Learn how to install freeRADIUS on CentOS 7 with our step-by-step guide. Follow detailed instructions to set up and configure freeRADIUS and daloRADIUS for your network authentication needs. #centlinux #linux #freeradius
RADIUS (Remote Authentication and Dial-In User Service) is network protocol and software that authenticate dial-in users and authorize their access to the requested service. RADIUS provides centralized Authentication, Authorization and Accounting (AAA) management for a user, who connect and use a network service. RADIUS allows an organization to maintain user profiles in a central database that all remote servers can share.
A RADIUS server is a network protocol that performs the following three key functions:
Here’s a simplified overview of the RADIUS authentication process:
Read Also: Setup WireGuard VPN Server on CentOS 8
freeRADIUS is a high-performance, open-source RADIUS server that offers a flexible and scalable solution for managing network access control. It supports a variety of authentication methods and is widely used in both small and large-scale networks.
daloRADIUS is a easy to use, but advanced RADIUS web interface, that aimed at managing hotspots and general-purpose ISP deployments. daloRADIUS is written in PHP and supports famous database systems.
daloRADIUS is an open-source web application designed to enhance the management of RADIUS servers. It offers a graphical interface for interacting with freeRADIUS, making it easier to perform administrative tasks, configure settings, and review accounting data.
radiusd.conf
, clients.conf
, and users
directly from the web interface.This article emphasize on the installation and initial configuration of freeRADIUS and daloRADIUS on CentOS 7. If you want to know, how to use freeRADIUS or daloRADIUS, then we recommend you to read FreeRADIUS Beginner’s Guide (PAID LINK) and daloRADIUS User Guide (Volume 1) (PAID LINK).
In this article, we will install freeRADIUS and daloRADIUS on CentOS 7 without disabling SELinux.
We are using a CentOS 7 virtual machine with following specifications:
Connect with radius-01.example.com using ssh as root user.
We will require some utiliies during installation of freeRADIUS and daloRADIUS, therefore, we are installing them now, using yum command.
# yum install -y wget unzip
Some prereqiusite packages are available through extras yum repository, therefore, we are installing EPEL (Extra Packages for Enterprise Linux) yum repository.
# yum install -y epel-release
Build yum cache using following command.
# yum makecache fast Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile epel/x86_64/metalink | 4.6 kB 00:00 * base: centos.mirror.net.in * epel: mirror.horizon.vn * extras: centos.mirror.net.in * updates: centos.mirror.net.in base | 3.6 kB 00:02 extras | 3.4 kB 00:00 mariadb | 2.9 kB 00:00 updates | 3.4 kB 00:00 Metadata Cache Created
Follow my previous article to install latest version of MariaDB.
After installation, connect with MariaDB database as root user.
# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or g. Your MariaDB connection id is 16 Server version: 10.3.14-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]>
Create a database, that serves as the repository for our RADIUS server.
MariaDB [(none)]> create database radius; Query OK, 1 row affected (0.001 sec)
Create a database owner for radius database.
MariaDB [(none)]> grant all on radius.* to radius@localhost identified by '123'; Query OK, 0 rows affected (0.001 sec)
Reload privileges tables.
MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.001 sec)
Exit from MariaDB prompt.
MariaDB [(none)]> exit Bye
daloRADIUS is a web application developed in PHP. Therefore, we need Apache Web Server with PHP to deploy daloRADIUS.
Install Apache Web Server using yum command.
# yum install -y httpd
Start and enable httpd.service.
# systemctl enable httpd.service Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. # systemctl start httpd.service
Apache Webserver has been configured successfully. It is advised that, you should read our previous article Chroot Apache Web Server in CentOS 7 to increase the security.
Install PHP (Hypertext Preprocessor) and related packages using yum command.
# yum install -y php php-mysql php-pear php-devel php-common php-gd php-mbstring php-mcrypt php-xml php-pear-DB
Restart httpd.service to load changes, made by PHP installation.
# systemctl restart httpd.service
freeRADIUS and relevant packages are available through CentOS base repository. Therefore, we can easily install it using yum command.
# yum install -y freeradius freeradius-utils freeradius-mysql
Start and enable radiusd.service.
