Christian WellsIn today’s digital age, network security is of utmost importance for businesses and individuals alike. One popular method of securing networks is through the use of RADIUS (Remote Authentication Dial-In User Service) protocol servers. FreeRADIUS is a powerful open-source server that allows you to set up a RADIUS protocol server on UNIX and Unix-like operating systems. With FreeRADIUS, you can authenticate and account for various types of network access, such as hotspots and VPN protocols.
In this tutorial, we will walk you through the step-by-step process of installing FreeRADIUS on a server running Ubuntu 20.04. We will also show you how to configure FreeRADIUS to work with MySQL/MariaDB and install Daloradius, a web-based GUI (graphical user interface) for managing FreeRADIUS. By the end of this tutorial, you will have a fully functional FreeRADIUS server with a user-friendly web interface.
Prerequisites
Before we begin, there are a few prerequisites that you need to have in place:
- A server running Ubuntu 20.04 with a minimum of 512MB RAM, 300MB storage space, and a 1.4 GHz 64-bit CPU.
- Being logged in as a root user or a user with sudo privileges.
Getting Started
The first step is to update your system to ensure that you have the latest packages and security updates. Open your terminal and run the following commands:
sudo apt update -y sudo apt upgrade -y
The first command updates the list of available packages from their sources, while the second command downloads and installs the updates. The-y flag is used to automatically answer “yes” when asked if you want to continue with the changes. After the update process is complete, you may need to reboot your system by running the following command:
sudo reboot now
Installing Dependencies
Next, we need to install the necessary dependencies for FreeRADIUS and Daloradius. Run the following command in your terminal:
sudo apt-get install apache2 mariadb-server php libapache2-mod-php php-mail php-mail-mime php-mysql php-gd php-common php-pear php-db php-mbstring php-xml php-curl unzip wget -y
This command installs Apache, MariaDB (an open-source relational database management system), and various PHP modules required for FreeRADIUS and Daloradius to function properly.
Installing FreeRADIUS
With the dependencies installed, we can now proceed to install FreeRADIUS. Run the following command:
sudo apt -y install freeradius freeradius-mysql freeradius-utils
This command installs FreeRADIUS and the necessary utilities for it to work. Once the installation is complete, we need to test if FreeRADIUS is up and running. First, stop the FreeRADIUS service by running the following command:
sudo systemctl stop freeradius.service
Then, run FreeRADIUS in debug mode with the following command:
sudo freeradius -X
If everything is configured correctly, you should see the message “Ready to process requests” in the output. This means that FreeRADIUS is now up and running on your server.
Creating a Database
FreeRADIUS requires a database to store its settings and other information about users, clients, and network connections. We will be using MariaDB for this purpose. Log in to the MariaDB server by running the following command:
sudo mysql -u root
Once you’re logged in, create a database named radius by running the following command:
CREATE DATABASE radius;
Next, grant access to the radius database by running the following command:
GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "yourpassword";
Replace "yourpassword" with a strong password of your choice. After granting access, run the following commands to update your privileges and exit MariaDB:
FLUSH PRIVILEGES; QUIT;
To verify that the radius database was created successfully, run the following command:
mysql -u root -p -e "show databases;"
You should see the radius database listed in the output.
