Install Freeradius on ubuntu 15.04 Server and manage using daloradius (Freeradius web management application)

Sponsored Link
RADIUS, which stands for “Remote Authentication Dial In User Service”, is a network protocol -- a system that defines rules and conventions for communication between network devices -- for remote user authentication and accounting. Commonly used by Internet Service Providers (ISPs), cellular network providers, and corporate and educational networks, the RADIUS protocol serves three primary functions:

• Authenticates users or devices before allowing them access to a network

• Authorizes those users or devices for specific network services

• Accounts for and tracks the usage of those services

Freeradius Features

• An open and scalable solution

• Broad support by a large vendor base

• Easy modification

• Separation of security and communication processes

• Adaptable to most security systems

• Workable with any communication device that supports RADIUS client protocol

daloRADIUS is an advanced RADIUS web platform aimed at managing Hotspots and general-purpose ISP deployments. It features rich user management, graphical reporting, accounting, and integrates with GoogleMaps for geo-locating (GIS). daloRADIUS is written in PHP and JavaScript and utilizes a database abstraction layer which means that it supports many database systems, among them the popular MySQL, PostgreSQL, Sqlite, MsSQL, and many others.

It is based on a FreeRADIUS deployment with a database server serving as the backend. Among other features it implements ACLs, GoogleMaps integration for locating hotspots/access points visually and many more features. daloRADIUS is essentially a web application to manage a radius server so theoretically it can manage any radius server but specifically it manages FreeRADIUS and it's database structure. Since version 0.9-3 daloRADIUS has introduced an application-wide database abstraction layer based on PHP's PEAR::DB package which support a range of database servers.

Before Installing make sure you have Ubuntu 15.04 LAMP server installed and ready for freeradius.

Preparing your system

Open the terminal and run the following command

sudo apt-get install php5-common php5-gd php-pear php-db libapache2-mod-php5 php-mail

Install freeradius using the following command

sudo apt-get install freeradius freeradius-mysql freeradius-utils

Create Freeradius Database

You can use the following command to create freeradius database

sudo mysql -u root -p

Enter password:

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 5
Server version: 5.6.24-0ubuntu2 (Ubuntu)

Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.

Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.

Type ‘help;' or ‘\h' for help. Type ‘\c' to clear the current input statement.

mysql> create database radius;

mysql> grant all on radius.* to [email protected] identified by "password";

Query OK, 0 rows affected (0.00 sec)

Insert the freeradius database scheme using the following commands

sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql

Enter password:

sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/nas.sql

Enter password:

Create new user for radius database

sudo mysql -u root -p

mysql> use radius;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES (‘sqltest', ‘Password', ‘testpwd');

Query OK, 1 row affected (0.04 sec)

mysql> exit

Bye

Freeradius Configuration

You need to edit /etc/freeradius/sql.conf file

sudo vi /etc/freeradius/sql.conf

Make sure you have the following details

database = mysql
login = radius
password = password

Uncomment the following

readclients = yes

Save and Exit the file

Now you need to edit the /etc/freeradius/sites-enabled/default file

sudo vi /etc/freeradius/sites-enabled/default

Uncomment the sql option in the following sections

accounting

# See “Authorization Queries” in sql.conf

sql

session

# See “Authorization Queries” in sql.conf

sql

Post-Auth-Type

# See “Authorization Queries” in sql.conf

sql

Save and Exit the file

Now edit /etc/freeradius/radiusd.conf file

sudo vi /etc/freeradius/radiusd.conf

#Uncomment the following option

$INCLUDE sql.conf

Save and exit the file

Now you can stop the free radius server using the following command

sudo /etc/init.d/freeradius stop

Run freeradius in debugging mode. If there is no error, you are ready to go.

sudo freeradius -X

Start the freeradius using the following command

sudo /etc/init.d/freeradius start

Test the radius server using the following command

sudo radtest sqltest testpwd localhost 18128 testing123

Ouput as follows

Sending Access-Request of id 68 to 127.0.0.1 port 1812
User-Name = "sqltest"
User-Password = "testpwd"
NAS-IP-Address = 127.0.1.1
NAS-Port = 18128
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=68, length=20

Daloradius Installation

You can download the Daloradius latest version from here

Once you downloaded the daloradius-0.9-9.tar.gz file you need to extract using the following command

$ tar xvfz daloradius-0.9-9.tar.gz

$ mv daloradius-0.9-9 daloradius

$ mv daloradius /var/www

Change Permissions

sudo chown www-data:www-data /var/www/daloradius -R

sudo chmod 644 /var/www/daloradius/library/daloradius.conf.php

Mysql database need to setup for daloradius.We need to do is to import the daloradius scheme into our existing radius database.

