Recently, I need to understand how Radius works, so I build a simple Radius server to learn how radius works. The setup here is fairly a basic setup. My goal is just to make a simple radius server up and running.
After a googling session, I decide to use freeradius as the Radius Server. Lets start,
Because I'm using cent=os, of course my best option in installing free radius is using yum. So I started to check waht freeradius package is available in yum repositories
[trixbox1.localdomain ~]# yum search radius
=============================== Matched: radius ================================
freeradius.i386 : High-performance and highly configurable free RADIUS server.
freeradius-mysql.i386 : MySQL bindings for freeradius
freeradius-postgresql.i386 : postgresql bindings for freeradius
freeradius-unixODBC.i386 : unixODBC bindings for freeradius
perl-Authen-Radius.noarch : Perl module that provides simple Radius client
: facilities
Hmm, good, there is freeradius in the default repositories. So I just install the freeradius,
# yum install freeradius.i386
I also need to install freeradius-mysql.i386 to enable mysql support in the radius configuration. I am using mysql to stored the username/password database.
# yum install freeradius-mysql.i386
In this setup, I have already installed mysql database (if you don't, please do so first), so the next step is to configure the mysql database.
# mysql -u root -p
Enter password: *****
mysql>create database radius
mysql>exit
Next, import the mysql database example from /usr/share/doc/freeradius-1.1.3/examples/mysql.sql
# mysql -u root -p radius < /usr/share/doc/freeradius-1.1.3/examples/mysql.sql
The database is now populated with the data in the mysql.sql file. Populate the username information into the database, in my sql prompt, you can use this to insert username a and password: passt to the database
mysql> use radius
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('a', 'Password', 'passt');
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('a', 'Auth-Type', 'Local');
Next step is to configure freeradius to connect to mysql radius database. We need to edit configuration file in /etc/raddb. Don't forget to backup all the file in this directory before you change anything, in case you messed up the configuration.
The first configuration file we edit is sql.conf. Make sure the information the reflect the mysql database configuration.
Next, edit clients.conf. Edit the secret key as you wished.
Next, edit radius.conf file. Make sure you uncomment sql attributes in accounting and authorize section. Also, uncomment the $INCLUDE ${confdir}/sql.conf line.
The configuration is done, you now can test the radius server using
#/usr/sbin/radiusd -X.
You can locally test the radius server using this command
# radtest a passt localhost 1812 secret_key
or to simulate NAS Client and the user you can use NTRadPing or Radeaptest in windows environment.
Thats all folks.
more ...
2/13/10
FreeRadius configuration di CentOS 5.3
Subscribe to:
Posts (Atom)
