Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > HOWTO-Related Questions

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 5th August 2009, 06:48
awan awan is offline
Junior Member
 
Join Date: Sep 2007
Posts: 23
Thanks: 0
Thanked 1 Time in 1 Post
Default

Falko:
I am not sure if thats sarcasm or not but yes, of course u need freeradius-mysql package to be installed. but mysql module also needs to be activated from one of the configuration file. in /etc/raddb/radiusd.conf ( in debian its probably /etc/freeradius/radiusd.conf or freeradius.conf) u need to un-comment the sql directive. i.e $INCLUDE sql.conf so as to enable sql thingy.

GHz:
U running on MHz´s instead of GHzs.
You seem to be confusing freeradius 1.7.X with freeradius 2.x.
FR 2.X has slight bit of changes compared with 1.7.x. Follow the configurations setting from this tutorial while configuring the 2.X

http://www.howtoforge.com/authentica...ith-daloradius

(Be mindful of the fact that in the centos 5.x packages, configurations are installed in /etc/raddb/.. folder while in debian based distros they go into /etc/freeradius/... )

mysql schema link is also in there.

Let me know if it works & of course do cough up a nice howto about fr2 on debian. lets make some more money for falko.

Cheers
--

Ozzy
Reply With Quote
Sponsored Links
  #12  
Old 6th August 2009, 14:25
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Quote:
Originally Posted by awan View Post
Falko:
I am not sure if thats sarcasm or not
No, it was a serious question (I've never worked with freeradius before, but I was guessing that there's probably a freeradius-mysql package that is missing).
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #13  
Old 7th August 2009, 07:06
awan awan is offline
Junior Member
 
Join Date: Sep 2007
Posts: 23
Thanks: 0
Thanked 1 Time in 1 Post
Default packages !

Oh okay. Anyway yes after compiling you do end up with quite a bit of packages . E.g. I have the following packages. U can guess what are they about/for.

freeradius-2.0.5-1.i386.rpm
freeradius-debuginfo-2.0.5-1.i386.rpm
freeradius-devel-2.0.5-1.i386.rpm
freeradius-dialupadmin-2.0.5-1.i386.rpm
freeradius-dialupadmin-ldap-2.0.5-1.i386.rpm
freeradius-dialupadmin-mysql-2.0.5-1.i386.rpm
freeradius-dialupadmin-postgresql-2.0.5-1.i386.rpm
freeradius-krb5-2.0.5-1.i386.rpm
freeradius-ldap-2.0.5-1.i386.rpm
freeradius-libs-2.0.5-1.i386.rpm
freeradius-mysql-2.0.5-1.i386.rpm
freeradius-perl-2.0.5-1.i386.rpm
freeradius-postgresql-2.0.5-1.i386.rpm
freeradius-python-2.0.5-1.i386.rpm
freeradius-unixODBC-2.0.5-1.i386.rpm
freeradius-utils-2.0.5-1.i386.rpm

Cheers
--
Ozzy
Reply With Quote
  #14  
Old 19th August 2009, 23:59
GHz GHz is offline
Member
 
Join Date: Jul 2009
Location: The Netherlands
Posts: 32
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Just tried the ubuntu tutorial with ubuntu 9.04 server, but ubuntu also gets fr 2.X instead of 1.X. I just can't get it working. Does anybody else know a howto for this on Debian?
Reply With Quote
  #15  
Old 20th August 2009, 05:58
awan awan is offline
Junior Member
 
Join Date: Sep 2007
Posts: 23
Thanks: 0
Thanked 1 Time in 1 Post
Default GHz

kindly follow the advise given in above mentioned comments.
(comment #12 i.e. http://www.howtoforge.com/forums/sho...1&postcount=12 )

Cheers
--
Ozzy
Reply With Quote
  #16  
Old 18th September 2009, 10:55
GHz GHz is offline
Member
 
Join Date: Jul 2009
Location: The Netherlands
Posts: 32
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Everything is compiled now, but when installing the deb files, I am getting some warnings:

Code:
radius:/tmp# dpkg -i libfreeradius2_2.0.4+dfsg-7_i386.deb
Selecting previously deselected package libfreeradius2.
(Reading database ... 26361 files and directories currently installed.)
Unpacking libfreeradius2 (from libfreeradius2_2.0.4+dfsg-7_i386.deb) ...
Setting up libfreeradius2 (2.0.4+dfsg-7) ...

