Table of Contents
In this article, I will take you through the steps to install and setup Freeradius Server in Linux (RHEL/CentOS 7/8). The FreeRadius server project is the implementation of the Remote Authentication Dial-In User Service (RADIUS) protocol used by many corporations and Internet service providers to authenticate users connecting from remote locations.
The FreeRadius server daemon, radiusd , can use an LDAP directory in two different ways. First, it can use LDAP as a data store for RADIUS attribute values. RADIUS attributes are defined by the RADIUS protocol and should not be confused with LDAP attributes. The only similarity between the two types of attributes is that both have names and are used to store values. The FreeRadius administrator defines the mapping between RADIUS attributes and the LDAP attributes used to represent them. Now we will go ahead and see how to setup freeradius server in this section.
Install and Setup FreeRadius Server in Linux
Also Read: 17 Useful nc command examples in Linux (RedHat/CentOS 7/8)
Step 1: Prerequisites
a)You should have a Linux (RedHat/CentOS 7/8) Node.
b)You should have yum
installed in your system. You can check Top 22 YUM Command Examples in RedHat /CentOS 7 to know more about yum command.
b)You should have sudo
access to run privileged commands. You can check How to add User to Sudoers to know more about providing sudo
access to the User.
Step 2: Update Your System
Sometimes it might happen that installation of new packages requires few of the dependencies to be updated hence you need to first update your system packages to the latest version before proceeding with the steps to setup freeradius Server. This can be performed by using simple yum update -y
command as shown below. This command might take sometime to update all the packages depends on the last time you have updated your system. In this case there are plenty of updates need to be installed so it took me few mins to complete the System update.
[root@localhost ~]# yum update -y Resolving Dependencies --> Running transaction check ---> Package acl.x86_64 0:2.2.51-14.el7 will be updated ---> Package acl.x86_64 0:2.2.51-15.el7 will be an update ---> Package bash.x86_64 0:4.2.46-33.el7 will be updated ---> Package bash.x86_64 0:4.2.46-34.el7 will be an update ---> Package bind-export-libs.x86_64 32:9.11.4-9.P2.el7 will be updated ---> Package bind-export-libs.x86_64 32:9.11.4-16.P2.el7_8.6 will be an update ---> Package bind-libs-lite.x86_64 32:9.11.4-9.P2.el7 will be updated ---> Package bind-libs-lite.x86_64 32:9.11.4-16.P2.el7_8.6 will be an update ---> Package bind-license.noarch 32:9.11.4-9.P2.el7 will be updated ---> Package bind-license.noarch 32:9.11.4-16.P2.el7_8.6 will be an update ---> Package binutils.x86_64 0:2.27-41.base.el7_7.2 will be updated ---> Package binutils.x86_64 0:2.27-43.base.el7_8.1 will be setup freeradius server ---> Package centos-release.x86_64 0:7-7.1908.0.el7.centos will be updated ---> Package centos-release.x86_64 0:7-8.2003.0.el7.centos will be an update ---> Package cloud-init.x86_64 0:18.5-3.el7.centos will be updated ---> Package cloud-init.x86_64 0:18.5-6.el7.centos will be an update ---> Package cryptsetup-libs.x86_64 0:2.0.3-5.el7 will be updated ---> Package cryptsetup-libs.x86_64 0:2.0.3-6.el7 will be an update ---> Package curl.x86_64 0:7.29.0-54.el7_7.2 will be updated ---> Package curl.x86_64 0:7.29.0-57.el7 will be an update ---> Package device-mapper.x86_64 7:1.02.158-2.el7_7.2 will be updated ---> Package device-mapper.x86_64 7:1.02.164-7.el7_8.2 will be an update
Step 3: Install Freeradius packages
You can install freeradius packages using yum install
command as shown below. Along with freeradius package you require another set of packages like freeradius-utils, freeradius-mysql and freeradius-perl packages. All of the packages can be installed in just one command as you can see below.