# systemctl start radiusd.service # systemctl enable radiusd.service Created symlink from /etc/systemd/system/multi-user.target.wants/radiusd.service to /usr/lib/systemd/system/radiusd.service.
Allow RADIUS service in Linux firewall.
# firewall-cmd --permanent --add-service=radius success # firewall-cmd --reload success
By default, freeRADIUS uses flat-files to store data. Therefore, we have to configure it to use MariaDB database as its repository.
Use the following script to create database objects.
# mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql Enter password:
You can either copy sql module from /etc/raddb/mods-available/sql or create using following script.
# vi /etc/raddb/mods-enabled/sql
Add following lines therein:
sql { driver = "rlm_sql_mysql" dialect = "mysql" # Connection info: server = "localhost" port = 3306 login = "radius" password = "123" # Database table configuration for everything except Oracle radius_db = "radius" } # Set to "yes" to read radius clients from the database ("nas" table) # Clients will ONLY be read on server startup. read_clients = yes # Table to keep radius client info client_table = "nas"
Adjust file permissions.
# chgrp -h radiusd /etc/raddb/mods-enabled/sql
Restart radiusd.service.
# systemctl restart radiusd.service
daloRADIUS is open source and distributed under GPL 2.0 license. It’s complete source is available at GitHub.
# wget https://github.com/lirantal/daloradius/archive/master.zip --2019-04-25 19:37:59-- https://codeload.github.com/lirantal/daloradius/zip/master Resolving codeload.github.com (codeload.github.com)... 192.30.253.121, 192.30.253.120 Connecting to codeload.github.com (codeload.github.com)|192.30.253.121|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/zip] Saving to: âmaster.zip.1â [ <=> ] 5,447,362 386KB/s in 14s 2019-04-25 19:38:14 (375 KB/s) - âmaster.zip.1â saved [5447362]
Unzip downloaded file.
# unzip master.zip
Place the extracted directory at the document root of Apache Web server.
# rm -f master.zip # mv daloradius-master/ /var/www/html/daloradius
Restore SELinux security context as follows.
# restorecon -Rv /var/www/html/daloradius/
Adjust permissions and ownership of daloRADIUS software.
# chown -R apache:apache /var/www/html/daloradius # chmod -R 664 /var/www/html/daloradius/library/daloradius.conf.php
Allow HTTP service in Linux firewall.
# firewall-cmd --permanent --add-service=http success # firewall-cmd --reload success
Create daloRADIUS objects in MariaDB database.
# mysql -u root -p radius < /var/www/html/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql Enter password: # mysql -u root -p radius < /var/www/html/daloradius/contrib/db/mysql-daloradius.sql Enter password:
Edit daloRADIUS configuration file.
# vi /var/www/html/daloradius/library/daloradius.conf.php
and define MariaDB database password in it.
$configValues['CONFIG_DB_PASS'] = '123';
Browse URL http://radius-01.example.com/daloradius using a client’s browser.
Login using default credentials i.e.
Username: administrator
Password: radius
freeRADIUS and daloRADIUS has been installed on CentOS 7.
Recommended Online Training: Learn Bash Shell in Linux for Beginners
Setting up freeRADIUS on CentOS 7 can greatly enhance your network’s authentication capabilities. This guide is designed to provide you with clear, step-by-step instructions to ensure a successful installation and configuration.
If you need further assistance or prefer to have a professional handle the installation, I offer specialized services on Fiverr. From initial setup to advanced configurations, I can help you achieve a seamless freeRADIUS installation on CentOS 7. Visit my Fiverr profile to learn more about my services and how I can assist you.
Thank you for following along, and best of luck with your freeRADIUS installation!
Puppy Linux is a fast, lightweight OS designed for speed and simplicity, perfect for old…
Learn how to change Apache document root in Linux by following this step-by-step guide. Adjust…
Discover how to change Apache port in Linux easily. Follow our simple guide to modify…
Learn how to create a virtual host in Apache Server with this comprehensive guide. Set…
Discover 10 practical tasks for the RHCSA exam with step-by-step solutions. Boost your Linux skills…
Discover the ultimate Fail2ban configuration guide. Learn how to set up, customize, and optimize Fail2ban…
This website uses cookies.