Register a domain and help support LQ
Go Back > Blogs > Kashif Aziz Awan
User Name


Rate this Entry

Dalo Radius Server how to...?

Posted 11-27-2008 at 07:44 AM by kashifazizawan

Freeradius 2.05.1 Howto with mysql
(date: 28-7-2008 by Osman)

This tutorial explains how you can set up a FreeRadius server with Wifi authentication and accounting in conjunction with mysql & web management with daloradius on Ubuntu 8.04. This howto should work for a newbie. Production deployment is also possible with minor tweaking. But as usual I do not guarantee anything & take no responsibilities if something goes wrong.
(For basic how-to refer to my doc

Following steps are involved:

1- Building Ubuntu 8.04.x binary rpms
2- Installing the binary packages
3- Configuring the FR with mysql
4- Setting up web management with Daloradius

Step 1- Building Ubuntu 8.04. packages
before building freeradius Ubuntu 8.04 package we have to apt-get some packages, necessary for build process.
apt-get install debhelper libltdl3-dev libpam0g-dev libmysqlclient15-dev libmysqlclient-dev libgdbm-dev libldap2-dev libsasl2-dev libiodbc2-dev libkrb5-dev snmp autotools-dev dpatch libperl-dev libtool dpkg-dev libpq-dev libsnmp-dev libssl-dev

Get hold of source of Freeradius and start building package like given below.

cd ~
apt-get source freeradius

Note: It is recommended that u carry this building process on a non-production server. & move over the final binary rpms over to the produtions server. But it isn't mandatory if u know what ur doing.

cd freeradius-1.1.7/
edit rule file ( debian/rule )
vi debian/rule
now search for these lines
--without-rlm_eap_tls \
--without-rlm_eap_ttls \
--without-rlm_eap_peap \
and change them to look like this.
--with-rlm_eap_tls \
--with-rlm_eap_ttls \
--with-rlm_eap_peap \
now search for these lines and delete them.
for pkg in $(shell grep ^Package debian/control | awk '{print $$2}') ; d
o \
if dh_shlibdeps -p $$pkg -- -O | grep -q libssl; then \
echo "$$pkg links to openssl" ;\
exit 1 ;\
fi ;\
Save changes and quit vi. Now edit the control file (debian/control)
vi debian/control
search for the line
Build-Depends: debhelper (>= 5), libltdl3-dev, libpam0g-dev, libmysqlclient15-dev | libmysqlclient-dev, libgdbm-dev, libldap2-dev, libsasl2-dev, libiodbc2-dev, libkrb5-dev, snmp, autotools-dev, dpatch (>= 2), libperl-dev, libtool, dpkg-dev (>= 1.13.19), libpq-dev, libsnmp-dev

and append libssl-dev to the end of this line so that it look like this.

Build-Depends: debhelper (>= 5), libltdl3-dev, libpam0g-dev, libmysqlclient15-dev | libmysqlclient-dev, libgdbm-dev, libldap2-dev, libsasl2-dev, libiodbc2-dev, libkrb5-dev, snmp, autotools-dev, dpatch (>= 2), libperl-dev, libtool, dpkg-dev (>= 1.13.19), libpq-dev, libsnmp-dev, libssl-dev

Save changes and quit vi.
Note: You still might require some package for these. apt-get/aptitiude them. & rerun the rebuild process.

Assuming you are here ~/freeradius-1.1.7. Start Building packages.

dpkg-buildpackage -rfakeroot
After a while (depending on ur system) u should have .deb built in home directory.


Move these to a production server if this is ur development workstation.

Step 2- Installing the binary packages

dpkg -i reeradius_1.1.7-1build4_i386.deb
dpkg -i freeradius-mysql_1.1.7-1build4_i386.deb

After running with the out of the box configuration validate against a local user

E.g: run radius is debug mode

radiusd -X

From another shell run this while the radius -X is running

radtest abc 123 localhost 1812 testing123

Make sure the user abc with password 123 is set in the /etc/freeradius/users file)

Setp 3- Configuring the FR with mysql

Get hold of daloradius from

tar -zxvf daloradius.tar.gz
cp daloradius/ /var/www -R

First the mysql bits (Creating the db & its admin user). Do the following
from ur shell.

mysqladmin -u root password 123456
mysql -u root -p

Import the the freeradius's schema

mysql -u root -p radius < /var/www/daloradius/contrib/db/mysql-daloradius-and-freeradius.sql
mysql -u root -p # Provide passoward and you will arrive at sql environment
use database radius; #This will select database radius.
show tables; #This will show all tables from database radius.

Now edit ur /etc/freeradius/sql.conf

Reset the user/password/database parameters to reflect the the changes (eg. root/radpass/radius)
and search for the line
readclients = no
and change it to
readclients = yes

Edit the file /etc/freeradius/radius.conf

& add a line saying 'sql' to the authorize{} section (which is towards the end of the file). Also add a line saying 'sql' to the accounting{} section to tell FreeRADIUS to store accounting records in SQL as well. Optionally add 'sql' to the session{} section if you want to do Simultaneous-Use detection. Optionally add 'sql' to the post-auth{} section if you want to log all Authentication attempts to SQL.

Here is the authorize section:

authorise {
And the accounting section:

accounting {

Insert a test user in the database. go to mysql shell & run this.

mysql -u root -p
mysql>use database radius;
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('sqltest', 'Password', 'testpwd');
mysql>select * from radcheck where UserName='sqltest'; # This will show information about sqltest
mysql> exit

Fire up the radius in debug mode

radiusd -X

Go to another shell run the test

radtest sqltest testpwd localhost 1812 testing123

Congratulations freeradius + mysql setup is working.

4- Setting up web management with Daloradius

For fancy web based GUI managment & more read on.

############# For daloRADIUS version 0.9-7 stable release ##############
# by Liran Tal of Enginx <>

Prerequisites are


Apache 1/2, PHP 4/5, PHP GD , PHP DB Abstraction Layer (may require PHP Pear), MySQL 4/5

apt-get install apache2
apt-get install php php-mysql php-pear php-gd php-pear-DB

Change permission and ownership.

chown apache:apache /var/www/daloradius -R
chmod 644 /var/www/daloradius/library/daloradius.conf

Daloradius needs to add few more tables to the radius database we already created earlier
(Note: The schemas in the daloradius/contrib/db folder won't work out of the box u need to modify them to get them working)

Now, simply adjust the MySQL database information in daloRADIUS's config file.

cd /var/www/daloradius/library/
vi daloradius.conf

Fill in the database details, few important parameters are listed below

CONFIG_DB_PASS = radpass

Save the file and exit.

Setup the apache server

Edit the /etc/apache2/apache2.conf file & append this to the end of the file. (customize to ur likings)

Alias /daloradius "/var/www/daloradius/"
<Directory /var/www/daloradius/>
Options None
order deny,allow
deny from all
allow from

Save & exit

Restart the httpd server

/etc/init.d/httpd restart

Fire up the firefox (or neother borowser) & go to the url http://localhost/daloradius

(If this is a production server without GUI, set the "allow from <ip >" in the httpd.conf & url to it)

Login to the management:

username: administrator
password: radius

Change this information first for the sake of security. (Info is located in the operator table)

Congratulations you are done.


Posted in Uncategorized
Views 21466 Comments 1
« Prev     Main     Next »
Total Comments 1


  1. Old Comment
    Posted 10-25-2010 at 08:57 AM by kashifazizawan kashifazizawan is offline


All times are GMT -5. The time now is 08:51 AM.

Main Menu

Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration