User Guide

Install And Configure Freeradius

This document describes how to install Freeradius server & enable it to use MySQL database as its backend. Here we'll be using the same database that we created in How to Install Access Manager.

Install Freeradius Server

Use following command to install Freeradius Server and supporting packages.

user@host~$  sudo apt-get install freeradius freeradius-common freeradius-mysql freeradius-utils

Enable Vendor Specific Attributes (Mikrotik)

Along with general/common attributes, freeradius also supports vendor specific attributes. But, by default, none of them is enabled. Since Access Manager utilizes Mikrotik specific attributes we need to enable it in Freeradius first. And to do that, open dictionary file.

user@host~$  sudo nano /etc/freeradius/dictionary

And add the following line

$INCLUDE /usr/share/freeradius/dictionary
$INCLUDE /usr/share/freeradius/dictionary.mikrotik

You also need to open /usr/share/freeradius/dictionary.mikrotik and check & confirm if it contains following two lines, and if it doesn't add them.

ATTRIBUTE Mikrotik-Total-Limit 17 integer
ATTRIBUTE Mikrotik-Total-Limit-Gigawords 18 integer

Enable MySQL Support

Enable SQL Module

In latest releases of freeradius, sql configuration is kept in a separate file, and linked with the main radiusd.conf with an $INCLUDE. So, open the radiusd.conf

user@host~$  sudo nano /etc/freeradius/radiusd.conf

And un-comment the following line by ommiting #.

$INCLUDE sql.conf

Next we've to tell virtual server to use MySQL Database for user authorization and accounting. So, open the default virtual server's config file.

user@host~$  sudo nano sites-enabled/default

Locate and un-comment 'sql' under 'Authorization', 'Accountion' and 'Sessions' blocks by omitting #.

authorize { accounting { sessions {
..... ..... .....
sql sql sql
..... ..... .....
} } }

Update Database Credentials

Note: We'll be using database created while installing Access Manager, if you've not installed Access Manager yet, please do so by following How to Install Access Manager

And last thing, to complete freeradius and mysql setup, is to update freeradius's sql.conf with our database credentials. So, open the sql.conf.

user@host~$  sudo nano /etc/freeradius/sql.conf

And update the credentials as following:

sql {
server = 'localhost'
login = 'root'
password = '123456'
radius_db = 'acmanager'

As we also want to store NAS information into database, scroll down in the same file, and un-comment the following line by ommiting the #.

readclients = 'yes'

Save & exit the editor, and we've completed freeradius-mysql configuration.To check if freeradius is working OK after making the above mentioned changes, issue following commands to stop freeradius instance and re-start it in debug mode.

user@host~$  sudo service freeradius stop
user@host~$  sudo freeradius -X

You'll see a lot of text being printed on your screen. Just check the last line, if there're any issues, you'll need to find out the cause of error by analysing the outout on the screen. Otherwise, if everything goes well and the last line on the screen is "Ready to process requests", you've done it well. Press ^C to stop this freeradius instance and exit debug mode. And proceed to Integrating Access Manager with Freeradius