Installing Daloradius
Daloradius is a web-based GUI for managing FreeRADIUS. It allows you to manage multiple FreeRADIUS servers from your browser with ease. To install Daloradius, we need to download the latest version from the GitHub repository. Run the following command to download the zip file:
wget https://github.com/lirantal/daloradius/archive/master.zip
Once the download is complete, extract the zip archive using the following command:
unzip master.zip
This will create a new directory called daloradius-master. We need to rename this directory and move it to the appropriate location. Run the following commands:
mv daloradius-master daloradius
cd daloradius
Next, we need to populate the database with the Daloradius schema. The .sql file is located in the contrib/db/ folder. To import the schema, run the following commands:
sudo mysql -u root -p radius< contrib/db/fr2-mysql-daloradius-and-freeradius.sql sudo mysql -u root -p radius< contrib/db/mysql-daloradius.sql
After importing the schema, move out of the daloradius directory and move the daloradius folder into the document root of Apache. Run the following commands:
cd sudo mv daloradius /var/www/html/
Next, we need to rename a configuration file. Run the following command:
sudo mv /var/www/html/daloradius/library/daloradius.conf.php.sample /var/www/html/daloradius/library/daloradius.conf.php
To ensure that Apache has the necessary permissions to access the Daloradius files, run the following command:
sudo chown -R www-data:www-data /var/www/html/daloradius/
Next, we need to configure the main configuration file for Daloradius. Open the daloradius.conf.php file using a text editor:
sudo nano /var/www/html/daloradius/library/daloradius.conf.php
In this file, you will find several configuration values that need to be updated. Look for the following lines and modify them to match your database details:
$configValues['FREERADIUS_VERSION'] = '2'; $configValues['CONFIG_DB_ENGINE'] = 'mysqli'; $configValues['CONFIG_DB_HOST'] = 'localhost'; $configValues['CONFIG_DB_PORT'] = '3306'; $configValues['CONFIG_DB_USER'] = 'yourusername'; $configValues['CONFIG_DB_PASS'] = 'yourpassword'; $configValues['CONFIG_DB_NAME'] = 'radius';
Replace 'yourusername' with the username you used to grant access to the radius database, and replace 'yourpassword' with the corresponding password. Save and exit the file.
To ensure that all the changes take effect, restart both FreeRADIUS and Apache by running the following commands:
sudo systemctl restart freeradius sudo systemctl restart apache2
Configuring Firewall
Since FreeRADIUS and Daloradius listen on specific ports, we need to open those ports in the firewall to allow traffic. Run the following commands to enable the firewall and allow access to the necessary ports:
sudo ufw enable sudo ufw allow 1812 sudo ufw allow 1813
The first command enables the firewall, while the next two commands allow access to ports 1812 and 1813, which are used by FreeRADIUS for communication. You can verify the status of the firewall by running the following command:
sudo ufw status
Accessing Daloradius Web Interface
Now that everything is set up, you can access the Daloradius web interface by opening your browser and navigating to http://your-server-ip/daloradius/login.php. Replace your-server-ip with the IP address of your server.
You should see the login screen for Daloradius. The default username is administrator, and the default password is radius. After logging in, you will be greeted with the Daloradius web interface, where you can configure and manage your FreeRADIUS server.
Troubleshooting
While the installation process is generally straightforward, you might encounter some issues along the way. Here are a few common issues and their solutions:
- Error installing FreeRADIUS: If you encounter an error message saying “The package
freeradiushas no installation candidate,” it means that there is no PPA available for your version of Ubuntu. To fix this, consider using the latest version of Ubuntu or try removing any existing versions of FreeRADIUS before proceeding with the installation. - Wrong database configuration: If you’re unable to connect to the database after installing FreeRADIUS, double-check your database configuration. Make sure that the username, password, and database name in the Daloradius configuration file (
daloradius.conf.php) match the ones you set during the database setup. - No connection after installing FreeRADIUS and Daloradius: If you’re unable to access the Daloradius web interface or connect to your server via SSH, it might be due to a misconfiguration in the Apache or Nginx configuration files. Check these files for any references to the Daloradius web directory path (
/var/www/html/daloradius) and remove them. - No Daloradius icon in the web interface: If you don’t see the Daloradius icon in the web interface, it could be a compatibility issue with certain Ubuntu or Debian versions. To fix this, edit the
config_vars.phpfile in thedaloradius/includes/directory and add the following line:define('DALORADIUS_ENABLED', true);. Then restart the Apache web server.
Conclusion
In this tutorial, we have covered the installation and configuration of FreeRADIUS and Daloradius on Ubuntu 20.04. By following the steps outlined in this tutorial, you should now have a fully functional FreeRADIUS server with a user-friendly web interface. This setup will allow you to authenticate and account for various types of network access, providing you with the security and control you need.
We hope this tutorial has been helpful to you. If you have any further questions or need assistance, feel free to visit the official site of FreeRADIUS or contact us at Shape.host. We offer reliable and scalable Linux SSD VPS hosting services, designed to meet the needs of businesses of all sizes. Thank you for choosing Shape.host as your hosting provider.
