OS: Ubuntu Server 14.04.1 LTS

VMware Player (LAN Bridge Connection)

Daloradius 0.9.9

LAMP

Hardware used:

AP TPLink, Model TL- MR3420

1. Installing LAMP

– Ubuntu Server, after installation: sudo apt-get update & sudo apt-get upgrade need to be apply.

– Apache2: sudo apt-get install apache2

– PHP5: sudo apt-get install php5 & restart apache2: sudo service apache2 restart

– MySql server: sudo apt-get install mysql-server

When it asks for root password, give any password of your choice and note it.
Now we need to install another packet, so that Php5 and Mysql can understand each other.

sudo apt-get install php5-mysql

sudo service apache2 restart

Obs! A small error will appear to fix that, insert

ServerName localhost

in either httpd.conf or apache2.conf in /etc/apache2 and restart apache the notice will disappear.

If you have a name inside /etc/hostname you can also use that name instead of localhost.

2. Install & Configure FreeRadius
sudo apt-get install freeradius freeradius-mysql freeradius-utils

Next will open /etc/freeradius/eap.conf, to make some configurations:

sudo nano /etc/freeradius/eap.conf

default_eap_type = peap (need to be peap, DO NOT CHANGE in TTLS section)

now we will make some changes in /etc/freeradius/modules/mschap

sudo nano /etc/freeradius/modules/mschap

umcomment and change values, like how is shown bellow:

use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = yes

Save the files and issue this command line: sudo ldconfig

3. Create Mysql database for authentication
– NAS authentication

$: mysql -u root -p
mysql> create database radius;
mysql> create user ‘freeradius’@’localhost’ identified by ‘radius123’;
mysql> grant all on radius.* to ‘freeradius’@’localhost’ identified by ‘radius123’;
mysql> flush privileges;
mysql> exit;

Now we will import freeradius schema to our database. It is in /etc/freeradius/sql/mysql/

mysql -u freeradius -p radius < /etc/freeradius/sql/mysql/schema.sql
mysql -u freeradius -p radius < /etc/freeradius/sql/mysql/nas.sql

Enter the password for mysql user freeradius, which is radius123.
If it gives some problem with rights, then issue following commands before issuing above commands.
sudo chmod 777 /etc/freeradius/sql/mysql/schema.sql
sudo chmod 777 /etc/freeradius/sql/mysql/nas.sql

Next step is to change freeradius for mysql, open /etc/freeradius/sites-available/default

sudo nano /etc/freeradius/sites-available/default

uncomment the following line

in authorize section uncomment sql
in session section uncomment sql
in post-auth section uncomment sql
in accounting section uncomment sql

and comment files in authorize section #files

save and exit. Next, modify the login and the password:

sudo nano /etc/freeradius/sql.conf

login = “freeradius”
password = “radius123”

and uncomment readclients = yes

save and exit, next will uncomment the fallowing lines from:

sudo nano /etc/freeradius/radiusd.conf

$INCLUDE sql.conf
$INCLUDE sql/mysql/counter.conf

save and open:

sudo nano /etc/freeradius/sites-available/inner-tunnel

in authorize section uncomment sql

save, exit and restart freeradius.

sudo service freeradius restart

4. Install & Configure Daloradius
– Extra packages needed: sudo apt-get install php-db php-pear php5-gd

– Download Daloradius:
wget http://sourceforge.net/projects/daloradius/files/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz
tar zxvf daloradius-0.9-9.tar.gz

– import the daloradius schema to our radius database, password radius123.

mysql -u freeradius -p radius < daloradius-0.9-9/contrib/db/fr2-mysql-daloradius-and-freeradius.sql

– enter the database username and password:

sudo nano daloradius-0.9-9/library/daloradius.conf.php

$configValues[‘CONFIG_DB_USER’] = ‘freeradius’;
$configValues[‘CONFIG_DB_PASS’] = ‘radius123’;

Now will move Daloradius:

sudo mv daloradius-0.9-9 /var/www/html/daloradius

Before to test it install phpmyadmin: sudo apt-get install phpmyadmin

Obs! Chose apache2 and when you are ask to configure the phpmyadmin database, chose NO, database was already configured in the previous steps.

5. TESTING
http://myserver/daloradius

Username is administrator and password is radius.
Create users and NAS and dont forget to restart freeradius after that.

sudo service freeradius restart

To find out your radius server IP address, use in terminal ifconfig

6. Point AP to the RADIUS Server for authentication:

Problems encounter:

– Freeradius PID ERROR on restarting

Solution: sudo killall freeradius & sudo service freeradius start

– Debug Mode : sudo freeradius -X

– NAS device is not added in the freeradius/clients.conf
Solution added manually: sudo nano /etc/freeradius/clients.conf

client 192.168.0.1/24 {

secret = asus

shortname =tp

}

Save and restart freeradius.