在树莓派上安装GUI的FreeRadius(Raspberry PI based FreeRadius Server with GUI)

最新推荐文章于 2024-08-09 08:02:56 发布
最新推荐文章于 2024-08-09 08:02:56 发布
阅读量2.3k 收藏
点赞数
分类专栏: raspberry

Raspberry PI based FreeRadius Server with GUI

I run a small wireless network for a non-profit organization in my home town, it consists of a single high site with internet connectivity, with nine client sites connecting via wireless. The network is built with Ubiquiti hardware, with a Mikrotik 750 handling the routing. I also use this network for experimentation and learning. One of the things that I have been keen on doing is managing it as though it is a commercial network in terms of the network architecture. To this end I have decided to deploy a Raspberrry Pi based Radius server for PPPoE Authentication. The Mikrotik will serve as the PPPoE server, and the Raspberry Pi Radius server will be managed with DaloRADIUS. The instructions below should be easy to use on any Debian based distro.



This tutorial will not cover installation of Raspbian onto your Raspberry Pi.

What you will need: 

  • A Raspberry Pi Model B
  • A 4GB+ SD Card running Raspbian
  • SSH Access (or a terminal on the device)
  • PPPoE server (Mikrotik 750 in my case)
  • An internet connection
Raspberry Pi Model B



Log into the Raspberry Pi via SSH or a Terminal Window:
Configure the IP Address

Edit /etc/network/interfaces to reflect your network settings
vi /etc/network/interfaces
Change from: 
iface lo inet loopback
iface eth0 inet dhcp
allow-hotplug wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp
To:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.3.0.2
netmask 255.255.255.252
gateway 10.3.0.1
dns-nameservers 10.0.0.1
allow-hotplug wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet dhcp

Remember to adjust for your own network parameters 

Install FreeRADIUS and other prerequisites, remember to note the password for your mysql server:

$apt-get install freeradius freeradius-mysql apache2 php5 libapache2-mod-php5 mysql-server mysql-client php5-mysql php-pear php5-gd php-db

Download and extract the DaloRADIUS package to /var/www:

cd /usr/src
wget http://downloads.sourceforge.net/project/daloradius/daloradius/daloradius0.9-9/daloradius-0.9-9.tar.gz
tar zxvf daloradius-0.9-9.tar.gz -C /var/www/
mv /var/www/daloradius-0.9-9/ /var/www/daloradius
cd /var/www/daloradius
Configure the DaloRadius/Freeradius database

mysql -uroot -p
mysql>create database radiusdb;
mysql>exit
mysql -u root -p radiusdb < /usr/src/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
mysql -u root -p
mysql>CREATE USER 'radiususer'@'localhost';
mysql>SET PASSWORD FOR 'radiususer'@'localhost' = PASSWORD('radiuspass');
mysql>GRANT ALL ON radiusdb.* to 'radiususer'@'localhost';
mysql>exit
You will aslo need to configure DaloRadius to connect to the database:
vi /var/www/daloradius/library/daloradius.conf.php
Input the following values 
$configValues['DALORADIUS_VERSION'] = '0.9-9';
$configValues['FREERADIUS_VERSION'] = '2';
$configValues['CONFIG_DB_ENGINE'] = 'mysql';
$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radiusuder';
$configValues['CONFIG_DB_PASS'] = 'radiuspass';
$configValues['CONFIG_DB_NAME'] = 'radiusdb';
The default configuration of FreeRADIUS loads user accounts from a file located at /etc/freeradius/users.
It makes sense to test the functioning of FreeRADIUS before trying to link it to a database. To activate the test user you have to edit /etc/freeradius/users: 
vi /etc/freeradius/users
Uncomment the following lines: 
#"John Doe" Cleartext-Password := "hello"
# Reply-Message = "Hello, %{User-Name}"
To look like this: 
"John Doe" Cleartext-Password := "hello"
Reply-Message = "Hello, %{User-Name}"
Restart the freeradius service and show the debug console to make sure all is well:
$/etc/init.d/freeradius stop
$freeradius -XXX
If all goes well you will be presented with the last line :
Info: Ready to process requests.

