RADIUSdesk Accel-ppp Agent

• The RADIUSdesk Accel-ppp Agent is a lightweight add-on for Ubuntu or Raspberry Pi devices that serves as an intermediary between Accel-ppp and RADIUSdesk.
• It uses a set of Lua-based libraries and scripts to accomplish its task.

• Make sure that the iptables package is installed. (It was not installed on my Raspberry Pi OS image)

sudo apt-get install iptables

• Make sure that packet forwarding for IPv4 is enabled. Edit the file /etc/sysctl.conf.
• Find the line net.ipv4.ip_forward=1 and comment it out.

• We assume that you already have a device with Accel-ppp installed as per the instructions elsewhere in this wiki.
• Install the following packages.

sudo apt-get install -y curl lua-socket lua-cjson luarocks
sudo luarocks install inifile

• Check out the latest RADIUSdesk code

cd /var/www
sudo git clone https://github.com/RADIUSdesk/rdcore.git
#Link the accel-ppp agent's files to /etc directory
ln -s /var/www/rdcore/cake4/rd_cake/setup/accel-ppp/MESHdesk /etc/MESHdesk

• Copy the following reference files:

#Configuration file for the agent
sudo cp /etc/MESHdesk/files/accel-ppp-rd.conf /etc/
#Startup file. We first create a backup copy of the original file (if there is one)
cp /etc/rc.local /etc/rd.local.bak
sudo cp /etc/MESHdesk/files/rc.local /etc/

• The configuration is done by adapting the file /etc/accel-ppp-rd.conf file.
• Take a look at the following example

[internet]
disabled=0
dns=cloud.radiusdesk.com
protocol=https
http_port=80
https_port=443
ip=164.160.89.129
 
[pppoe]
interface=eth0

• In our setup we have a RADIUSdesk server with the FQDN cloud.radiusdesk.com
• We also specify the fallback ip as 164.160.89.129 in the event when DNS does not resolve.
• The protocol can be either https or http. We choose https because it is more secure.
• We also specify the interface via which the PPPoE service should run.
• In our case, we have a Raspberry Pi 4 with an Enternet port (eth0), which we will use to run the PPPoE service.
• The agent then retrieves the MAC address of this interface and forwards the request to RADIUSdesk to obtain its configuration, using this MAC address as a unique identifier.
• Make changes to this file so that it works with your environment and device.

• Deactivate the automatic startup of Accel-ppp.

sudo systemctl disable accel-ppp

• The startup file is /etc/rc.local.
• You must also adapt it so that it works on the device on which the RADIUSdesk Accel-ppp agent is running.
• Take a look at the following example

#!/bin/bash
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
 
cd /etc/MESHdesk
 
sleep 10
/etc/MESHdesk/u.lua &
sleep 10
/etc/MESHdesk/heartbeat.lua &
 
exit 0

• The important line is the one with the iptables rule for NAT.
• In our setup, the WAN connection / uplink is the WiFi interface, wlan0.
• Make sure that your setup matches the configuration of your device.

• On the Raspberry Pi, the rc.local script was called automatically at startup.
• On Ubuntu you'll probably have to follow these instructions to ensure that it starts up during boot time
• http://radiusdesk.com/wiki/technical/ppp-pppoe-basic#add_masquerade_support_on_wan_enp0s3
• Now everything should be in place and you can reboot the device and see if it is listed under Accel-ppp Servers → New Arrivals

• If your Accel-ppp server uses RADIUSdesk for its RADIUS component, you need to do one last step.
• You can perform its RADIUS onboarding by searching for it under RADIUS → RADIUS clients → New arrivals.
• Once you have completed the onboarding, make sure you specify the client type as Accel-On-RADIUSdesk.
• This will allow the code to apply the correct procedure when a user's active session needs to be terminated.