Skip to end of metadata
Go to start of metadata

Overview

The purpose of this guide is to provide step by step, quick and easy way to deploy FreeRadius server. You will learn how to install FreeRadius server on your Linux system and how to configure the same to work with VEGA (as radius client)

 FreeRADIUS basically includes a RADIUS server, a BSD licensed client library, a PAM library, and an Apache module.

Installation of FreeRadius

FreeRadius is easy to install. FreeRadius can be installed on Linux server by issuing commands like:

yum install freeradius (on redhat linux distribution)

                         OR 

apt-get install freeradius (on ubuntu)

For further information with respect to installation of FreeRadius please refer to below useful links:

http://freeradius.org/doc/getting_started.html

https://www.unixmen.com/installation-freeradius-centos-ubuntu/


NOTE: There is no need to perform SQL stuff as given in above guide in order to make VEGA working with FreeRadius server.

Configuration Of FreeRadius

Configuration on FreeRadius with respect to VEGA can be divided in to three parts:

  1. Adding Vendor
  2. Adding User
  3. Adding Client

Vendor Addition

In order to add VEGA specific vendor in FreeRadius we need to create a new file say name “dictionary.sangoma” within “/usr/share/freeradius/” directory and add below lines in to the file:

VENDOR                Sangoma                         35987

BEGIN-VENDOR    Sangoma

# Vega Login user privilege level
ATTRIBUTE            Sangoma-Vega-Privilege          1                  integer
VALUE                    Sangoma-Vega-Privilege          none            0x00
VALUE                    Sangoma-Vega-Privilege          admin           0x04
VALUE                    Sangoma-Vega-Privilege          privacy         0x20
VALUE                    Sangoma-Vega-Privilege          provision      0x40

ATTRIBUTE            Sangoma-Vega-Timeout            2                  integer

END-VENDOR       Sangoma

Now, edit “/usr/share/freeradius/dictionary” file by in order to include the above created file by adding below line:

$INCLUDE dictionary.sangoma

 

Now, proceed with next configuration i.e. Adding users.

User Addition

In order to add VEGA specific user in FreeRadius users list we need to edit “/etc/raddb/users” file. Find the user and defined the new variables for e.g. “Sangoma-vega-Privilege=admin” under the user created.

For example, if vega has a user say “user1” with password as “password1” with admin privileges then below lines needs to be included within “/etc/raddb/users”:

user1 Cleartext-Password := "password1"
           Sangoma-Vega-Privilege = admin

 

Now, proceed with next configuration i.e. Adding client.

Client Addition

Adding client is important part of configuration as this configuration tells FreeRadius to allow connection from vega network.

In order to add New Client (VEGA as client) edit “/etc/raddb/clients.conf" and add below lines:

client 192.168.3.176 {
           secret = testing
           shortname = vega-test-176
}


NOTE:

  • 192.168.3.176 is the vega ip i.e. the radius client
  • secret must be the password of radius server which needs to be used/configured by client in order to establish connection with radius server (in this case it is testing)
  • shortname is the alias which user wants to assign to client

Troubleshooting FreeRadius

Step 1) In order to test if your configured client is working fine first we need to start FreeRadius server using below command:

/etc/init.d/radius start

In order to start radius server in debugging/troubleshooting mode we can always start radius server using below command:

radisud -x

Step 2) Now, tail the system logs to check what is occurring using below command:

tail -f /var/log/messages

Now, issue below command in order to test if the client account is properly configured or not for example in this case we will test “VEGA” with user as “user1” by issuing below command:

radtest user1 password1 localhost0 testing123

 

The above command will give output as given below:

Sending Access-Request of id 119 to 127.0.0.1 port 1812
User-Name = "user1"
User-Password = "password1"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000

rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=119, length=20

In order to check how to configure VEGA as Radius client please refer to VEGA RADIUS Configuration.

Reference

For more reference on freeradius always refer to below links:

etc.

  • No labels