Network Security Wiki

Radius Server: Difference between revisions

Page Discussion

Radius Server (view source)

Revision as of 21:23, 5 August 2017

1,058 bytes removed ,  6 years ago
→‎DaloRadius
Line 63:
== DaloRadius ==
 
Source: [http://www.ubuntugeek.com/install-freeradius-on-ubuntu-15-04-server-and-manage-using-daloradius-freeradius-web-management-application.html ubuntugeek.com]
sudo apt-get install php5-common php5-gd php-pear php-db libapache2-mod-php5 php-mail
 
=== Installation ===
Install freeradius using the following command
 
Prerequisites:
sudo apt-get install freeradius freeradius-mysql freeradius-utils
sudo apt-get install php5-common php5-gd php-pear php-db libapache2-mod-php5 php-mail
 
Create Freeradius DatabaseInstallation:
sudo apt-get install freeradius freeradius-mysql freeradius-utils
 
=== Database ===
You can use the following command to create freeradius database
 
Create Freeradius Database
sudo mysql -u root -p
sudo mysql -u root -p
 
mysql> create database radius;
Enter password:
mysql> grant all on radius.* to radius@localhost identified by "password";
 
Insert the freeradius database scheme:
Welcome to the MySQL monitor. Commands end with ; or \g.
sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql
Your MySQL connection id is 5
sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/nas.sql
Server version: 5.6.24-0ubuntu2 (Ubuntu)
 
Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
 
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
 
Type ‘help;' or ‘\h' for help. Type ‘\c' to clear the current input statement.
 
mysql> create database radius;
 
mysql> grant all on radius.* to radius@localhost identified by "password";
 
Query OK, 0 rows affected (0.00 sec)
 
Insert the freeradius database scheme using the following commands
 
sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/schema.sql
 
Enter password:
 
sudo mysql -u root -p radius < /etc/freeradius/sql/mysql/nas.sql
 
Enter password:
 
Create new user for radius database
sudo mysql -u root -p
mysql> use radius;
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES (‘sqltest', ‘Password', ‘testpwd');
mysql> exit
 
=== Freeradius ===
sudo mysql -u root -p
 
mysql> use radius;
 
Reading table information for completion of table and column names
 
You can turn off this feature to get a quicker startup with -A
 
Database changed
 
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES (‘sqltest', ‘Password', ‘testpwd');
 
Query OK, 1 row affected (0.04 sec)
 
mysql> exit
 
Bye
 
Freeradius Configuration
 
You need to edit /etc/freeradius/sql.conf file
sudo nano /etc/freeradius/sql.conf
 
sudo vi /etc/freeradius/sql.conf
 
Make sure you have the following details
database = mysql
login = radius
password = password
 
Uncomment the following
database = mysql
readclients = yes
login = radius
password = password
 
Uncomment the following
 
readclients = yes
 
Save and Exit the file
 
Now you need to edit the /etc/freeradius/sites-enabled/default file
sudo vi /etc/freeradius/sites-enabled/default
 
sudo vi /etc/freeradius/sites-enabled/default
 
Uncomment the sql option in the following sections
<pre>
 
accounting
 
Line 166 ⟶ 126:
 
sql
</pre>
 
Save and Exit the file
 
Now edit /etc/freeradius/radiusd.conf file
sudo nano /etc/freeradius/radiusd.conf
 
Uncomment the following option
sudo vi /etc/freeradius/radiusd.conf
 
#Uncomment the following option
 
$INCLUDE sql.conf
 
Save and exit the file
 
Restart freeradius server:
Now you can stop the free radius server using the following command
sudo /etc/init.d/freeradius stop
 
sudo /etc/init.d/freeradius stop
 
Run freeradius in debugging mode. If there is no error, you are ready to go.
sudo freeradius -X
 
sudo freeradius -X
 
Start the freeradius using the following command
sudo /etc/init.d/freeradius start
 
sudo /etc/init.d/freeradius start
 
Test the radius server using the following command
sudo radtest sqltest testpwd localhost 18128 testing123
 
Output as follows
sudo radtest sqltest testpwd localhost 18128 testing123
<pre>
 
Ouput as follows
 
Sending Access-Request of id 68 to 127.0.0.1 port 1812
User-Name = "sqltest"
Line 204 ⟶ 156:
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=68, length=20
</pre>
 
=== Daloradius Installation ===
 
You can downloadDownload the Daloradius latest version from here:
wget https://downloads.sourceforge.net/project/daloradius/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz
tar xvfz daloradius-0.9-9.tar.gz
mv daloradius-0.9-9 daloradius
mv daloradius /var/www
 
Change Permissions
Once you downloaded the daloradius-0.9-9.tar.gz file you need to extract using the following command
sudo chown www-data:www-data /var/www/daloradius -R
sudo chmod 644 /var/www/daloradius/library/daloradius.conf.php
 
Mysql database need to setup for daloradius by importing the daloradius scheme into 'radius' database.
$ tar xvfz daloradius-0.9-9.tar.gz
 
cd $ mv daloradius-0.9-9 /var/www/daloradius/contrib/db
 
sudo mysql -u root $-p mvradius < mysql-daloradius.sql /var/www
 
Configure the following daloradius setting:
Change Permissions
sudo nano /var/www/daloradius/library/daloradius.conf.php
 
Change the database password
sudo chown www-data:www-data /var/www/daloradius -R
$configValues['CONFIG_DB_PASS'] = 'password';
 
sudo chmod 644 /var/www/daloradius/library/daloradius.conf.php
 
Now you need to configure daloradius website under
Mysql database need to setup for daloradius.We need to do is to import the daloradius scheme into our existing radius database.
sudo nano /etc/apache2/sites-available/daloradius.conf
 
$ cd /var/www/daloradius/contrib/db
 
sudo mysql -u root -p radius < mysql-daloradius.sql configure the following daloradius setting. sudo vi /var/www/daloradius/library/daloradius.conf.php Change the database password $configValues['CONFIG_DB_PASS'] = 'password'; Save and exit the file Now you need to configure daloradius website under /etc/apache2/sites-available
 
sudo vi /etc/apache2/sites-available/daloradius.conf
 
add the following lines
<pre>
Alias /daloradius "/var/www/daloradius/"
 
<Directory Alias /daloradius "/var/www/daloradius/">
Options None
Order allow,deny
allow from all
</Directory>
</pre>
 
Enable and Activate daloradius website using the following command
< Directory /var/www/daloradius/>
sudo a2ensite daloradius
Options None
sudo service apache2 reload
Order allow,deny
allow from all
< /Directory>
 
Save and exit the file
 
Enable daloradius website using the following command
 
sudo a2ensite daloradius
 
Enabling site daloradius.
 
To activate the new configuration, you need to run:
 
sudo service apache2 reload
 
Daloradius Web GUI
http://10.107.88.93/daloradius
 
you can access daloradius GUI using http://server-ip/daloradius and the login screen as follows
 
Use the following login details
username: administrator
 
password: radius
username: administrator
password: radius
 
 
Retrieved from "https://aman.awiki.org/wiki/Special:MobileDiff/1679"