{"id":926,"date":"2018-05-22T14:25:57","date_gmt":"2018-05-22T11:25:57","guid":{"rendered":"https:\/\/helia.ee\/koolitus\/?page_id=926"},"modified":"2018-06-01T23:20:09","modified_gmt":"2018-06-01T20:20:09","slug":"debian-install-freeradius-on-ubuntu-16-10-server-and-manage-using-daloradius-freeradius-web-management-application","status":"publish","type":"page","link":"https:\/\/helia.ee\/koolitus\/?page_id=926","title":{"rendered":"Debian &#8211; Install Freeradius on ubuntu 16.10 Server and manage using daloradius (Freeradius web management application)"},"content":{"rendered":"<p>RADIUS, which stands for \u201cRemote Authentication Dial In User Service\u201d, is a network protocol &#8212; a system that defines rules and conventions for communication between network devices &#8212; for remote user authentication and accounting. Commonly used by Internet Service Providers (ISPs), cellular network providers, and corporate and educational networks, the RADIUS protocol serves three primary functions:<br \/>\n<span id=\"more-16914\"><\/span><br \/>\n\u2022 Authenticates users or devices before allowing them access to a network<\/p>\n<p>\u2022 Authorizes those users or devices for specific network services<\/p>\n<p>\u2022 Accounts for and tracks the usage of those services<\/p>\n<p><strong>Freeradius Features<\/strong><\/p>\n<p>\u2022 An open and scalable solution<\/p>\n<p>\u2022 Broad support by a large vendor base<\/p>\n<p>\u2022 Easy modification<\/p>\n<p>\u2022 Separation of security and communication processes<\/p>\n<p>\u2022 Adaptable to most security systems<\/p>\n<p>\u2022 Workable with any communication device that supports RADIUS client protocol<\/p>\n<p>daloRADIUS is an advanced RADIUS web platform aimed at managing Hotspots and general-purpose ISP deployments. It features rich user management, graphical reporting, accounting, and integrates with GoogleMaps for geo-locating (GIS). daloRADIUS is written in PHP and JavaScript and utilizes a database abstraction layer which means that it supports many database systems, among them the popular MySQL, PostgreSQL, Sqlite, MsSQL, and many others.<\/p>\n<p>It is based on a FreeRADIUS deployment with a database server serving as the backend. Among other features it implements ACLs, GoogleMaps integration for locating hotspots\/access points visually and many more features. daloRADIUS is essentially a web application to manage a radius server so theoretically it can manage any radius server but specifically it manages FreeRADIUS and it&#8217;s database structure. Since version 0.9-3 daloRADIUS has introduced an application-wide database abstraction layer based on PHP&#8217;s PEAR::DB package which support a range of database servers.<\/p>\n<p>Before Installing make sure you have <a href=\"http:\/\/www.ubuntugeek.com\/step-by-step-ubuntu-16-04-xenial-xerus-lamp-server-setup.html\" target=\"_blank\" rel=\"noopener\">Ubuntu 16.04 LAMP server<\/a> installed and ready for freeradius.<\/p>\n<p><strong>Preparing your system<\/strong><\/p>\n<p>Open the terminal and run the following command<\/p>\n<ol>\n<li>Vaja installida MYSQl Server\n<pre class=\"code-pre command\"><code><\/code><\/pre>\n<ul class=\"prefixed\">\n<li class=\"line\">sudo apt-get update<\/li>\n<li class=\"line\">sudo apt-get install mysql-server<\/li>\n<\/ul>\n<pre class=\"code-pre command\"><code><\/code><\/pre>\n<\/li>\n<li>Vaja lubada root parooli muutmineTo set or change your (root) password:\n<pre><code>sudo -i\r\npasswd\r\n<\/code><\/pre>\n<p>To lock it again<\/p>\n<pre><code>sudo passwd -dl root\r\n<\/code><\/pre>\n<p>N\u00fc\u00fcd v\u00f5id alustada FreeRadiuse paigaldusega.