Implementing AAA through Freeradius with MySQL

on Ubuntu Server 12.04 LTS with daloRadius Management

1. Login as root or super user
1: sudo su

2. Install the necessary applications
1: apt-get install mysql-client mysql-server
2: apt-get install freeradius freeradius-utils freeradius-mysql
3: apt-get install php5 php-pear php5-gd php-DB

3. Open users file
1: sudo nano etc/freeradius/users
Edit the /etc/freeradius/users file, uncomment the following
1: steve Cleartext-Password := testing
2: Service-Type = Framed-User,
3: Framed-Protocol = PPP,
4: Framed-IP-Address = 192.168.26.3,
5: Framed-IP-Netmask = 255.255.255.0,
6: Framed-Routing = Broadcast-Listen,
7: Framed-Filter-Id = std.ppp,
8: Framed-MTU = 1500,
9: Framed-Compression = Van-Jacobsen-TCP-IP

4. Restart freeradius service
1: service freeradius restart

5. Test Locally
1: radtest steve testing localhost 1812 testing123

If rad_recv returned Access-Accept, it proved that the installation was successful. Then
commented out the above in the /etc/freeradius/users file
1:
2: rad_recv: Access-Accept packet from host 127.0.0.1 port 1812,
3: id=115, length=71
4:

Configure Freeradius for MySQL
1. Open sql.conf
1: nano /etc/freeradius/sql.conf
Change the 38
th
line
1: login = root
Change the 39
th
line
1: password = sqlrootpassword
Uncomment the 100
th
line
1: readclients = yes

2. Open radiusd.conf
1: nano /etc/freeradius/radiusd.conf
Change the 544
th
line
1: proxy_requests = no
Change the 683
rd
line
1: $INCLUDE sql.conf

3. Open default file
1: nano /etc/freeradius/sites-available/default
In section authorize, comment out line 152
nd

1: #files
Uncomment the 159
th
line
1: sql
In section preactt, comment out line 354
th

1: #files
In section accounting, uncomment the 388
th
line
1: sql

4. Open inner-tunnel file
1: sudo nano /etc/freeradius/sites-enabled/inner-tunnel
In section authorize, comment out line 124
th

1: #files
Uncomment the 131
st
line
1: sql

5. Open clients.conf
1: nano /etc/freeradius/clients.conf
Add the following lines
1: client 192.168.26.0/24 {
2: secret = usersecret
3: shortname = private
4: }

6. Create database radius
1: mysql u root psqlrootpassword
2: mysql>create database radius;
3: mysql>exit

Create tables for radius database
1: mysql -u root psqlrootpassword radius <
/etc/freeradius/sql/mysql/schema.sql
2: mysql -u root psqlrootpassword radius < /etc/ freeradius
/sql/mysql/nas.sql
3: mysql -u root psqlrootpassword radius < /etc/ freeradius
/sql/mysql/cui.sql
4: mysql -u root psqlrootpassword radius < /etc/ freeradius
/sql/mysql/ippool.sql
5: mysql -u root psqlrootpassword radius < /etc/ freeradius
/sql/mysql/wimax.sql
6: mysql -u root psqlrootpassword radius < /etc/ freeradius
/sql/mysql/admin.sql

7. Add a test user
1: sudo mysql -u root psqlrootpassword
2: mysql> use radius;
3: mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES
(usertest, Password, passwordtest);

8. Test MySQL Radius
1: radtest usertest passwordtest localhost 1812 testing123

daloRadius

1. Download daloRadius
1: wget
http://sourceforge.net/projects/daloradius/files/daloradius/dalor
adius-0.9-8/daloradius-0.9-8.tar.gz

2. Extract the daloradius.tar.gz archive to /var/www
1: tar -zxvf daloradius-0.9-8.tar.gz
2: mv daloradius-0.9-8 daloradius
3: sudo cp daloradius/ /var/www R

3. Setting Permission
1: sudo chown www-data:www-data /var/www/daloradius -R
2: sudo chmod 644 /var/www/daloradius/library/daloradius.conf.php

4. Database Setup
1: mysql -u root -p radius < fr2-mysql-daloradius-and-freeradius.sql

5. Database connection setup
1: cd /var/www/daloradius/library/
2: sudo nano -w daloradius.conf.php

6. Edit the following lines
1: $configValues['FREERADIUS_VERSION'] = '2';
2: $configValues['CONFIG_DB_PASS'] = 'password';
3: $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';

7. Installation Complete
Surf to http://your ip address/daloradius
Login to the management:
username: administrator
password: radius