Professional Documents
Culture Documents
A simple tutorial to setup and configure FreeRADIUS on CentOS 5 and Ubuntu 10.04.
Just follow the instructions below to have your FreeRADIUS setup ready to go when used
along with our WHMCS module, we have distinguished the difference between CentOS
commands and Ubuntu commands:
CentOS 5:
CentOS 6:
Ubuntu:
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
1/8
28/5/2014
Ubuntu:
Now run the following to set your password and security settings:
/usr/bin/mysql_secure_installation
Common problems usually arise on cPanel servers but please check our knowldgebase for
fixing issues on cPanel servers, next we need to create the radius database, type:
mysql
or
mysql -uroot -p
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
2/8
28/5/2014
flush privileges;
In certain situations you may need to grant remote access to mysql, to do this please follow
the guide below:
CentOS:
SOURCE /etc/raddb/sql/mysql/schema.sql
Ubuntu:
SOURCE /etc/freeradius/sql/mysql/schema.sql
exit
3/8
28/5/2014
# Connection info:
server = "localhost"
#port = 3306
login = "radius"
password = "radpass"
$INCLUDE sql.conf
is uncommented.
Edit /etc/raddb/sites-available/default and uncomment the line containing sql in the
authorize{} section and sql in the accounting {} section, also uncomment sql under session
{}.
Additionally, edit /etc/raddb/sites-available/inner-tunnel and uncomment the line containing
sql under authorize {} and under session {}.
Open up /etc/raddb/clients.conf set your secret to something a bit more random, example:
Change:
secret = testing123
To something like:
secret = 3c23498n349c3yt290y93b4t3
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
4/8
28/5/2014
Ubuntu:
To
add
clients
(External
VPN
Servers)
you
would
edit
coa_server = coa
client VPN_SERVER_IP {
secret
shortname
= yourVPN
nastype
= other
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
5/8
28/5/2014
To allow external servers and software to authenticate off your FreeRADIUS, this has to be
done every time you setup an external server to use this FreeRADIUS database.
Everytime you add a client or change a value in the config files you need to restart radius like
this:
CentOS:
Ubuntu:
Add a test user to the radius database, first you need to login to your mysql radius database:
use radius;
mysql> INSERT INTO `radcheck` (`id`, `username`, `attribute`, `op`, `value`) VALUES (1,'test'
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
6/8
28/5/2014
radiusd -X
Ubuntu:
freeradius -X
Now you can see in realtime if your authentication queries are actually reaching the server or
the reasons why some users may be rejected authentication.
**Please follow below if using our WHMCS FreeRADIUS Module and UAS System:**
Open up /etc/raddb/sql.conf for CentOS or/etc/freeradius/sql.conf for Ubuntu and
uncomment the following line:
#readclients = yes
to:
readclients = yes
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
7/8
28/5/2014
Now your FreeRADIUS will read off the MySQL NAS table for clients when adding NAS
servers via our UAS system it will auto create the NAS table in your FreeRADIUS databases
the first time you add a client.
Regards
SafeSrv.net
http://safesrv.net/install-and-setup-freeradius-on-centos-5/
8/8