<\/p>\n<pre><\/pre>\n<\/li>\n<\/ol>\n<blockquote><p>sudo apt-get install php-common php-gd php-curl php-mail php-mail-mime php-pear php-db php-mysql<\/p><\/blockquote>\n<p>Install freeradius using the following command<\/p>\n<blockquote><p>sudo apt-get install freeradius freeradius-mysql freeradius-utils<\/p><\/blockquote>\n<p>Create Freeradius Database<\/p>\n<p>You can use the following command to create freeradius database<\/p>\n<blockquote><p>sudo mysql -u root -p<\/p><\/blockquote>\n<p>Enter password:<\/p>\n<blockquote><p>mysql&gt; create database radius;<\/p>\n<p>mysql&gt; grant all on radius.* to radius@localhost identified by &#8220;password&#8221;;<\/p><\/blockquote>\n<p>Query OK, 0 rows affected (0.00 sec)<\/p>\n<p>Insert the freeradius database scheme using the following commands<\/p>\n<blockquote><p>sudo mysql -u root -p radius &lt; \/etc\/freeradius\/sql\/mysql\/schema.sql<\/p><\/blockquote>\n<p>Enter password:<\/p>\n<blockquote><p>sudo mysql -u root -p radius &lt; \/etc\/freeradius\/sql\/mysql\/nas.sql<\/p><\/blockquote>\n<p>Enter password:<\/p>\n<p>Create new user for radius database<\/p>\n<blockquote><p>sudo mysql -u root -p<\/p><\/blockquote>\n<blockquote><p>mysql&gt; use radius;<\/p><\/blockquote>\n<p>Reading table information for completion of table and column names<\/p>\n<p>You can turn off this feature to get a quicker startup with -A<\/p>\n<p>Database changed<\/p>\n<blockquote><p>mysql&gt; INSERT INTO radcheck (UserName, Attribute, Value) VALUES (\u2018sqltest&#8217;, \u2018Password&#8217;, \u2018testpwd&#8217;);<\/p><\/blockquote>\n<p>Query OK, 1 row affected (0.04 sec)<\/p>\n<p>mysql&gt; exit<\/p>\n<p>Bye<\/p>\n<p><strong>Freeradius Configuration<\/strong><\/p>\n<p>You need to edit \/etc\/freeradius\/sql.conf file<\/p>\n<blockquote><p>sudo vi \/etc\/freeradius\/sql.conf<\/p><\/blockquote>\n<p>Make sure you have the following details<\/p>\n<blockquote><p>database = mysql<br \/>\nlogin = radius<br \/>\npassword = password<\/p>\n<p>Uncomment the following<\/p>\n<p>readclients = yes<\/p><\/blockquote>\n<p>Save and Exit the file<\/p>\n<p>Now you need to edit the \/etc\/freeradius\/sites-enabled\/default file<\/p>\n<blockquote><p>sudo vi \/etc\/freeradius\/sites-enabled\/default<\/p><\/blockquote>\n<p>Uncomment the sql option in the following sections<\/p>\n<p><strong>accounting<\/strong><\/p>\n<p># See \u201cAuthorization Queries\u201d in sql.conf<\/p>\n<p>sql<\/p>\n<p><strong>session<\/strong><\/p>\n<p># See \u201cAuthorization Queries\u201d in sql.conf<\/p>\n<p>sql<\/p>\n<p><strong>Post-Auth-Type<\/strong><\/p>\n<p># See \u201cAuthorization Queries\u201d in sql.conf<\/p>\n<p>sql<\/p>\n<p>Save and Exit the file<\/p>\n<p>Now edit \/etc\/freeradius\/radiusd.conf file<\/p>\n<blockquote><p>sudo vi \/etc\/freeradius\/radiusd.conf<\/p><\/blockquote>\n<p>#Uncomment the following option<\/p>\n<blockquote><p>$INCLUDE sql.conf<\/p><\/blockquote>\n<p>Save and exit the file<\/p>\n<p>Now you can stop the free radius server using the following command<\/p>\n<blockquote><p>sudo \/etc\/init.d\/freeradius stop<\/p><\/blockquote>\n<p>Run freeradius in debugging mode. If there is no error, you are ready to go.