radius:/tmp# dpkg -i freeradius_2.0.4+dfsg-7_i386.deb
(Reading database ... 26367 files and directories currently installed.)
Preparing to replace freeradius 2.0.4+dfsg-7 (using freeradius_2.0.4+dfsg-7_i386.deb) ...
Unpacking replacement freeradius ...
Setting up freeradius (2.0.4+dfsg-7) ...
stripping trailing /
stripping trailing /
stripping trailing /
Starting FreeRADIUS daemon: freeradius failed!
invoke-rc.d: initscript freeradius, action "start" failed.

radius:/tmp# dpkg -i freeradius-mysql_2.0.4+dfsg-7_i386.deb
(Reading database ... 26367 files and directories currently installed.)
Preparing to replace freeradius-mysql 2.0.4+dfsg-7 (using freeradius-mysql_2.0.4+dfsg-7_i386.deb) ...
Unpacking replacement freeradius-mysql ...
Setting up freeradius-mysql (2.0.4+dfsg-7) ...
Stopping FreeRADIUS daemon: freeradius/var/run/freeradius/freeradius.pid not found....
Starting FreeRADIUS daemon: freeradius failed!
invoke-rc.d: initscript freeradius, action "force-reload" failed.
dpkg: error processing freeradius-mysql (--install):
 subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
 freeradius-mysql
and

Code:
radius:/etc/init.d# freeradius start
radius:/etc/init.d# freeradius -X
FreeRADIUS Version 2.0.4, for host i486-pc-linux-gnu, built on Sep 18 2009 at 10:37:24
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License.
Starting - reading configuration files ...
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/clients.conf
including configuration file /etc/freeradius/snmp.conf
including configuration file /etc/freeradius/eap.conf
including configuration file /etc/freeradius/policy.conf
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/inner-tunnel
including configuration file /etc/freeradius/sites-enabled/default
including dictionary file /etc/freeradius/dictionary
main {
        prefix = "/usr"
        localstatedir = "/var"
        logdir = "/var/log/freeradius"
        libdir = "/usr/lib/freeradius"
        radacctdir = "/var/log/freeradius/radacct"
        hostname_lookups = no
        max_request_time = 30
        cleanup_delay = 5
        max_requests = 1024
        allow_core_dumps = no
        pidfile = "/var/run/freeradius/freeradius.pid"
        user = "freerad"
        group = "freerad"
        checkrad = "/usr/sbin/checkrad"
        debug_level = 0
        proxy_requests = yes
 security {
        max_attributes = 200
        reject_delay = 1
        status_server = yes
 }
}
 client localhost {
        ipaddr = 127.0.0.1
        require_message_authenticator = no
        secret = "testing123"
        nastype = "other"
 }
radiusd: #### Loading Realms and Home Servers ####
 proxy server {
        retry_delay = 5
        retry_count = 3
        default_fallback = no
        dead_time = 120
        wake_all_if_all_dead = no
 }
 home_server localhost {
        ipaddr = 127.0.0.1
        port = 1812
        type = "auth"
        secret = "testing123"
        response_window = 20
        max_outstanding = 65536
        zombie_period = 40
        status_check = "status-server"
        ping_check = "none"
        ping_interval = 30
        check_interval = 30
        num_answers_to_alive = 3
        num_pings_to_alive = 3
        revive_interval = 120
        status_check_timeout = 4
 }
 home_server_pool my_auth_failover {
        type = fail-over
        home_server = localhost
 }
 realm example.com {
        auth_pool = my_auth_failover
 }
 realm LOCAL {
 }
radiusd: #### Instantiating modules ####
 instantiate {
 Module: Linked to module rlm_exec
 Module: Instantiating exec
  exec {
        wait = yes
        input_pairs = "request"
        shell_escape = yes
  }
 Module: Linked to module rlm_expr
 Module: Instantiating expr
 Module: Linked to module rlm_expiration
 Module: Instantiating expiration
  expiration {
        reply-message = "Password Has Expired  "
  }
 Module: Linked to module rlm_logintime
 Module: Instantiating logintime
  logintime {
        reply-message = "You are calling outside your allowed timespan  "
        minimum-timeout = 60
  }
 }
radiusd: #### Loading Virtual Servers ####
server inner-tunnel {
 modules {
 Module: Checking authenticate {...} for more modules to load
 Module: Linked to module rlm_pap
 Module: Instantiating pap
  pap {
        encryption_scheme = "auto"
        auto_header = no
  }
 Module: Linked to module rlm_chap
 Module: Instantiating chap
 Module: Linked to module rlm_mschap
 Module: Instantiating mschap
  mschap {
        use_mppe = yes
        require_encryption = no
        require_strong = no
        with_ntdomain_hack = no
  }
 Module: Linked to module rlm_unix
 Module: Instantiating unix
  unix {
        radwtmp = "/var/log/freeradius/radwtmp"
  }
 Module: Linked to module rlm_eap
 Module: Instantiating eap
  eap {
        default_eap_type = "md5"
        timer_expire = 60
        ignore_unknown_eap_types = no
        cisco_accounting_username_bug = no
  }
 Module: Linked to sub-module rlm_eap_md5
 Module: Instantiating eap-md5
 Module: Linked to sub-module rlm_eap_leap
 Module: Instantiating eap-leap
 Module: Linked to sub-module rlm_eap_gtc
 Module: Instantiating eap-gtc
   gtc {
        challenge = "Password: "
        auth_type = "PAP"
   }
 Module: Linked to sub-module rlm_eap_tls
 Module: Instantiating eap-tls
   tls {
        rsa_key_exchange = no
        dh_key_exchange = yes
        rsa_key_length = 512
        dh_key_length = 512
        verify_depth = 0
        pem_file_type = yes
        private_key_file = "/etc/freeradius/certs/server.pem"
        certificate_file = "/etc/freeradius/certs/server.pem"
        CA_file = "/etc/freeradius/certs/ca.pem"
        private_key_password = "whatever"
        dh_file = "/etc/freeradius/certs/dh"
        random_file = "/etc/freeradius/certs/random"
        fragment_size = 1024
        include_length = yes
        check_crl = no
        cipher_list = "DEFAULT"
        make_cert_command = "/etc/freeradius/certs/bootstrap"
   }
rlm_eap: SSL error error:02001002:system library:fopen:No such file or directory
rlm_eap_tls: Error reading certificate file /etc/freeradius/certs/server.pem
rlm_eap: Failed to initialize type tls
/etc/freeradius/eap.conf[17]: Instantiation failed for module "eap"
/etc/freeradius/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/freeradius/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
 }
}
Errors initializing modules

