How To Install FreeRadius and DaloRadius On CentOS 8 /7

We can install FreeRadius and configure daloRadius on CentOs 8/7. you can also install a radius server on Linux. Let’s see, how to configure FreeRadius on CentOS.

How To Install FreeRadius and DaloRadius On CentOS 8 /7

We need to have a LAMP setup on the CentOS machine to install and configure FreeRadius. I will use Apache2.4, PHP7.2, and MariaDB to create a LAMP setup. 

Check Out: How To Install Tmux and Use On Ubuntu and CentOS 8

1. We will install the Apache web server, PHP7.2, and MariaDB using the below command. Before installing, we don’t need to add a repository for PHP7.2 on the CentOS 8. 

sudo yum install php -y

Check the PHP version using php -v command.

[root@local ~]# php -v
PHP 7.2.24 (cli) (built: Oct 22 2019 08:28:36) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.2.24, Copyright (c) 1999-2018, by Zend Technologies

If you have CentOS 7, we need to add a repository using the following commands. 

yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -ivh remi-release-7.rpm 
yum repolist
yum install php72

If you face any issue in installing the PHP7.2, you may edit the remi7.2 repository and enable it. 

Install Apache and MariaDB database using the following command.

yum install httpd -y
yum install mariadb -y

We’ve successfully setup the LAMP setup and now we will configure the MariaDB database.

Check Out: How To Launch Windows EC2 Instance On AWS Cloud

2. We will secure the MariaDB and set the root password using the following instructions. Once you have configured the MariaDB server using the instructions.

You need to create a database and assign full permission on the database to the user “radius“.

MariaDB [(none)]> create database radius;
Query OK, 1 row affected (0.000 sec)

MariaDB [(none)]> grant all privileges on radius.* to "radius"@"%" identified by "password";
Query OK, 0 rows affected (0.041 sec)

MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.171 sec)

3. When you’re done with the above steps, we need to install the FreeRadius using the below command. 

yum install freeradius freeradius-utils freeradius-mysql

Start and enable the radius server then check the status of the service.

[root@local ~]# systemctl start radiusd && systemctl enable radiusd
Created symlink /etc/systemd/system/multi-user.target.wants/radiusd.service → /usr/lib/systemd/system/radiusd.service.
[root@local ~]# systemctl status radiusd 
● radiusd.service - FreeRADIUS high performance RADIUS server.
Loaded: loaded (/usr/lib/systemd/system/radiusd.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2020-08-16 14:55:26 EDT; 11s ago
Main PID: 3530 (radiusd)
Tasks: 6 (limit: 4891)
Memory: 11.0M
CGroup: /system.slice/radiusd.service
└─3530 /usr/sbin/radiusd -d /etc/raddb

We also need to allow the radius service in the firewall rules. Radius server uses the UDP port 1812 and 1813

firewall-cmd --add-service={http,https,radius} --permanent
firewall-cmd --reload

Test the radius server is running using ss -tunlp | grep radiusd command. 

install freeradius centos 8

Configure Radius To Use MariaDB:

By default, the Radius server uses the flat-files database to store the data. We need to configure the radius server to use MariaDB. Radius Server location at /etc/raddb. Use the below command to create a database object. 

mysql -u root -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql

Check Out: Sentrifugo 3.2 Failed To Connect Gmail Account SMTP Issue

We can also check what tables have been created using the above script file. Login to the radius database and run the show tables command. 

MariaDB [(none)]> use radius;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Database changed
MariaDB [radius]> show tables;
+------------------+
| Tables_in_radius |
+------------------+
| nas |
| radacct |
| radcheck |
| radgroupcheck |
| radgroupreply |
| radpostauth |
| radreply |
| radusergroup |
+------------------+
8 rows in set (0.078 sec)

Create a SQL file that will be used to configure Radius with the database and save the file. 

vim /etc/raddb/mods-enabled/sql

sql {
driver = "rlm_sql_mysql"
dialect = "mysql"

# Connection info:
server = "localhost"
port = "3306"
login = "radius"
password = "password"

# Database table configuration for everything except Oracle
radius_db = "radius"
}

# Set to "yes" to read radius clients from the database ("nas" table)
# Clients will ONLY be read on server startup.
read_clients = yes
# Table to keep radius client info
client_table = "nas"

Once you have created the above file, we need to change the group of that file using the below command and also restart the service. 

chgrp -h radiusd /etc/raddb/mods-enabled/sql
systemctl restart radiusd

Test Radius Working With Database:

We’ve made significant changes in the radius server. you need to test again in the debug mode to make sure FreeRadius is working. 

systemctl stop radiusd

Now run the below command to check it using radiusd -X command. if you see the long output, means it’s working with MariaDB or MySQL database. 

Listening on auth address * port 1812 bound to server default
Listening on acct address * port 1813 bound to server default
Listening on auth address :: port 1812 bound to server default
Listening on acct address :: port 1813 bound to server default
Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Listening on proxy address * port 40000
Listening on proxy address :: port 58128
Ready to process requests

If you get eh output like before, stop the debug mode using “Ctrl+C” and restart the radius service. We’ve successfully configured and installed the Radius server on CentOS 8/7. 

Check Out: How To Configure Autoscaling Setup On Amazon Cloud

Install and Configure DaloRadius(FreeRadius GUI) On CentOS (Optional):

daloradius is an advanced radius management applications.

We need to download the package using the following command. if you don’t have installed wget and zip, you can install them as well. 

yum install wget unzip -y
wget https://github.com/lirantal/daloradius/archive/master.zip

Now, We need to unzip the package and move it to the /var/ww/html/ directory. 

unzip master.zip -d /var/www/html/
cd /var/www/html/daloradius-master

We will import the daloradius MySQL tables using the below command. 

[root@local daloradius-master]# mysql -u root -p radius < contrib/db/fr2-mysql-daloradius-and-freeradius.sql
Enter password: 
[root@local daloradius-master]# mysql -u root -p radius < contrib/db/mysql-daloradius.sql 
Enter password:

You can cross-check by login to the radius database. you will see lots of tables. Now change the permissions of a file and owner of the folder. 

chown -R apache:apache /var/www/html/daloradius-master/
chown 664 /var/www/html/daloradius-master/library/daloradius.conf.php

We need to define the database details in /var/www/html/daloradius-master/library/daloradius.conf.php file.  

$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_PORT'] = '3306';
$configValues['CONFIG_DB_USER'] = 'radius';
$configValues['CONFIG_DB_PASS'] = 'password';
$configValues['CONFIG_DB_NAME'] = 'radius';

Restart the service and access the URL using http://IP/daloradius

Check Out: Showing Bash instead of Root User Shell On CentOS / Redhat 8

Troubleshoot: 

If you’re not able to access the daloradius using the URL, then SELinux is enabled in the enforcing mode. We need to solve the issues related to SELinux because it will not let you access the daloradius.

Check Out: Selinux Semanage Command Not found On Redhat 7

Install the Selinux package using yum install policycoreutils-python-utils command. 

yum install policycoreutils-python-utils

Now change the context on the directory folder using the following commands. 

semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html/daloradius(/.*)?"
restorecon -Rv /var/www/html/daloradius

Now try to access the URL http://192.168.185.147/daloradius, you must be able to access the daloradius

linux radius server

Login with the default username: administrator and password: radius. In a similar way, you can install a radius server on Linux as well as CentOS 8.

That’s it. freeradius redius linux server centos 8 install

Share on:

I'm the founder of Curious Viral. I hope this blog will provide you complete information about Linux Technology & I would like to share my technical knowledge with you which I have learned during this period.

Other Posts You May Like...

Leave a comment