<\/p>\n<blockquote><p>sudo freeradius -X<\/p><\/blockquote>\n<p>Start the freeradius using the following command<\/p>\n<blockquote><p>sudo \/etc\/init.d\/freeradius start<\/p><\/blockquote>\n<p>Test the radius server using the following command<\/p>\n<blockquote><p>sudo radtest sqltest testpwd localhost 18128 testing123<\/p><\/blockquote>\n<p><strong>Ouput as follows<\/strong><\/p>\n<p>Sending Access-Request of id 68 to 127.0.0.1 port 1812<br \/>\nUser-Name = &#8220;sqltest&#8221;<br \/>\nUser-Password = &#8220;testpwd&#8221;<br \/>\nNAS-IP-Address = 127.0.1.1<br \/>\nNAS-Port = 18128<br \/>\nMessage-Authenticator = 0x00000000000000000000000000000000<br \/>\nrad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=68, length=20<\/p>\n<p><strong>Daloradius Installation <\/strong><\/p>\n<p>You can download the Daloradius latest version from <a href=\"http:\/\/sourceforge.net\/projects\/daloradius\/files\/\" target=\"_blank\" rel=\"noopener\">here<\/a><\/p>\n<p>Once you downloaded the daloradius-0.9-9.tar.gz file you need to extract using the following command<\/p>\n<blockquote><p>$ tar xvfz daloradius-0.9-9.tar.gz<\/p>\n<p>$ mv daloradius-0.9-9 daloradius<\/p>\n<p>$ mv daloradius \/var\/www\/html<\/p><\/blockquote>\n<p>Change Permissions<\/p>\n<blockquote><p>sudo chown www-data:www-data \/var\/www\/html\/daloradius -R<\/p>\n<p>sudo chmod 644 \/var\/www\/html\/daloradius\/library\/daloradius.conf.php<\/p><\/blockquote>\n<p>Mysql database need to setup for daloradius.We need to do is to import the daloradius scheme into our existing radius database.<\/p>\n<p>$ cd \/var\/www\/html\/daloradius\/contrib\/db<\/p>\n<p>sudo mysql -u root -p radius &lt; mysql-daloradius.sql<br \/>\nK\u00fcsib parooli lisa see, mis sa alguseski oled kasutanud.<br \/>\nconfigure the following daloradius setting.<\/p>\n<p>sudo vi \/var\/www\/html\/daloradius\/library\/daloradius.conf.php<\/p>\n<p>Change the database password<\/p>\n<p>$configValues[\u2018CONFIG_DB_PASS&#8217;] = \u2018password&#8217;; See rida on t\u00fchi lisa mysql radius kasutaja parool, praegusel juhul on see password.<br \/>\nEnne seda on DB_USER, kirjas on root muuda see radius kasutajaks muidu ei toimi.<\/p>\n<p>Save and exit the file<\/p>\n<p>Now you need to configure daloradius website under \/etc\/apache2\/sites-available<\/p>\n<blockquote><p>sudo vi \/etc\/apache2\/sites-available\/daloradius.conf (seda faili ei ole seal, n\u00fc\u00fcd see luuakse)<\/p><\/blockquote>\n<p>add the following lines<\/p>\n<blockquote><p>Alias \/daloradius &#8220;\/var\/www\/html\/daloradius\/&#8221;<\/p>\n<p>&lt;Directory \/var\/www\/html\/daloradius\/&gt;<br \/>\nOptions None<br \/>\nOrder allow,deny<br \/>\nallow from all<br \/>\n&lt;\/Directory&gt;<\/p><\/blockquote>\n<p>Save and exit the file<\/p>\n<p>Enable daloradius website using the following command<\/p>\n<blockquote><p>sudo a2ensite daloradius<\/p><\/blockquote>\n<p>Enabling site daloradius.<\/p>\n<p>To activate the new configuration, you need to run:<\/p>\n<blockquote><p>sudo service apache2 reload<\/p><\/blockquote>\n<p><strong>Daloradius Web GUI<\/strong><\/p>\n<p>you can access daloradius GUI using http:\/\/server-ip\/daloradius and the login screen as follows<\/p>\n<p><a href=\"http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/1.png\" rel=\"lightbox-0\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-16071\" src=\"http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/1-300x283.png\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" srcset=\"http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/1-300x283.png 300w, http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/1.png 567w\" alt=\"1\" width=\"300\" height=\"283\" \/><\/a><\/p>\n<p>Use the following login details<\/p>\n<blockquote><p>username: administrator<br \/>\npassword: radius<\/p><\/blockquote>\n<p>If you are running PHP 7 then you might see the following error<\/p>\n<p>Database connection error<br \/>\nError Message: DB Error: extension not found<\/p>\n<p>Kui annab eelneva vea, siis vaja teha siis nii (kontrollida pakkide olemas oli, mis on apt-geti taga ja siis pear install DB l\u00e4bi lasta ning siis all kirjas, mis vaja failides teha):<\/p>\n<ul>\n<li>This assumes an Ubuntu 16.04 OS installled<\/li>\n<li>This assumes PHP 7 installed<\/li>\n<li>This assumes MySQL &gt;= 5.7.5 installed<\/li>\n<li>This assumes you have already installed all the LAMP related packages and have a working LAMP environment.