This guide will discuss how to install FreeRADIUS and Daloradius on Debian 10 (Buster) Linux. RADIUS is a network protocol used for remote user authentication, authorization and accounting. FreeRADIUS is an open source RADIUS server commonly used on Linux, Unix and embedded systems.
daloRADIUS is a web-based RADIUS management tool written in PHP. It was created to ease the management and administration of RADIUS server and hotspots devices (NAS). It comes with a powerful graphical reporting and accounting, billing and advanced user management features.
Our next steps will help you to install and configure both freeRADIUS and daloRADIUS on Debian 10 Linux.
Step 1: Update your Server
Update your package index by running the command:
sudo dnf -y updateStep 2: Install and Configure Database Server
We’ll be using MariaDB but any other supported database server can be used. Install MariaDB on Debian 10 by using our guide:
How to install MariaDB on Debian 10
Once installed, create a database and user for FreeRADIUS/daloRADIUS.
$ mysql -u root -p
CREATE DATABASE radius;
GRANT ALL ON radius.* TO [email protected] IDENTIFIED BY "StrongradIusPass";
FLUSH PRIVILEGES;
\qConfirm that radius database user can access database granted.
$ mysql -u radius -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 48 Server version: 10.3.17-MariaDB-0+deb10u1 Debian 10 Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> SHOW DATABASES; +--------------------+ | Database | +--------------------+ | information_schema | | radius | +--------------------+ 2 rows in set (0.001 sec) MariaDB [(none)]> QUIT Bye
Step 3: Install Apache Web Server and PHP
We’ll use Apache httpd server to host daloRADIUS on Debian 10 Linux system. Install both httpd and PHP packages with the following command.
sudo apt -y install apache2
sudo apt -y install php libapache2-mod-php php-{gd,common,mail,mail-mime,mysql,pear,mbstring,xml,curl}Check the version of PHP installed to confirm the installation was successful.
$ php -v
PHP 7.3.9-1~deb10u1 (cli) (built: Sep 18 2019 10:33:23) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.9, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.3.9-1~deb10u1, Copyright (c) 1999-2018, by Zend Technologies
Let’s validate the start by checking status of the two services.
systemctl status apache2Allow http and https ports on the firewall is ufw is enabled.
sudo ufw allow http
sudo ufw allow httpsStep 4: Installing FreeRADIUS on Debian 10 Linux
FreeRADIUS packages are available on default Debian repositories. There is no special pre-requisite for this installation.
To install, just run the command.
sudo apt -y install freeradius freeradius-mysql freeradius-utilsStart the service after installation.
sudo systemctl enable --now freeradius.service Now you can check the status:
$ systemctl status freeradius
● freeradius.service - FreeRADIUS multi-protocol policy server
Loaded: loaded (/lib/systemd/system/freeradius.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2019-10-10 21:10:22 UTC; 26min ago
Docs: man:radiusd(8)
man:radiusd.conf(5)
http://wiki.freeradius.org/
http://networkradius.com/doc/
Main PID: 15918 (freeradius)
Tasks: 6 (limit: 4719)
Memory: 10.6M
CGroup: /system.slice/freeradius.service
└─15918 /usr/sbin/freeradius
.......
Step 5: Configure FreeRADIUS on Debian 10
To Configure FreeRADIUS to use MariaDB, follow steps below.
1 – Import the Radius database scheme to populate radius database
sudo su - mysql -u root -p radius < /etc/freeradius/3.0/mods-config/sql/main/mysql/schema.sql
2 – Configure Radius
First you have to create a soft link for SQL module.
sudo ln -s /etc/freeradius/3.0/mods-available/sql /etc/freeradius/3.0/mods-enabled/
Configure SQL module by changing the database connection parameters to suite your environment:
sudo vim /etc/freeradius/3.0/mods-enabled/sql- sql section should look similar to below.
sql {
driver = "rlm_sql_mysql"
dialect = "mysql"
# Connection info:
server = "localhost"
port = 3306
login = "radius"
password = "StrongradIusPass"
# Database table configuration for everything except Oracle
radius_db = "radius"
}
# Set to ‘yes’ to read radius clients from the database (‘nas’ table)
# Clients will ONLY be read on server startup.
read_clients = yes
# Table to keep radius client info
client_table = "nas"
Then change group right of /etc/freeradius/3.0/mods-enabled/sql
sudo chgrp -h freerad /etc/freeradius/3.0/mods-available/sql sudo chown -R freerad:freerad /etc/freeradius/3.0/mods-enabled/sql
Restart radiusd service
sudo systemctl restart freeradiusStep 6: Install and Configure Daloradius
You can use Daloradius to manage radius server from a web interface. This is an optional configuration which you can select depending on your use case.
Download daloradius release archive from Github.
sudo apt -y install wget unzip wget https://github.com/lirantal/daloradius/archive/master.zip unzip master.zip mv daloradius-master/ daloradius
Change directory for configuration
cd daloradius
Import Daloradius mysql tables
mysql -u root -p radius < contrib/db/fr2-mysql-daloradius-and-freeradius.sql mysql -u root -p radius < contrib/db/mysql-daloradius.sql
Move daloradius folder to path in /var/www/html
cd .. sudo mv daloradius /var/www/html/
Then change permissions for http folder and set the right permissions for daloradius configuration file.
sudo chown -R www-data:www-data /var/www/html/daloradius/
sudo chmod 664 /var/www/html/daloradius/library/daloradius.conf.phpYou should now modify daloradius.conf.php file to adjust the MySQL database information .
sudo vim /var/www/html/daloradius/library/daloradius.conf.php
Set database name, user and password for connection.
$configValues['CONFIG_DB_HOST'] = 'localhost'; $configValues['CONFIG_DB_PORT'] = '3306'; $configValues['CONFIG_DB_USER'] = 'radius'; $configValues['CONFIG_DB_PASS'] = 'StrongradIusPass'; $configValues['CONFIG_DB_NAME'] = 'radius';
To be sure everything works, restart radiusd and httpd services.
sudo systemctl restart freeradius.service apache2
Step 7: Access daloRADIUS Web Interface
daloRADIUS management web interface is accessible on http://server_ip_or_hostname/daloradius.
The default login details are:
Username: administrator Password: radius
This is how daloRADIUS interface looks like.
Enjoy using . For installation on CentOS 7/8 & Ubuntu, check:
Install FreeRADIUS & daloRADIUS on CentOS 7
Install FreeRADIUS and daloRADIUS on CentOS 8 / RHEL 8
Install FreeRADIUS & daloRADIUS on Ubuntu 18.04