What can be done to solve these errors?

Last edited by GHz; 18th September 2009 at 11:12.
Reply With Quote
  #17  
Old 27th September 2009, 17:18
GHz GHz is offline
Member
 
Join Date: Jul 2009
Location: The Netherlands
Posts: 32
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Someone please?
Reply With Quote
  #18  
Old 28th September 2009, 13:45
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,743 Times in 2,577 Posts
Default

Unfortunately I'm no FreeRadius expert...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #19  
Old 30th September 2009, 12:35
awan awan is offline
Junior Member
 
Join Date: Sep 2007
Posts: 23
Thanks: 0
Thanked 1 Time in 1 Post
Default TLS/SSL issues ?

GHz have u compiled freeradius with openssl support/libraries ?

btw also try running this compiled packaged with SSL support turned OFF (i.e. not certificates n stuff) i.e. to verify if its working fine WITHOUT ssl thing .

Cheers
--
Ozzy

(apologize for late reply, I was on vacation)
Reply With Quote
  #20  
Old 5th November 2009, 19:21
GHz GHz is offline
Member
 
Join Date: Jul 2009
Location: The Netherlands
Posts: 32
Thanks: 2
Thanked 0 Times in 0 Posts
 
Default

Today I started from scratch, but when starting freeradius in debugmode, by running 'freeradius -X', I get these errors:

Quote:
rlm_eap: SSL error error:02001002:system library:fopen:No such file or directory
rlm_eap_tls: Error reading certificate file /etc/freeradius/certs/server.pem
rlm_eap: Failed to initialize type tls
/etc/freeradius/eap.conf[17]: Instantiation failed for module "eap"
/etc/freeradius/sites-enabled/inner-tunnel[223]: Failed to find module "eap".
/etc/freeradius/sites-enabled/inner-tunnel[176]: Errors parsing authenticate section.
I have compiled freeradius with ssl support. Any ideas? Oh, and how o I run it without openssl support (suggested above)?
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Freeradius configure issue SaFi2266 HOWTO-Related Questions 5 24th July 2011 07:32
Configuring ISPConfig to work with Daloradius 4walters Installation/Configuration 2 29th April 2009 13:46
Setting Up A FreeRadius Based AAA Server With MySQL & Management With Daloradius herbie HOWTO-Related Questions 3 15th September 2008 05:37


All times are GMT +2. The time now is 15:11.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.