Inhaltsverzeichnis
Install Free Radius and Free-Radius MYSQL
apt-get install freeradius freeradius-mysql
During Freeradius installation there is a point where
Diffie-Hellmann (DH) parameters are generated
this will take some time, so be pationed or just grep a cup of coffee
Config Free RADIUS to work with MYSQL
In case you will install Easy-Hotspot Admin-Gui: Continue with: DB setup and return afterwards.
If you have created the Radius / Easyhotspot Database DB setup , continue below
Edit Free-Radius main configuration files
Freeradius is per default configured to work out of the box, however the default setup is using
flatfiles, here we configure it to use the MySQL, so most of this config is needed to get radius to
connect and use MySQL DB.
First remove the # in front of line $INCLUDE sql.conf, leaf all other lines as they are.
vi /etc/freeradius/radiusd.conf $INCLUDE sql.conf
More MySQL related config, this file has three sections of code in each modify the sql line. Find the following blocks and the sql line to modify:
vi /etc/freeradius/sites-available/default
authorize {
sql
accounting {
sql
session {
sql
Check / Change Freeradius shared secret default is "testing123".
In case of using a different secret change password of radius user in mysql and change secret in Free-Radius config.
mysql -u root -p radius
Enter password: 2=
mysql> select Host,User from mysql.user where User='radius';
+-----------+--------+
| Host | User |
+-----------+--------+
| localhost | radius |
+-----------+--------+
1 row in set (0.00 sec)
mysql> UPDATE mysql.user SET Password=PASSWORD('Radpass12345') WHERE User='radius' AND Host='localhost';
Query OK, 1 row affected (0.01 sec)
Rows matched: 1 Changed: 1 Warnings: 0
mysql> FLUSH PRIVILEGES;
# Optional:
mysql> GRANT USAGE ON * . * TO 'radius'@'%' IDENTIFIED BY 'Radpass' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;
Query OK, 0 rows affected (0.01 sec)
mysql>quit;
We have decided to use soemthing different then testing123, the login is the same only the name of the DB is changing
vi /etc/freeradius/sql.conf
# Connection info:
server = "localhost"
#port = 3306
login = "radius"
password = "Radpass
# Database table configuration for everything except Oracle
radius_db = "radius"
# radius_db = "easyhpradiusdb"
NOTE: Restart MySQL and Freeradius to enshure the new password is used. Check /var/log/freeradius/radius.log for a successfull DB
connection in case of problems see:raspmysqladmin
Change the radius secret that clients use to authenticate at radius for AAA services
vi /etc/freeradius/clients.conf
#
secret = RaspiRadi
Freeradius is now configured for interact with MySQL. To test this, stop Free-Radius daemon:
/etc/init.d/freeradius stop [ ok ] Stopping FreeRADIUS daemon: freeradius.
Test Radius Server
The test of the radius funktionality is delayed until it was possible to create a user in the DB via EASY-Hotspot admin GUI.
