#1  
Old 8th December 2008, 09:53
SaFi2266 SaFi2266 is offline
HowtoForge Supporter
 
Join Date: Aug 2007
Posts: 2
Thanks: 0
Thanked 1 Time in 1 Post
Default Freeradius configure issue [SOLVED]

Dear All
This is my first post here.
I'm trying to Setting Up A FreeRADIUS Based AAA Server With MySQL & Management With Daloradius on Ubuntu 8.10 (intrepid) As is well known that the intrepid come with FR 2.x and Because I do not need (openssl, tls, and ttls) I just install FR and it's dependencies from apt-get, then I fellow the tutorial on Authentication, Authorization & Accounting With FreeRadius & MySQL Backend & Web Based Management with Daloradius to proceed with this howto I reached to the point where how can test FR working properly or not, firstly with files module, at this point I am completely confused because after running FR in debug mode with
Code:
freeradius -X
and from another shell test it with
Code:
radtest abc 123 localhost 1812 testing123
I get the answer like this
Code:
Sending Access-Request of id 46 to 127.0.0.1 port 1812
        User-Name = "abc"
        User-Password = "123"
        NAS-IP-Address = 10.10.0.11
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=46, length=32
        Reply-Message = "Hello, abc"
but on debug screen I get this
Code:
rad_recv: Access-Request packet from host 127.0.0.1 port 47363, id=46, length=55
        User-Name = "abc"
        User-Password = "123"
        NAS-IP-Address = 10.10.0.11
        NAS-Port = 1812
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "abc", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
[files] users: Matched entry abc at line 204
        expand: Hello, %{User-Name} -> Hello, abc
++[files] returns ok
        expand: %{User-Name} -> abc
[sql] sql_set_user escaped user --> 'abc'
rlm_sql (sql): Reserving sql socket id: 3
        expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = 'abc'           ORDER BY id
        expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = 'abc'           ORDER BY priority
rlm_sql (sql): Released sql socket id: 3
[sql] User abc not found
++[sql] returns notfound
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "123"
[pap] Using clear text password "123"
[pap] User authenticated successfully
++[pap] returns ok
+- entering group post-auth {...}
        expand: %{User-Name} -> abc
[sql] sql_set_user escaped user --> 'abc'
        expand: %{User-Password} -> 123
        expand: INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           '%{User-Name}',                           '%{%{User-Password}:-%{Chap-Password}}',                           '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           'abc',                           '123',                           'Access-Accept', '2008-12-08 09:13:52')
rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth                           (username, pass, reply, authdate)                           VALUES (                           'abc',                           '123',                           'Access-Accept', '2008-12-08 09:13:52')
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql_mysql: MYSQL check_error: 1054 received
rlm_sql (sql) in sql_postauth: Database query error - Unknown column 'username' in 'field list'
rlm_sql (sql): Released sql socket id: 2
++[sql] returns fail
Using Post-Auth-Type Reject
+- entering group REJECT {...}
        expand: %{User-Name} -> abc
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 0 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 0
Sending Access-Reject of id 46 to 127.0.0.1 port 47363
        Reply-Message = "Hello, abc"
Waking up in 4.9 seconds.
Cleaning up request 0 ID 46 with timestamp +95
What is supposed that's mean is it FR working or not, forgive me if this is stupid question but I need confirmation to proceed or rechech the configuration from beginning

TIA
SaFi

Last edited by SaFi2266; 11th December 2008 at 19:20.
Reply With Quote
Sponsored Links
  #2  
Old 11th December 2008, 19:18
SaFi2266 SaFi2266 is offline
HowtoForge Supporter
 
Join Date: Aug 2007
Posts: 2
Thanks: 0
Thanked 1 Time in 1 Post
Default Ubuntu 8.10 & FreeRADIUS 2.x Management With DaloRADIUS 0.9-7

Hi, again

Since posting this issue and I'm keep trying to find a proper solution to get finally all configurations worked. I've read all the conf files, doing a lot of searches. at last I discover that I was hasty reckless and inattentive.

Now you can concern this is little modification to get FreeRADIUS on Ubuntu 8.10 work with daloRADIUS 0.9-7 perfectly.

First of all you can fellow this Howto till to reach when FR start, it seem it is started with something like this
Code:
/var/run/freeradius/freeradius.pid not found
in fact FR didn't work in spite it tell it Start [OK]
to fix this go to /etc/freeradius/radiusd.conf search on
Code:
run_dir = ${localstatedir}/run/radiusd
change it to
Code:
run_dir = ${localstatedir}/run/freeradius
and replace
Code:
pidfile = ${run_dir}/radiusd.pid
with
Code:
pidfile = ${run_dir}/freeradius.pid
stop FR then restar it
Code:
/etc/init.d/freeradius stop
/etc/init.d/freeradius start
then FR will started normally and generate it's pid file
after that you can test FR worked like this: add any user on your local machine to /etc/freeradius/uers then test it with
Code:
radtest user passwd localhost 1812 testing123
it is work for me and I get
Code:
Sending Access-Request of id 46 to 127.0.0.1 port 1812
        User-Name = "user"
        User-Password = "passwd"
        NAS-IP-Address = 10.10.0.11
        NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=46, length=32
then you ready to configure FR with MySQL, it is quite simple thing, just fellow these steps
  1. go to the file /etc/freeradius/sites-enabled/default and comment out sql from the sections {authorize, accounting and session} you can comment unix and files from section {authorize}
  2. add database and user "radius" or whatever name you prefer to your radius db to MySQL server like this
    first login to you server
    Code:
    mysql -u root -p
    then
    Code:
    CREATE DATABASE radius;
    GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radpass";
    FLUSH PRIVILEGES;
    exit;
    or simply use phpmyadmin for that purpose
  3. edit the file /etc/freeradius/sql.conf to meet your setting (location, username ,password and db name) near the bottom of the file comment out the readclients = no and made it like this
    Code:
    readclients = yes
  4. Download sql_schema & daloradius.conf zipped files to /opt and unzip it
  5. add database schema to your database radius like this
    Code:
    mysql -u root -p radius < /opt/mysql-dalo-and-fr2x.sql
Now you ready to download daloRADIUS to your PC then move it to your Ubuntu machine in /opt and untar it there.
to configure it with MySQL & FR you may fellow this steps
  1. edit the file /opt/daloradius.conf to meet your configuration the replace it with original one on /opt/daloradius-0.9-7/library/daloradius.conf
  2. if you didn't install the necessary packages and extensions yet you can do it now by
    Code:
    apt-get install apache2 php5 php5-mysql php5-gd php-pear php5-db
  3. Code:
    cd /opt
    cp daloradius-0.9-7/ /var/www -R
    chown www-data:www-data /var/www/daloradius-0.9-7 -R
    chmod 644 /var/www/daloradius-0.9-7/library/daloradius.conf
    cd /
  4. Edit the /etc/apache2/apache2.conf file and append this to the end of the file
    Code:
    Alias /radius-admin "/var/www/daloradius-0.9-7/"
       <Directory /var/www/daloradius-0.9-7/>
          Options None
          order deny,allow
          deny from all
          allow from 127.0.0.1 
          allow from x.x.x.x ## assign here whatever IP's addresses that you can access to your daloradius admin from it
     </Directory>
  5. restart apache
    Code:
    /etc/init.d/apache2 restart
  6. point to http://your-server-ip/radius-admin and login with

    username: administrator
    password: radius
  7. you can now test it by adding your nas to the nas list
  8. Congratulations you are done

I attach here the two files (schema & conf) in case the it's link broken. please remove txt extension from both after you dl it
Attached Files
File Type: txt daloradius.conf.txt (1.3 KB, 777 views)
File Type: txt url.txt (70 Bytes, 515 views)
Reply With Quote
The Following User Says Thank You to SaFi2266 For This Useful Post:
falko (12th December 2008)
  #3  
Old 15th December 2008, 11:42
awan awan is offline
Junior Member
 
Join Date: Sep 2007
Posts: 23
Thanks: 0
Thanked 1 Time in 1 Post
Default freeradius on desktop or server version ?

Hey there SaFi2266,
Im glad that it finally worked for u. U put quite an effort in documenting all that. It would be nice if u put this in the form of a complete howto.

The reason I say that is because Ive ran into lots of ppl who make the mistake of replicating this howto on to ubuntu 8.10 desktop instead of using the server edition, which the original howto was written for.

Server & Desktop versions have quite a bit of differences & can lead someone to rip their hair off of his head if hes a newbie.

Anyway I would always deploy server versions on production systems. Mind u intrepid ibex has 18 month support line, unlike 8.4 which run till 2013 ( 5 years).
Regards
--
Oz
Reply With Quote
  #4  
Old 16th December 2008, 06:58
awan awan is offline
Junior Member
 
Join Date: Sep 2007
Posts: 23
Thanks: 0
Thanked 1 Time in 1 Post
Default spam ?

Hey there falko,
I was just curious is this spam or its only me having issues translating this ?
Regards
--
Oz
Reply With Quote
  #5  
Old 25th December 2008, 20:23
patigoal patigoal is offline
Junior Member
 
Join Date: Dec 2008
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Question freeradius accounting

Hi all
i configured my freeradius server with pppoe
every thing is ok instead of the file acct_user, it contains a sctipts needed to change the session-timeout attr. but nothing is done
there is no error in the output of (radiuds -X):
1) can you help me to correct this.
2) i need a soulution to change a session-timeout for the user when he disconnects.

regards
Reply With Quote
  #6  
Old 24th July 2011, 08:32
geolaw geolaw is offline
Junior Member
 
Join Date: Jul 2011
Posts: 1
Thanks: 0
Thanked 1 Time in 1 Post
Default rlm_sql (sql) in sql_postauth: Database query error - Unknown column 'username' in 'f

I also followed the guide and was getting the sql error on the username field.

My fix - which seems to have fixed at least radius for now was 2 sql queries:

alter table radpostauth change user username varchar(64);
alter table radpostauth change date authdate timestamp default CURRENT_TIMESTAMP;
Reply With Quote
The Following User Says Thank You to geolaw For This Useful Post:
falko (25th July 2011)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
pdo_mysql install issue digen Server Operation 3 7th January 2008 15:16
Error compile Courier-Authlib pcom11 Server Operation 1 29th September 2007 13:15
Howto configure Glue Records DVS Suggest HOWTO 1 27th May 2007 10:11
Configure Mail Server (Post) Mariel Installation/Configuration 3 25th April 2007 15:01
Configure Mail Server (PostFix) Mariel Installation/Configuration 4 24th April 2007 20:10


All times are GMT +2. The time now is 08:49.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.