Installing FreeRADIUS with daloRADIUS on Debian 9<\/h2>\n\n\n\n
Prerequisites<\/p>\n\n\n\n
- As a prerequisite, ensure that you have LAMP installed on your Debian 9 server. See our guide on how to install LAMP stack on Debian 9<\/a>.<\/li>
- Install other required PHP extensions\n
apt install php-mail php-mail-mime php-pear<\/code><\/pre>\n<\/li>
- Install PHP Pear DB library\n
pear install DB<\/code><\/pre>\n<\/li><\/ul>\n\n\n\n
You may also want to check our previous guide on how to install FreeRADIUS with daloRADIUS on Fedora 29<\/a>.<\/p>\n\n\n\n
Install and Configure FreeRADIUS on Debian 9<\/h3>\n\n\n\n
Update and upgrade your system packages;<\/p>\n\n\n\n
apt update\napt upgrade<\/code><\/pre>\n\n\n\nFreeRADIUS packages are available on the default Debian 9 default repositories and thus can be installed by running the command below;<\/p>\n\n\n\n
apt-get install freeradius freeradius-mysql freeradius-utils<\/code><\/pre>\n\n\n\nOnce the installation is done, FreeRADIUS is running by default. Hence, run the command below to enable it run on system restart.<\/p>\n\n\n\n
systemctl enable freeradius<\/code><\/pre>\n\n\n\nOpen FreeRADIUS UDP port2 1812 and 1813 on UFW.<\/p>\n\n\n\n
ufw allow to any port 1812 proto udp\nufw allow to any port 1813 proto udp<\/code><\/pre>\n\n\n\nYou can confirm port opening by running the command below;<\/p>\n\n\n\n
ss -alun4 | grep -E '1812|1813'<\/code><\/pre>\n\n\n\n
UNCONN 0 0 *:1812 *:* \nUNCONN 0 0 *:1813 *:* \nUNCONN 0 0 127.0.0.1:18120 *:*<\/code><\/pre>\n\n\n\nStop FreeRADIUS and run it on debugging mode to confirm that it is ready to process the requests.<\/p>\n\n\n\n
systemctl stop freeradius<\/code><\/pre>\n\n\n\nfreeradius -X<\/code><\/pre>\n\n\n\nIf all is well, you should be able to see the sample output below;<\/p>\n\n\n\n
...\nlisten {\n \ttype = \"acct\"\n \tipv6addr = ::\n \tport = 0\n limit {\n \tmax_connections = 16\n \tlifetime = 0\n \tidle_timeout = 30\n }\n}\nListening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel\nListening on auth address * port 1812 bound to server default\nListening on acct address * port 1813 bound to server default\nListening on auth address :: port 1812 bound to server default\nListening on acct address :: port 1813 bound to server default\nListening on proxy address * port 58656\nListening on proxy address :: port 48643\nReady to process requests<\/strong><\/code><\/pre>\n\n\n\nCreate FreeRADIUS database and database user. Be sure to grant the database user all the privileges on FreeRADIUS database.<\/p>\n\n\n\n
Login to MySQL as root user.<\/p>\n\n\n\n
mysql -u root -p<\/code><\/pre>\n\n\n\nCreate the database and database user.<\/p>\n\n\n\n
create database radius;\ngrant all privileges on radius.* to radius@localhost identified by 'P@ssWORD';<\/code><\/pre>\n\n\n\nReload the privileges tables to affect the changes.<\/p>\n\n\n\n
flush privileges;\nquit<\/code><\/pre>\n\n\n\nAfter that, import the FreeRADIUS default database schema located under
\/etc\/freeradius\/3.0\/mods-config\/sql\/main\/mysql\/schema.sql<\/code> to the RADIUS database we created above.<\/p>\n\n\n\nmysql -u root -p radius < \/etc\/freeradius\/3.0\/mods-config\/sql\/main\/mysql\/schema.sql<\/code><\/pre>\n\n\n\nEnable FreeRADIUS SQL module by creating a symbolic link of the
sql module<\/code> under\/etc\/freeradius\/3.0\/mods-available\/<\/code> tomods-enabled<\/code>.<\/p>\n\n\n\nln -s \/etc\/freeradius\/3.0\/mods-available\/sql \/etc\/freeradius\/3.0\/mods-enabled\/<\/code><\/pre>\n\n\n\nOpen the enabled SQL module and configure the
radius<\/code> database connection details as shown below;<\/p>\n\n\n\n...\n # The dialect of SQL you want to use, this should usually match\n # the driver you selected above.\n #\n # If you're using rlm_sql_null, then it should be the type of\n # database the logged queries are going to be executed against.\n #dialect = \"sqlite\"\n dialect = \"mysql\"<\/strong>\n\n # Connection info:\n #\n server = \"localhost\"<\/strong>\n port = 3306<\/strong>\n login = \"radius\"<\/strong>\n password = \"P@ssWORD\"<\/strong>\n\n # Database table configuration for everything except Oracle\n radius_db = \"radius\"<\/strong><\/code><\/pre>\n\n\n\nLocate the line,
# read_clients = yes<\/code> and uncomment it to enable FreeRADIUS server read clients from database.<\/p>\n\n\n\n...\n # Set to 'yes' to read radius clients from the database ('nas' table)\n # Clients will ONLY be read on server startup.\n read_clients = yes<\/strong>\n...<\/code><\/pre>\n\n\n\nSave the changes and quit configuration file.<\/p>\n\n\n\n
Change the ownership user and group of the enabled SQL module (symbolic link) to freerad as shown below.<\/p>\n\n\n\n
chown -h freerad.freerad \/etc\/freeradius\/3.0\/mods-enabled\/sql<\/code><\/pre>\n\n\n\nOnce that is done, restart the FreeRADIUS service,<\/p>\n\n\n\n
systemctl restart freeradius<\/code><\/pre>\n\n\n\nInstall and Configure daloRADIUS on Debian 9<\/h3>\n\n\n\n
To get the latest version of daloRADIUS, you would have to download the archive from the Sourceforge downloads page<\/a>.<\/p>\n\n\n\n
Once you have downloaded the archive, run the command below to extract it.<\/p>\n\n\n\n
tar -xzf daloradius-0.9-9.tar.gz<\/code><\/pre>\n\n\n\nNext, you need to move the extracted daloRADIUS folder to the root directory of your web server.<\/p>\n\n\n\n
mv daloradius-0.9-9 \/var\/www\/html\/daloradius<\/code><\/pre>\n\n\n\ndaloRADIUS ships with its default MySQL tables. You need to import these tables to the FreeRADIUS database we created above.<\/p>\n\n\n\n
mysql -u root -p radius < \/var\/www\/html\/daloradius\/contrib\/db\/fr2-mysql-daloradius-and-freeradius.sql\nmysql -u root -p radius < \/var\/www\/html\/daloradius\/contrib\/db\/mysql-daloradius.sql<\/code><\/pre>\n\n\n\nConfigure ownership of the daloRADIUS web configuration files to Apache web user as shown below;<\/p>\n\n\n\n
chown -R www-data.www-data \/var\/www\/html\/daloradius\/<\/code><\/pre>\n\n\n\nConfigure the permissions of the daloRADIUS main configuration file to
664<\/code> as shown below;<\/p>\n\n\n\nchmod 664 \/var\/www\/html\/daloradius\/library\/daloradius.conf.php<\/code><\/pre>\n\n\n\nOpen the daloRADIUS configuration file for editing and set the database connection parameters.<\/p>\n\n\n\n
vim \/var\/www\/html\/daloradius\/library\/daloradius.conf.php<\/code><\/pre>\n\n\n\n...\n$configValues['DALORADIUS_VERSION'] = '0.9-9';\n$configValues['FREERADIUS_VERSION'] = '2';\n$configValues['CONFIG_DB_ENGINE'] = 'mysqli<\/strong>';\n$configValues['CONFIG_DB_HOST'] = 'localhost';\n$configValues['CONFIG_DB_PORT'] = '3306';\n$configValues['CONFIG_DB_USER'] = 'radius'; < RADIUS database user<\/strong>\n$configValues['CONFIG_DB_PASS'] = 'P@ssWORD'; < radius user password<\/strong>\n$configValues['CONFIG_DB_NAME'] = 'radius'; < RADIUS database\n...<\/strong><\/code><\/pre>\n\n\n\nBe sure to change the value of
$configValues['CONFIG_DB_ENGINE'] = 'mysqli';<\/code> frommysql<\/code> tomysqli<\/strong><\/code> lest you get the error,Error Message<\/b>: DB Error: extension not found<\/code>.<\/p>\n\n\n\nSave the configuration file and restart FreeRADIUS.<\/p>\n\n\n\n
systemctl restart freeradius<\/code><\/pre>\n\n\n\ndaloRADIUS configuration is done. Now, navigate to the browser and access daloRADIUS using the address
http:\/\/server_IP\/daloradius<\/code>. You should land on a login page.<\/p>\n\n\n\n![\"Install](\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/01\/daloradius-logi-page.png\" "\\"\\"")
<\/figure>\n\n\n\nThe defualt login password for the default
Administrator<\/code> user isradius<\/code>.<\/p>\n\n\n\n![\"\"](\"https:\/\/kifarunix.com\/wp-content\/uploads\/2019\/01\/daloradius-dashboard.png\" "\\"\\"")
<\/figure>\n\n\n\nOther Tutorials<\/h2>\n\n\n\n
Install FreeRADIUS with daloRADIUS on Debian 11\/Debian 10<\/a><\/p>\n\n\n\n
- Install other required PHP extensions\n