<br \/>\nNext, is to make sure you have the required extra packages for daloRADIUS, run:<\/li>\n<\/ul>\n<div class=\"highlight highlight-source-shell\">\n<pre>sudo apt-get install php-common php-gd php-curl php-mail php-mail-mime php-pear php-db<\/pre>\n<\/div>\n<p>and then<\/p>\n<div class=\"highlight highlight-source-shell\">\n<pre>pear install DB<\/pre>\n<\/div>\n<p>&nbsp;<\/p>\n<p><strong>Changing file library\/daloradius.conf.php<\/strong><\/p>\n<p>It&#8217;s required to update daloRADIUS&#8217;s database connection code so that it identifies the MySQL server using the new and improved mysqli driver:<\/p>\n<p>Open for editing the file library\/daloradius.conf.php and locate the configuration variable CONFIG_DB_ENGINE and change it to the value of mysqli (it is now probably set to mysql, notice the extra i). It should end up looking as follows: $configValues[\u2018CONFIG_DB_ENGINE&#8217;] = \u2018mysqli&#8217;;<\/p>\n<p>Changing file library\/opendb.php (seda viimast rida minul ei olnud vaja lisada, see tekitas erroreid juurde)<\/p>\n<p><strong>Open for editing the file library\/opendb.php<\/strong><\/p>\n<p>At the very end of the file just add this new line of code: $dbSocket-&gt;query(&#8220;SET GLOBAL sql_mode = &#8220;;&#8221;); which makes the MySQL version work with less strict SQL syntax<\/p>\n<p>Once you logged in you should see similar to the following screen<\/p>\n<p><a href=\"http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/21.png\" rel=\"lightbox-1\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-16072\" src=\"http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/21-300x213.png\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" srcset=\"http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/21-300x213.png 300w, http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/21-1024x729.png 1024w, http:\/\/www.ubuntugeek.com\/wp-content\/uploads\/2015\/05\/21.png 1220w\" alt=\"2\" width=\"300\" height=\"213\" \/><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>RADIUS, which stands for \u201cRemote Authentication Dial In User Service\u201d, is a network protocol &#8212; a system that defines rules and conventions for communication between network devices &#8212; for remote user authentication and accounting. Commonly used by Internet Service Providers (ISPs), cellular network providers, and corporate and educational networks, the RADIUS protocol serves three primary [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":621,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-926","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/926","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=926"}],"version-history":[{"count":7,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/926\/revisions"}],"predecessor-version":[{"id":933,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/926\/revisions\/933"}],"up":[{"embeddable":true,"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=\/wp\/v2\/pages\/621"}],"wp:attachment":[{"href":"https:\/\/helia.ee\/koolitus\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=926"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}