Press CTRL+C to disconnect.
Start the freeradius service again
$/etc/init.d/freeradius start
Use radtest to make sure that you can authenticate against the file: 

$radtest "John Doe" hello 127.0.0.1 0 testing123 
Sending Access-Request of id 180 to 127.0.0.1 port 1812
        User-Name = "John Doe"
        User-Password = "hello"
        NAS-IP-Address = 127.0.1.1
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000

Now it is time to switch over to mysql authentication: 
$vi /etc/freeradius/radiusd.conf
Change the lines that read: 
# $INCLUDE sql.conf&lt
# $INCLUDE sql/mysql/counter.conf
To: 
$INCLUDE sql.conf
$INCLUDE sql/mysql/counter.conf
Update the configuration to reflect the database username and password as chosen earlier:
$vi /etc/freeradius/sql.conf

        server = "localhost"
        #port = 3306
        login = "radiususer"
        password = "radiuspass"

        # Database table configuration for everything except Oracle
        radius_db = "radiusdb"

Uncomment the lines that read "sql" in the session, accounting and authorize sections

$vi /etc/freeradius/sites-enabled/default 
Uncomment sql in authorize{}
# See “Authorization Queries” in sql.conf
sql
Uncomment sql in accounting{}
# See “Accounting queries” in sql.conf
sql
Uncomment sql in session{}
# See “Simultaneous Use Checking Queries” in sql.conf
sql
Uncomment sql in post-auth{}
# See “Authentication Logging Queries” in sql.conf
sql

To test the configuration, stop the freeradius service:
$service freeradius stop

Then run the freeradius debug console.
$freeradius -X

If it comes back without any errors you can continue.

To enable remote authentication from a Mikrotik device edit /etc/freeradius/clients.conf
Add the following to the end of the file, changing the IP/Class as appropriate.

$vi /etc/freeradius/clients.conf

client 10.0.0.0/24 {
        secret = mikrotest
        shortname = mikrotikpppoe
        nastype= mikrotik
}

Also edit /etc/freeradius/dictionary and add mikrotik:
$vi /etc/freeradius.dictionary

and add:

$INCLUDE  /usr/share/freeradius/dictionary.mikrotik

Restart FreeRadius
$service freeradius restart

You can now log in with a web browser on http://<raspberry-ip>/daloradius
username: administrator
password: radius
445672671
关注
专栏目录
树莓派搭建Freeradius和Daloradius
12-10
树莓派搭建Freeradius和Daloradius,为小企业接入提供廉价的解决方案。
树莓派Raspberry Pi 开启freeradius -X报错Failed setting TLS maximum version
yingriyanlong的博客
01-09 789
运行freeradius -X报错信息: Failed setting TLS maximum version rlm_eap_tls: Failed initializing SSL context rlm_eap (EAP): Failed to initialise rlm_eap_tls /etc/freeradius/3.0/mods-enabled/eap[14]: Instantia...
安装freeradiusGUI管理程序dialup_admin
wu_huashan的专栏
10-08 3932
php会显示You don't have permission to access /htdocs/user_stats.php on this server如何解决? Invalid command ‘AuthUserFile’, perhaps misspelled or defined by a module not included in the server 是什么原因? 如何设置密码登陆web站点?
FreeRADIUS 服务器使用教程
最新发布
gitblog_00655的博客
08-09 854
FreeRADIUS 服务器使用教程 freeradius-serverFreeRADIUS - A multi-protocol policy server.项目地址:https://gitcode.com/gh_mirrors/fr/freeradius-server 项目介绍 FreeRADIUS 服务器项目是一个高性能且高度可配置的多协议策略服务器,支持 RADIUS、DHCPv4、DH...
树莓派配置无线连接与无线AP热点
weixin_33766805的博客
07-11 281
为什么80%的码农都做不了架构师?>>> ...
freeradius2.x】 安装和学习
orangleliu 笔记本
01-31 2205
虚拟机中centos 安装和学习 radius2 版本是2.2.x 的使用等知识 安装为了测试方面,yum安装 yum -y install freeradius* 配置文件的位置是 /etc/raddb/ 编译安装可能在 /usr/local/etc/raddb # /etc/init.d/radiusd用法:/etc/init.d/radiusd {start|stop|status|resta
freeradius-server-3.0.11.tar.gz_freeradius 源码
09-23
在深入理解`freeradius-server-3.0.11.tar.gz`这个源码包之前,我们先来了解一下RADIUS协议。RADIUS是一种C/S架构的协议,主要用于网络设备(如路由器、交换机、无线接入点等)与认证服务器之间的通信。它允许网络...
freeradius-serverFreeRADIUS-多协议策略服务器
01-28
FreeRADIUS可以在802.1x(WiFi),拨号,PPPoE,VPN,VoIP等系统上对用户进行身份验证。 它支持后端数据库,例如MySQL,PostgreSQL,Oracle,Microsoft Active Directory,Apache Cassandra,Redis,OpenLDAP等。 ...
FreeRadius windos 认证服务器
09-12
在Windows环境中安装FreeRadius,你需要下载像`FreeRADIUS-server-2.2.0-x86.exe`这样的安装程序。安装过程中,需要注意选择合适的组件和服务,如数据库驱动和EAP类型。安装完成后,配置FreeRadius的主配置文件`...
h3c freeradius comware7 教程
04-05
在 Ubuntu 系统中安装 Freeradius,并对其进行minimal 配置以便演示远程 RADIUS AAA 登录到 Comware 7 交换机。 首先,需要编辑 Freeradius 的客户端配置文件,添加必要的属性。然后,编辑用户配置文件,添加必要的...
RadiusAdmin:FreeRADIUS Web界面
02-06
Radius管理员 FreeRADIUS Web界面 RadiusAdmin是我的一个项目,旨在成为FreeRADIUS的Web界面(主要用于用户/组管理)。 RadiusAdmin用PHP编写,通过操纵FreeRADIUSSQL数据库来工作。 自然,这要求您使用rlm_sql模块进行授权和/或记帐。 FreeRADIUS'数据库由下表组成: radcheck radreply radgroupcheck radgroupreply radusergroup 在rlm_sql中,上面提到的表类似于的users文件。 此外,rlm_sql模式还包含其他一些表: 纳斯 拉达卡特
freeradius】使用radclient调试radius协议
热门推荐
orangleliu 笔记本
02-03 1万+
freeradius 自带了非常好的客户端程序 radtest, radclient 用来模拟和调试设备和通信过程。radtest多用于认证,radclient更为强大一些,认证,计费,coa都可以模拟,还可以自定义协议包非常强大。 命令帮助这里大家自己看下就好了,非常容易理解。测试的时候用的都比较简单一些。 radclient -hUsage: radclient [options] server
freeradius安装  
weixin_34418883的博客
04-22 163
CentOS 5.5 成功安装 freeradius 2.1.9 mysql安装CentOS 5.5 直接把apache、mysql、php都装上了,注意装mysql的时候,最好是把mysql-devel也装上,开始装的时候不知道是不是因为他没有装也没在freeradius连接mysql的时候没有成功。当然,如果你安装系统的时候没有选,也可以用yum来安装就可以。[root@...
freeradius
weixin_30888413的博客
11-25 275
/*以下操作为radius服务器上操作*/#更新源sudo apt-get update#先安装Mysqlsudo apt-get install -y mysql-server mysql-client #安装freeradius及所需组件sudo apt-get install -y freeradius freeradius-mysql freeradius-utils freeradius...
FreeRadius AAA Radius 工作原理
lx_mai的专栏
08-03 1902
常见的AAA service     Radius(Remote Authentication Dial-In User Service) 在 IETF 的 RFC 2865 中定义TACACS+ 常见的AAA SERVER   Cisco Secure Acce
树莓派安装GUI
qingheiheihei的博客
09-21 1480
有时安装树莓派os时,选择了不带桌面GUI的系统。但是在之后的使用过程中当需要用到GUI时,就要自行安装。下面介绍一下如何给树莓派安装GUI。 更新软件 $ sudo apt-get update -y $ sudo apt-get upgrade -y $ sudo apt-get dist-upgrade -y $ sudo apt-get clean 安装Xorg Display Server sudo apt-get install --no-install-recommends xser
linux+FreeRadius+mysql+Apache安装搭建过程
libinbin_1014的专栏
10-20 8302
linux+FreeRadius+mysql+Apache安装搭建 linux系统:centos6.5 FreeRadius:2.2.8版本源码 mysql : Ver 14.14 Distrib 5.1.73 Apache :2.2.15 好了,由于项目需要,本人搭建了Radius服务器,网上的资料坑太多,经过几天努力,已经搭建成功,现总结一下搭建的过程,方便大家一起学习。
CentOS 8 中安装配置FreeRADIUS&DaloRADIUS以及为不同SSID验证MAC等
shidb的博客
09-09 3977
CentOS 8中安装FreeRADIUS和DaloRADIUS虽然不复杂,但还是有些东西需要记录一下,以免走弯路. 安装FreeRADIUS基本配置 安装mariadb & freeradius # dnf install mariadb mariadb-server # systemctl enable mariadb # systemctl start mariadb # mysqladmin -u root password "pass" # 上一步可先不做,未设密码时可以直接在root
FreeRADIUS 3.0 在 CentOS 7.0 上的安装和配置指南
安装FreeRADIUS 和 MariaDB 之后,需要将它们对接,以便 FreeRADIUS 可以使用 MariaDB 进行用户认证。 1. 安装 freeradius-mysql 组件 使用以下命令安装 freeradius-mysql 组件: `rpm -ivh freeradius-...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值