIUS on CentOS 5, CentOS CentO S 6 and Ubuntu U buntu 11.10 11 .10 07 May 201 2012 2 / 31 Co Comment mments s / in Fre reeRA eRADI DIUS US / by Admin
A simple tutoria tutoriall to setup and config configure ure FreeRA FreeRADI DIUS US on CentOS 5 and Ub Ubunt untu u 10.04 10.04..
Just follow the instructions instructions below to have your FreeRADIUS FreeRADIUS setup ready to go when used along with our WHMCS WHMCS module, we have distinguished the difference between CentOS commands com mands and Ubuntu Ubuntu commands: CentOS 5:
yum install freeradius2 freeradius2 freeradius2-mysql freeradius2-utils freeradius2-utils mysql-server -y
CentOS 6:
yum install freeradius freeradius-mysql freeradius-utils mysql-server mysql-server -y
Ubuntu:
apt-get install freeradius freeradius-mysql freeradius-utils mysql-server
http://safesr v.net/install- and- setup- fr eer adius- on- centos- 5/
1/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
They should install without any problems. To setup MySQL, start the service by running below: CentOS:
service mysqld start
Ubuntu:
service mysql start
Now run the following to set your password and security settings:
/usr/bin/mysql_secure_installation
Common problems usually arise on cPanel servers but please check our knowldgebase for fixing issues on cPanel servers, next we need to create the radius database, type:
mysql
or
mysql -uroot -p
Then enter your mysql root password to continue… Now create the database and grant all privileges to user radius:
CREATE DATABASE radius;
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
2/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
GRANT ALL PRIVILEGES ON radius.* TO radius@localhost IDENTIFIED BY "radpass";
flush privileges;
In certain situations you may need to grant remote access to mysql, to do this please follow the guide below:
TO SETUP MYSQL REMOTE ACCESS TO YOUR FREERADIUS INSTALLATION
PLEASE FOLLOW THIS LINK. LINK.
Now thats done we want to import the tables for radius:
mysql> use radius;
CentOS:
SOURCE /etc/raddb/sql/mysql/schema.sql
Ubuntu:
SOURCE /etc/freeradius/sql/mysql/schema.sql
exit
Now open up CentOS: /etc/raddb/sql.conf Ubuntu: /etc/freeradius/sql.conf and enter your http://safesrv.net/install-and-setup-freeradius-on-centos-5/
3/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
mysql database details you just created, Example:
# Connection info: server = "localhost" #port = 3306 login = "radius" password = "radpass"
# Database table configuration for everything except Oracle radius_db = "radius"
In /etc/raddb/radiusd.conf ensure that the line saying:
$INCLUDE
sql.conf
is uncommented. Edit /etc/raddb/sites-available/default and uncomment the line containing ‘sql’ in the authorize{} section and ‘sql’ in the accounting {} section, also uncomment ‘sql’ under session {}. Additionally, edit /etc/raddb/sites-available/inner-tunnel and uncomment the line containing ‘sql’ under “authorize {}” and under session {}. Open up /etc/raddb/clients.conf set your secret to something a bit more random, example: Change:
secret = testing123
To something like:
secret = 3c23498n349c3yt290y93b4t3
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
4/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
Now check to see if Radius is working ok: CentOS:
service radiusd restart
service radiusd stop
Ubuntu:
service freeradius restart
service freeradius stop
To
add
clients
(External
VPN
Servers)
you
would
edit
CentOS: /etc/raddb/clients.conf Ubuntu: /etc/freeradius/clients.conf and directly under this line:
#
coa_server = coa
}
Add a block such as this:
client VPN_SERVER_IP { secret
= YOUR SECRET HERE
shortname
= yourVPN
nastype
= other
}
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
5/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
To allow external servers and software to authenticate off your FreeRADIUS, this has to be done every time you setup an external server to use this FreeRADIUS database. Everytime you add a client or change a value in the config files you need to restart radius like this: CentOS:
service radiusd restart
Ubuntu:
service freeradius restart
Add a test user to the radius database, first you need to login to your mysql radius database:
mysql -uroot -pyourrootpass
Switch to the radius database:
use radius;
Once there execute the below commands:
mysql> INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUE
Next test the test user with radtest.
radtest test test 127.0.0.1 0 mysecret
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
6/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
If you see “rad_recv: Access-Accept” then your installation is working fine. If you have any problems with FreeRADIUS you can run FreeRADIUS in debug mode to help pinpoint any issues, to do that just do the following: CentOS:
service radiusd stop
radiusd -X
Ubuntu:
service freeradius stop
freeradius -X
Now you can see in realtime if your authentication queries are actually reaching the server or the reasons why some users may be rejected authentication. **Please follow below if using our WHMCS FreeRADIUS Module and UAS System:** Open up /etc/raddb/sql.conf for CentOS or /etc/freeradius/sql.conf for Ubuntu and uncomment the following line:
#readclients = yes
to:
readclients = yes
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
7/8
28/5/2014
Install and Setup FreeRADIUS on CentOS 5, CentOS 6 and Ubuntu 11.10
Now your FreeRADIUS will read off the MySQL NAS table for clients – when adding NAS servers via our UAS system it will auto create the NAS table in your FreeRADIUS databases the first time you add a client. Regards SafeSrv.net
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
8/8