RADIUSdesk

logo
Trace:

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision 		Previous revision
getting_started:20_install_ubuntu_freeradius_3 [2022/06/13 06:09]
admin created 		getting_started:20_install_ubuntu_freeradius_3 [2022/08/31 21:56] (current)
admin
Line 14: Line 14:
 sudo systemctl enable freeradius sudo systemctl enable freeradius
 sudo systemctl start freeradius sudo systemctl start freeradius
 +sudo systemctl status freeradius
 +</code>
 +====== Configuring FreeRADIUS version 3.x ======
 +  * Do the following to configure FreeRADIUS 3.x to work with RADIUSdesk
 +<code bash>
 +# Stop the service if it is already running
 +sudo systemctl stop freeradius
 +# Backup the original FreeRADIUSdirectory
 +sudo mv /etc/freeradius /etc/freeradius.orig
 +# Extract the RADIUSdesk modified FreeRADIUS directory
 +sudo tar xzf /var/www/html/cake4/rd_cake/setup/radius/freeradius-3-radiusdesk.tar.gz --one-top-level=/etc/freeradius/
 +sudo mv /etc/freeradius/freeradius /etc/freeradius/3.0
 +sudo chown -R freerad. /etc/freeradius/3.0/
 +sudo  mkdir /var/run/freeradius
 +chown freerad. /var/run/freeradius
 +</code>
 +  * Configure the site-wide shared secret. This will be the value used by ALL Dynamic Clients.
 +<code bash>
 +sudo vi /etc/freeradius/3.0/sites-enabled/dynamic-clients
 +</code>
 +  * Look for this part in the file and change FreeRADIUS-Client-Secret to the value you choose to use.
 +<code bash>
 +#  Echo the IP address of the client.
 +FreeRADIUS-Client-IP-Address = "%{Packet-Src-IP-Address}"
 + 
 +# require_message_authenticator
 +FreeRADIUS-Client-Require-MA = no
 + 
 +# secret
 +FreeRADIUS-Client-Secret = "testing123"
 + 
 +# shortname
 +FreeRADIUS-Client-Shortname = "%{Packet-Src-IP-Address}"
 +</code>
 +  * Comment out the following two lines in the Systemd unit file
 +<code bash>
 +sudo vi /lib/systemd/system/freeradius.service
 +</code>
 +  * See this sample to see which two lines to comment out. Failing to do this will result in a broken system with FreeRADIUS not starting up during boot
 +<code bash>
 +[Unit]
 +Description=FreeRADIUS multi-protocol policy server
 +After=syslog.target network.target
 +Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ http://networkradius.com/doc/
 + 
 +[Service]
 +Type=forking
 +PIDFile=/run/freeradius/freeradius.pid
 +#EnvironmentFile=-/etc/default/freeradius
 +#ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cxm -lstdout
 +ExecStart=/usr/sbin/freeradius $FREERADIUS_OPTIONS
 +Restart=on-failure
 +RestartSec=5
 + 
 +[Install]
 +WantedBy=multi-user.target
 +</code>
 +  * After you completed these commands you can test if FreeRADIUS starts up fine.
 +<code bash>
 +sudo systemctl daemon-reload 
 +sudo systemctl restart freeradius
 sudo systemctl status freeradius sudo systemctl status freeradius
 </code> </code>
Line 44: Line 105:
 <code bash> <code bash>
 # Members of the admin group may gain root privileges # Members of the admin group may gain root privileges
-%admin ALL=(ALL) ALL www-data ALL = NOPASSWD:/var/www/html/cake3/rd_cake/setup/scripts/radmin_wrapper.pl+%admin ALL=(ALL) ALL www-data ALL = NOPASSWD:/var/www/html/cake4/rd_cake/setup/scripts/radmin_wrapper.pl
 </code> </code>
   * Confirm that this line is now inside the /etc/sudoers file   * Confirm that this line is now inside the /etc/sudoers file
Last modified: 2022/06/13 06:09