Freeradius+mysql+daloradius Simple installation Configuration

Source: Internet
Author: User
Tags pear import database freeradius


I said it before. Freeradius in conjunction with AD for 802.1x authentication. This example combines Freeradius with MySQL and Daloradius on the basis of previous experimental configurationsto enable the Web-based management of radius server, and through the database for user authentication and other information storage. This example is only suitable for freeradius3.0.x versions in CENTOS7 environments .

Environment Preparation

1. freeradius Server, previously configured.

2. Components Apache,mariadb (MySQL),Daloradius, etc.

Installation Configuration1.    Install the necessary components

Yum install freeradius-mysql freeadius-client freeradius-devel php php-gd php-pear-db php-mysql httpd mariadb


"After installing pear-db in the new version of Daloradius , the front-end web will be able to work with the background database, otherwise it won't open the page"

    • Open service

Systemctl Enable httpd

Systemctl Enable MARIADB

Systemctl Start httpd

Systemctl Start mariadb
2.    ConfigurationMysql
    • Initialize configuration and build radius database and user

Mysql_secure_installation #mysql Initial security configuration



GRANT all on radius.* to [e-mail protected] identified by "Radpass"; Exit
    • importing The RADIUS database schema

Mysql-uroot–p Radius </etc/raddb/mods-config/sql/main/mysql/schema.sql
3.    ConfigurationRadiusServer SupportMysql
    • Join the sign-on connection feature


Ln–s. /mods-available/sql./#Equivalent to enabling the sql function module in Freeradius
    • Confirm The following items in/etc/raddb/radiusd.conf already contain the appropriate directory configuration

Modules {

$INCLUDE mods-enabled/


Policy {

$INCLUDE site-enabled/


l  /etc/raddb/sites-available/default " accounting{} Span style= "font-family: ' The song Body '; >, session{} post-auth{} ' open Sql

l authroize{},session{} in/etc/raddb/sites-available/inner-tunnel , post-auth{} , open SQL in the following :

Authorize {


SQL #, if any-, also remove


    • edit /etc/raddb/mods-avaible/sql, change database connection parameters


Driver = "Rlm_sql_mysql"

Server = "localhost"

Port = 3306

Login = "radius"

Password = "Radpass"

radius_db = "radius"


Read_client = yes #Allow radius to read NAS information in the database

client_table = "nas" #Specify the table that stores nas information
4.    Installation ConfigurationDaloradius
    • Download and unzip Daloradius


Tar ZXVF daloradius-0.9-9.tar.gz

MV Daloradius-0.9-9/var/www/html/radius

Chown–r Apache:apache/var/www/html/radius
    • Import Database Schema

Mysql–uroot–p Radius </var/www/html/radius/contrib/db/mysql-daloradius.sql

Mysql–uroot–p Radius </var/www/html/radius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
    • edit /var/www/html/radius/library/daloradius.conf.php, configure connection database information

$configValues [' config_db_engine '] = ' mysql ';

$configValues [' config_db_host '] = ' localhost ';

$configValues [' config_db_port '] = ' 3306 ';

$configValues [' config_db_user '] = ' radius ';

$configValues [' config_db_pass '] = ' radpass ';

$configValues [' config_db_name '] = ' radius ';

$configValues [' config_file_radius_proxy '] = '/etc/raddb/proxy.conf ';

$configValues [' config_path_radius_dict '] = ';

$configValues [' config_path_dalo_variable_data '] = '/var/www/html/radius/var ';
5.    TestDaloradius

l login Http:// to see if the page can be developed normally. The default user is administraor , Password:radius. Under normal circumstances, you can see the Home page after login

650) this.width=650; "src=" Http:// "style=" width : 450px;height:429px; "title=" 00.png "width=" height= "429" border= "0" hspace= "0" vspace= "0" alt= " Wkiol1auuoytqvepaaeapdz52w0912.png "/>

l Test NAS Management

Remove the items from the switches previously defined in/etc/raddb/clients.conf, add the switch nas to the Web page again, and verify whether the Windows client can authenticate properly.

650) this.width=650; "src=" Http:// "style=" width : 584px;height:460px; "title=" 01.png "width=" 584 "height=" 460 "border=" 0 "hspace=" 0 "vspace=" 0 "alt=" Wkiom1auul7wqrnlaafwx-qg_zq180.png "/>

l View Authentication Login information

If there is a validation result, it is displayed in the Radpostauth table in the database

Mysql–uroot–p radius

>select * from Radpostauth;


This example simply explains the installation process, the implementation of simple verification information to view,Daloradius combined with radius can do a lot of other functions , such as firewall VPN authentication, etc. With my constant understanding of dalor, I will continue to give specific functions of the use of the way.

Freeradius+mysql+daloradius Simple installation Configuration

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.