$ cd /var/www/daloradius/contrib/db

sudo mysql -u root -p radius < mysql-daloradius.sql configure the following daloradius setting. sudo vi /var/www/daloradius/library/daloradius.conf.php Change the database password $configValues['CONFIG_DB_PASS'] = 'password'; Save and exit the file Now you need to configure daloradius website under /etc/apache2/sites-available

sudo vi /etc/apache2/sites-available/daloradius.conf

add the following lines

Alias /daloradius "/var/www/daloradius/"

< Directory /var/www/daloradius/>
Options None
Order allow,deny
allow from all
< /Directory>

Save and exit the file

Enable daloradius website using the following command

sudo a2ensite daloradius

Enabling site daloradius.

To activate the new configuration, you need to run:

sudo service apache2 reload

Daloradius Web GUI

you can access daloradius GUI using http://server-ip/daloradius and the login screen as follows

1

Use the following login details

username: administrator
password: radius

Once you loggedin you should see similar to the following screen

2

Sponsored Link

Related posts

You may also like...

31 Responses

  1. Esc says:

    I have problem.
    webrowser view

    Database connection error
    Error Message: DB Error: extension not found

    I did everything the same way

  2. miguel says:

    I have the exact same problem…

    “Database connection error
    Error Message: DB Error: extension not found”

    The authentication tests on the command line work as expected.
    I fallowed everything as per this document and had a second check. There should be something missing in the configuration between daloRadius and mysql database…
    Any thoughts?
    Thanks for sharing this info.

  3. john says:

    i get a permission denied error when trying to apply the schema

  4. udo says:

    I’m also getting permission denied error when trying to apply the schema.
    If you look at:
    >Type ‘help;’ or ‘\h’ for help. Type ‘\c’ to clear the current input statement.
    >
    >mysql> create database radius;
    >mysql> grant all on radius.* to [email protected] identified by “password”;
    >Query OK, 0 rows affected (0.00 sec)
    >
    >Insert the freeradius database scheme using the following commands
    >sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql

    You see that there is a query result missing after "create database radius" and also after the second MySQL query comes a Linux command (sudo…), without any info on how to return to command line while keepering the password

  5. Alok Sinha says:

    Very good article.
    Ran into couple of issues, mentioning the work around for them –
    1. if you happen to run into this issue
    “Database connection error
    Error Message: DB Error: extension not found”
    then install the following –
    > sudo apt-get install php5-mysql mysql-client

    2. was getting another error related to sql.conf for that the solution is to have
    readclients = no

    Thanks a lot.

  6. Jeff Ausfeld says:

    Very good article.
    I too ran into an issue

    If you happen to run into this issue
    “rad_recv: Access-Reject packet from host 127.0.0.1 port 1812”

    then look at:

    /etc/freeradius/sites-available/default
    ~ line 177 and uncomment sql

    # Look in an SQL database. The schema of the database
    # is meant to mirror the “users” file.
    #
    # See “Authorization Queries” in sql.conf
    sql

    It took hours to find it the problem. Maybe you find this post helpful. The following link does not explicitly state the answer above but it was where I was clued in on where to look.

    http://freeradius.1045715.n5.nabble.com/pptpd-freeradius-ldap-ERROR-No-authenticate-method-Auth-Type-found-for-the-request-Rejecting-the-user-td5719631.html

    Pro-Tip: If you are running freeradius in debug mode, open a new terminal window to send the radtest the authentication commands. The debug output will display in the first terminal window.

  7. Roshan says:

    very nice article.My authentication is work properly but online user is not showing up.
    please help me..thanks in advance.

  8. Stephen says:

    Your tutorial was great however, you screwed me for a couple of hours…….You need to move your daloradius directory. Afer I moved the directory I was then able to hit the daloradius splash page. see output below:

    [email protected]:/var/www/daloradius# cd ..
    [email protected]:/var/www# ls
    daloradius html
    [email protected]:/var/www# mv daloradius/ /var/www/html/daloradius
    [email protected]:/var/www# ls
    html
    [email protected]:/var/www# cd html/
    [email protected]:/var/www/html# ls
    daloradius index.html
    [email protected]:/var/www/html#

  9. Helmlein says:

    in “/etc/freeradius/sites-enabled/default”, you need to uncomment “sql” in the paragraph for “authorize” as well, not just in the three stanzas mentioned above in the tutorial. That error can be traced nicely by running the radius service in debug mode (it won’t find any users to authenticate) when you do the “radtest”.

    The package “php5-mysql” is definitely also needed; this may be something that is normally installed with “LAMP” already, but I had to install it manually to avoid some database errors thrown by Daloradius in the end when I connected to the Web Service

  10. Ermin says:

    Thank you Helmlein !
    It works now.

  11. A says:

    Good tutorial

    When i try to reload the web service i get the error
    syntax error on line 219 of /etc/apache2/apache2.conf : syntax error on line 7 of /etc/apache2/sites-enabled/daloradius.conf : expected but saw

  12. 602348184 says:

    thank you! you are solved my problem, thank you vary much!

  13. sahel says:

    /etc/init.d/apache2 restart [….] Restarting apache2 (via systemctl): apache2.serviceJob for apache2.service failed because the control process exited with error code. See “systemctl status apache2.service” and “journalctl -xe” for details.
    failed!
    [email protected]:/etc/apache2/sites-available#

    this is tht error am getting

  14. Joshua says:

    During this step

    Alias /daloradius /var/www/daloradius/

    Options None
    Order allow,deny
    allow from all

    The last Directory is not closed so you will get the /etc/init.d/apache2 restart [….] Restarting apache2 (via systemctl): apache2.serviceJob for apache2.service failed because the control process exited with error code. See “systemctl status apache2.service” and “journalctl -xe” for details.
    failed!

  15. Dipak says:

    Hello Sir,

    I Logged in successfully, but how can I connect router to daloradius, and how to create users/hotspots/plan/group/profile/attributes and NAS. which IP address can I provide to NAS. My router IP is 192.168.1.1

    So how can I configure Plz help me sir. give me some steps to go ahead.

  16. Fer Tapia says:

    Hey guys.
    Trying to install my free radius, I found this error with apache:
    * The apache2 configtest failed. Not doing anything.
    Output of config test was:
    apache2: Syntax error on line 219 of /etc/apache2/apache2.conf: Syntax error on line 3 of /etc/apache2/sites-enabled/daloradius.conf: /etc/apache2/sites-enabled/daloradius.conf:7:
    This happen because the alias with bad:
    The correct one is:
    ———————————————-
    Alias /daloradius “/var/www/daloradius/”

    Options None
    Order allow,deny
    allow from all

  17. Fer Tapia says:

    Alias /daloradius “/var/www/daloradius/”

    Options None
    Order allow,deny
    allow from all

  18. jd says:

    just updating this

    If error is with apache2 not reloading
    -Remove spaces in front of Directory & /Directory

    Alias /daloradius /var/www/daloradius/

    Options None
    Order allow,deny
    allow from all

    if error isError Message: DB Error: connect failed
    Change the database password $configValues[‘CONFIG_DB_PASS’] = ‘password’ <-password here is your database ACTUAL PASSWORD

    The rest – refer to posts above

  19. vallabh says:

    Database connection error
    Error Message: DB Error: connect failed

    I am getting this error after login to daloradius

  20. nakeerdos says:

    in daloradius.conf.php <> you must change the password with mysql-server password
    this solved my problem

  21. Vishal Rabadiya says:

    Hi, and thanks for tutorial it’s helpful. Everything works perfect , including authentication. But the accounting is not working. If I create time plan and set for any user it does not work. I did in Billing->plans->new plan and I gave name, I’d , type- PayPal, recurring-no, period-never, schedule-fixed, cost-10 and in time settings type- accumulative, bank-300. It not work. User should logged out after 5 mins.
    Plz help and thanks.

  22. pavlik says:

    cant even finish up the process, stopped freeradius, started it in debugging mode and there is no error, but i’m stuck because i cant start the radius server again , gives me code excited, status=1 fail………help out please…

  23. pavlik says:

    ERROR: Site daloradius does not exist!
    this is what i get after doing the above procedures, any help on that please, thank you in advance

  24. James says:

    I know this is an old thread but I’m also getting the error from bash saying “permission denied” after this line:

    sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql

    please help

  25. Akshay says:

    The people who are getting “permission denied” for the command “sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql"
    need to switch to user "root" for executing the above command.

    type ' su ' or ' su root ' and login using whatever password you've configured for the root user. Then execute the earlier command .

  26. Rafael says:

    If getting the error:
    Database connection error
    Error Message: DB Error: extension not found

    On Ubuntu 16.04 and php5.6, try:
    # apt-get install php5.6-mysql
    # service apache2 restart

    phpinfo should display the module as enabled.

  27. Gagandeep Dhanoa says:

    Thanks for this article, i initially had some issues like extra spaces in Directory tag, easy fix and later it was DB extension error; following is the link from github that fixed my issue.

    https://github.com/lirantal/daloradius/issues/5

    Some changes in config file are required.

  28. Henrique Prego says:

    Hi Everyone,

    I did all the config that was said on the tutorial but when I tried to access the daloradius page after the logging, it’s showing a blank page on ip_address/daloradius/dologin.php

  29. Kunci says:

    After login doesn’t showing the page. HTTP 500 error

  30. Sigma says:

    Thanks for the tutorial, you save my life!

Leave a Reply

Your email address will not be published. Required fields are marked *