Table of Contents
RADIUSdesk Accel-ppp Agent
Overview
- The RADIUSdesk Accel-ppp Agent is a lightweight add-on to Ubuntu or Raspberry Pi devices that serves as a broker between Accel-ppp and RADIUSdesk.
- It uses a couple of Lua based libraries and scripts to fulfill its mandate.
Installation
Please double check
- Make sure the iptables package is installed. (It was not installed on my Raspberry Pi OS image)
sudo apt-get install iptables
- Make sure packet forwarding for IPv4 is enabled. Edit the /etc/sysctl.conf.
- Find and uncomment net.ipv4.ip_forward=1 line.
The Rest
- We assume you already have a device that has Accel-ppp installed as per instructions elsewhere on this Wiki.
- Install the following packages.
sudo apt-get install -y curl lua-socket lua-cjson luarocks sudo luarocks install inifile
- Check out the latest RADIUSdesk code
cd /var/www sudo git clone https://github.com/RADIUSdesk/rdcore.git #Link the accel-ppp agent's files to /etc directory ln -s /var/www/rdcore/cake4/rd_cake/setup/accel-ppp/MESHdesk /etc/MESHdesk
Configuration
Startup and config reference files
- Copy the following reference files:
#config file for the agent sudo cp /etc/MESHdesk/files/accel-ppp-rd.conf /etc/ #startup file. We make a backup first of the original one (of there were one) cp /etc/rc.local /etc/rd.local.bak sudo cp /etc/MESHdesk/files/rc.local /etc/
Config File
- Configuration is done by tweaking the /etc/accel-ppp-rd.conf file.
- Refer to the sample below
[internet] disabled=0 dns=cloud.radiusdesk.com protocol=https http_port=80 https_port=443 ip=164.160.89.129 [pppoe] interface=eth0
- In our setup we have a RADIUSdesk server which has a FQDN of cloud.radiusdesk.com
- We also specify the fallback ip as 164.160.89.129 in the event when DNS does not resolve.
- Protocol can be either https or http. We choose https which is more secure.
- We also specify the interface we want the PPPoE service to run on.
- In our case we have a Raspberry Pi 4 with an Enternet port (eth0) where we will run the PPPoE service on.
- The agent will then fetch the MAC Address of this interface and forward the request for config to RADIUSdesk using this MAC Address as the unique identifier.
- Make changes to this file so that it works with your environment and device.
Startup File
- Disable automatic startup of Accel-ppp.
sudo systemctl disable accel-ppp
- The startup file is /etc/rc.local.
- You also have to tweak it to work on the device running the RADIUSdesk Accel-ppp Agent.
- Refer to the sample below
#!/bin/bash iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE cd /etc/MESHdesk sleep 10 /etc/MESHdesk/u.lua & sleep 10 /etc/MESHdesk/heartbeat.lua & exit 0
- The important line is the one with the iptables rule for NAT.
- With our setup the WAN connection / uplink is the WiFi interface, wlan0.
- Make sure that your setup matches your device's configuration.
Since PPPoE works on Layer2, you can have both the PPPoE and the WAN connection on one physical interface e.g eth0 in our case with the Pi.
- On the Raspberry Pi the rc.local script was called automatically during startup.
- On Ubuntu you'll probably have to follow these instructions to ensure that it starts up during boot time
- Everything should now be in place and you can reboot the device and see if it is listed under Accel-ppp Servers → New Arrivals
RADIUS Client
- If your Accel-ppp server is using RADIUSdesk for its RADIUS component you have one last step to do.
- You can do its RADIUS on-boarding by looking for it under RADIUS → RADIUS Clients → New Arrivals.
- After you completed the on-boarding be sure to specify the Client Type as Accel-On-RADIUSdesk.
- This will allow the code to follow the correct procedure when an active session for a user needs to be terminated.
