Freeradius installation Guide on CentOS 7

Freeradius installation Guide on CentOS 7 prerequsities [GitHub] CentOS 7 freeradius-3.0.16 Referencehttp://blog.csdn.net/cluniquecui/article/details/42490423 http://blog.csdn.net/name_kongkong/article/details/53010377 Downloads

git clone https://github.com/FreeRADIUS/freeradius-server.git
CD Freeradius-server
Git branch-a
git checkout v3.0.x build and Install

Yum install-y libtalloc-devel Openssl-devel make autoconf
RPM-IVH mysql-community-common-5.7.20-1.el7.x86_64.rpm
RPM-IVH mysql-community-libs-5.7.20-1.el7.x86_64.rpm
RPM-IVH mysql-community-client-5.7.20-1.el7.x86_64.rpm
RPM-IVH mysql-community-devel-5.7.20-1.el7.x86_64.rpm>
CD Freeradius-server
./configure
Make && make install

On Ubuntu15.04:
(1) talloc
$ wget https://www.samba.org/ftp/talloc/talloc-2.1.0.tar.gz
$ tar zvxf Talloc-2.1.0.tar.gz
$ cd talloc-2.1.0
$/configure--without-gettext
$ make && sudo make install< c6/> (2) ykclient, Yubikey
$ sudo apt-get install libykclient3
$ sudo apt-get install Libykclient-dev
$ sudo ap T-get Install Libyubikey-dev
(3) Build
$ cd freeradius-server
$./configure
$ make && sudo Make install

Install path is:

/usr/local/sbin/

Config files are located in:

/USR/LOCAL/ETC/RADDB Run as Debug Mode

Trim the ' # ' in the below paragraph: character

Vi/usr/local/etc/raddb/users

#steve  Cleartext-password: = "testing"
#       Service-type = Framed-user,
#       framed-protocol = PPP,
#       framed-ip-address = 172.16.3.33,
#       framed-ip-netmask = 255.255.255.0,
#       framed-routing = Broadcast-listen,
#       Framed-filter-id = "Std.ppp",
#       FRAMED-MTU = 1500,
#       Framed-compression = Van-jacobsen-tcp-ip

Start RADIUS server as debug mode:

/usr/local/sbin/radiusd-x

Open another window and test with command:

/usr/local/bin/radtest Steve testing localhost 0 testing123 Enable Support for Mysql

Located in Path:

Cd/usr/local/etc/raddb/mods-config/sql/main/mysql
Ls

Would below files:

Queries.conf
Schema.sql
Setup.sql

Logon MySQL as Sample:

Mysql-u root-pabc1234! -H cent7-n3.pepstack.com

Then run script in MySQL promote:

Create database if not exists radius;
Use RADIUS;
SOURCE Schema.sql;
Flush privileges;
Create user ' radius ' @ ' cent7-n1.pepstack.com ' identified by ' radpass1234! ';
Revoke all privileges,grant option from ' radius ' @ ' cent7-n1.pepstack.com ';
Grant all privileges in radius.* to ' radius ' @ ' cent7-n1.pepstack.com ';
Flush privileges;

Backup Default Config file:

cd/usr/local/etc/raddb/sites-available/
CP Default Default.bak

Replace all '-sql ' with ' sql ' in '/usr/local/etc/raddb/site-enabled/default ' as below:

Vi/usr/local/etc/raddb/sites-enabled/default

        #  "Authorization Queries" in Mods-available/sql
        sql ...
        #
        #  "Accounting queries" in Mods-available/sql
        SQL

        ...

        #
        #  "Authentication Logging Queries" in Mods-available/sql
        sql

Comment All ' files ' as below:

Vi/usr/local/etc/raddb/sites-enabled/default

        #  Read the ' users ' file.  In V3, this is located in
        #  raddb/mods-config/files/authorize
        #!--files
...

        #  Read the ' acct_users ' file
        #!--files
...

        #  Uncomment the following line if your want to change attributes
        # as  defined in the Preproxy_users 0/>#       Files

Replace section in '/usr/local/etc/raddb/mods-available/sql ' with below:

SQL {
        # the Sub-module to execute queries. This is should match
        # The database you ' re attempting to connect to
        . # # * Rlm_sql_mysql # * Rlm_sql_mssql # * rlm_sql_oracle # *    rlm_sql_postgresql
        #    * Rlm_sql_sqlite
        # *    rlm_sql_null (log queries to disk)
        #
        Driver = ' rlm_sql_mysql '

        ...

        # Connection Info:
        #
        Server = "cent7-n3.pepstack.com"
        port = 3306
        Login = "radius"
        password = " radpass1234! "

        # Database table configuration for everything except Oracle
        radius_db = "radius"

Create link as below:

Cd/usr/local/etc/raddb/mods-enabled
Ln-s.. /mods-available/sql SQL Create account for Test

Create a new RADIUS user in MySQL database:

Mysql-u radius-pradpass1234! -H cent7-n3.pepstack.com
MySQL > Use radius;
MySQL > INSERT into Radcheck (id,username,attribute,op,value) VALUES (' 2 ', ' Zhang ', ' Cleartext-password ', ': ', ', ' Liang ');
Quit

Start RADIUS server:

/usr/local/sbin/radiusd-x

Start RADIUS test Client:

/usr/local/bin/radtest Zhang Liang localhost 1812 testing123

That shows:

Sent access-request Id 147 from 0.0.0.0:54246 to 127.0.0.1:1812 length
    user-name = "Zhang"
    user-password = "lia Ng "
    nas-ip-address = 192.168.122.223
    nas-port = 1812
    message-authenticator = 0x00
    Cleartext-password = "Liang"
Received access-accept Id 147 from 127.0.0.1:1812 to 0.0.0.0:0 length 20

In the RADIUS terminal windows shows like below:

...
(0) sql:executing Query:insert into Radpostauth (username, pass, reply, authdate) VALUES (' Zhang ', ' Liang ', ' ACCESS-ACC Ept ', ' 2017-12-19 07:59:59 ')
(0) sql:sql query returned:success
(0) sql:1 record (s) Updated
rlm_sql (SQL): Released connection (1)
(0)     [SQL] = OK
(0)     [exec] = NoOp
(0)     policy remove_reply_message_if_ EAP {
(0)       if (&reply:eap-message && &reply:reply-message) {
(0)       if (&reply: Eap-message && &reply:reply-message)  -> FALSE
(0)       else {
(0)         [noop] = NoOp
(0)       } # else = NoOp
(0)     } # Policy remove_reply_message_if_eap = NoOp
(0)   } # Post-auth = OK
(0) Sent A Ccess-accept Id 147 from 127.0.0.1:1812 to 127.0.0.1:54246 length 0
(0) finished request
waking down in 4.9 second S.
(0) Cleaning up request Packet ID 147 and timestamp +9
Ready to process requests

Modifiy clients.conf as below for accepting a BRAS IP:

Client localhost {
ipaddr = 127.0.0.1
ipv4addr = * any    .  127.0.0.1 = = localhost
secret = testing123
}

So all are are done.