now for daloradius installation
- #cd /home/username/ ( just to make sure that you are on your home directory)
- #wget http://sourceforge.net/projects/daloradius/files/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz/download.
- the result is file with download as it's name. change it to daloradius.tar.gz with the command
- #mv download daloradius.tar.gz
- extract the package, #tar -zxvf daloradius.tar.gz
- move the daloradius folder to /usr/local/www, #mv daloradius0.9-9 /usr/local/www/
- #chown -R www : www /usr/local/www/daloradius0.9-9
- #cd /usr/local/www/daloradius0.9-9/contrib/db
- insert the sql configuration, #mysql -u root -p radiux < fr2-mysql-daloradius-and-freeradius.sql
- the above command is only apply to Freeradius version 2.
- #cd /usr/local/www/daloradius0.9-9/library
- edit daloradius.conf and change the following lines
- #vi daloradius.conf.php
- $configValues['FREERADIUS_VERSION'] = '2';
- $configValues['CONFIG_DB_ENGINE'] = 'mysql';
- $configValues['CONFIG_DB_HOST'] = 'localhost';
- $configValues['CONFIG_DB_PORT'] = '3306';
- $configValues['CONFIG_DB_USER'] = 'radadmin';
- $configValues['CONFIG_DB_PASS'] = '123qweasdzxc';
- $configValues['CONFIG_DB_NAME'] = 'radius';
- config apache so it can show the daloradius on the browser
- # vi /usr/local/etc/apache/httpd.conf
- add the following lines
- Alias /daloradius "/usr/local/www/daloradius0.9-9/"
- <Directory "/usr/local/www/daloradius0.9-9">
- Options Indexes FollowSymlinks MultiViews
- AllowOverride None
- Order allow,deny
- Allow from all
- </Directory>
- #apachectl restart
- Open your browser and point to http://your.server.ip/daloradius
- enter username : administrator and password : radius ( it's the default setting )
- after you login to daloradius web, create user for testing with the following criteria
- click apply.
- Note : I choose user-password as password type, because this type of password can be accept by radius when i insert the username and password value on the Authentication pop up windows later on.
- choose Edit User menu, we want to test the user account against the radius database
- Enter the username to test, then click on the test connectivity button. the result as folllow
- you should be able to see Access-Accept if all configuration work properly.
- Next, we should configure the NAS on /usr/local/etc/raddb/clients.conf or in daloradius within Management menu -- Nas.
- vi /usr/local/etc/raddb/clients.conf
- client 192.168.0.0/16 {
- secret = testing123
- shortname = hotspot
- nastype = other
- }
-----------------------------------------------------------------------------------------------------
- the above network netmask is assuming you have many Access Point that will be talking with the Freeradius for authentication. for further Clients.conf configuration you can see on the freeradius website
- Log on to your Access Point Web GUI
- change the wireless security setting to
- WPA Enterprise
- Radius Server IP : 192.168.100.2
- Radius Authentication Port : 1812
When I test the user connectivity I get an error:
ReplyDeleteSending Access-Request of id 25 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=25, length=20
I've tested several combinations but none of them work.
An ideas?
hello
ReplyDeleteWhen i http://localhost/daloradius
i get
Forbidden
You don't have permission to access /daloradius on this server.
Well I find out that the rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=25, length=20. The problem is that DaloRadius and the free radius user configuration file seem to not me synchronize. nano /etc/freeradius/clients.conf seem to block writing in the freeradius user configuration file. I found that with this link below that show how free radius work.
ReplyDeletehttp://www.ronnutter.com/raspberry-pi-radius-part-1/