[root@localhost ~]# yum install freeradius freeradius-utils freeradius-mysql freeradius-perl –y Resolving Dependencies --> Running transaction check ---> Package freeradius.x86_64 0:3.0.13-10.el7_6 will be installed --> Processing Dependency: libtalloc.so.2(TALLOC_2.0.2)(64bit) for package: freeradius-3.0.13-10.el7_6.x86_64 --> Processing Dependency: /usr/bin/perl for package: freeradius-3.0.13-10.el7_6.x86_64 --> Processing Dependency: libtalloc.so.2()(64bit) for package: freeradius-3.0.13-10.el7_6.x86_64 --> Processing Dependency: libpcap.so.1()(64bit) for package: freeradius-3.0.13-10.el7_6.x86_64 --> Processing Dependency: libnaaeap.so.0()(64bit) for package: freeradius-3.0.13-10.el7_6.x86_64 ---> Package freeradius-mysql.x86_64 0:3.0.13-10.el7_6 will be installed ---> Package freeradius-perl.x86_64 0:3.0.13-10.el7_6 will be installed --> Processing Dependency: libperl.so()(64bit) for package: freeradius-perl-3.0.13-10.el7_6.x86_64 ---> Package freeradius-utils.x86_64 0:3.0.13-10.el7_6 will be installed --> Processing Dependency: perl(Getopt::Long) for package: freeradius-utils-3.0.13-10.el7_6.x86_64 --> Processing Dependency: perl(DBI) for package: freeradius-utils-3.0.13-10.el7_6.x86_64 --> Running transaction check ---> Package libpcap.x86_64 14:1.5.3-12.el7 will be installed ---> Package libtalloc.x86_64 0:2.1.16-1.el7 will be installed ---> Package perl.x86_64 4:5.16.3-295.el7 will be installed --> Processing Dependency: perl(Socket) >= 1.3 for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Scalar::Util) >= 1.10 for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl-macros for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Time::Local) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Socket) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Scalar::Util) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-295.el7.x86_64 --> Processing Dependency: tncfhh = 0.8.3 for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: boost-thread for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: boost-system for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libxerces-c-3.1.so()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libtncutil.so.0()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: liblog4cxx.so.10()(64bit) for package: tncfhh-libs-0.8.3-16.el7.x86_64 --> Processing Dependency: libboost_thread-mt.so.1.53.0()(64bit) for package: tncfhh-libs-0.8.3-setup freeradius server --> Processing Dependency: libboost_system-mt.so.1.53.0()(64bit) for package: tncfhh-libs-0.8.3-setup freeradius server --> Running transaction check ---> Package boost-system.x86_64 0:1.53.0-28.el7 will be installed ---> Package boost-thread.x86_64 0:1.53.0-28.el7 will be installed ---> Package log4cxx.x86_64 0:0.10.0-16.el7 will be installed --> Processing Dependency: libaprutil-1.so.0()(64bit) for package: log4cxx-0.10.0-16.el7.x86_64 --> Processing Dependency: libapr-1.so.0()(64bit) for package: log4cxx-0.10.0-16.el7.x86_64 ---> Package perl-Carp.noarch 0:1.26-244.el7 will be installed ---> Package perl-Data-Dumper.x86_64 0:2.145-3.el7 will be installed ---> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed ---> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed ---> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed ---> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed ---> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed ---> Package perl-PlRPC.noarch 0:0.2020-14.el7 will be installed --> Processing Dependency: perl(Net::Daemon) >= 0.13 for package: perl-PlRPC-0.2020-14.el7.noarch ---> Package perl-threads.x86_64 0:1.87-4.el7 will be installed ---> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed ---> Package tncfhh.x86_64 0:0.8.3-16.el7 will be installed ---> Package tncfhh-utils.x86_64 0:0.8.3-16.el7 will be installed ---> Package xerces-c.x86_64 0:3.1.1-10.el7_7 will be installed --> Running transaction check ---> Package apr.x86_64 0:1.4.8-5.el7 will be installed ---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed ---> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed ---> Package perl-IO-Compress.noarch 0:2.061-2.el7 will be installed --> Processing Dependency: perl(Compress::Raw::Zlib) >= 2.061 for package: perl-IO-setup freeradius server --> Processing Dependency: perl(Compress::Raw::Bzip2) >= 2.061 for package: perl-IO-setup freeradius server ---> Package perl-Net-Daemon.noarch 0:0.48-5.el7 will be installed ---> Package perl-Pod-Escapes.noarch 1:1.04-295.el7 will be installed ---> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed --> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch --> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch ---> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed --> Running transaction check ---> Package perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 will be installed ---> Package perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 will be installed ---> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed ---> Package perl-parent.noarch 1:0.225-244.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ======================================================================================================================================================================== Package Arch Version Repository Size ======================================================================================================================================================================== Installing: freeradius x86_64 3.0.13-10.el7_6 base 1.1 M freeradius-mysql x86_64 3.0.13-10.el7_6 base 90 k freeradius-perl x86_64 3.0.13-10.el7_6 base 88 k freeradius-utils x86_64 3.0.13-10.el7_6 base 222 k Installing for dependencies: apr x86_64 1.4.8-5.el7 base 103 k apr-util x86_64 1.5.2-6.el7 base 92 k boost-system x86_64 1.53.0-28.el7 base 40 k boost-thread x86_64 1.53.0-28.el7 base 58 k libpcap x86_64 14:1.5.3-12.el7 base 139 k libtalloc x86_64 2.1.16-1.el7 base 33 k log4cxx x86_64 0.10.0-16.el7 base 452 k perl x86_64 4:5.16.3-295.el7 base 8.0 M perl-Carp noarch 1.26-244.el7 base 19 k perl-Compress-Raw-Bzip2 x86_64 2.061-3.el7 base 32 k perl-Compress-Raw-Zlib x86_64 1:2.061-4.el7 base 57 k perl-DBI x86_64 1.627-4.el7 base 802 k perl-Data-Dumper x86_64 2.145-3.el7 base 47 k perl-Encode x86_64 2.51-7.el7 base 1.5 M perl-Exporter noarch 5.68-3.el7 base 28 k perl-File-Path noarch 2.09-2.el7 base 26 k perl-File-Temp noarch 0.23.01-3.el7 base 56 k perl-Filter x86_64 1.49-3.el7 base 76 k perl-Getopt-Long noarch 2.40-3.el7 base 56 k perl-HTTP-Tiny noarch 0.033-3.el7 base 38 k perl-IO-Compress noarch 2.061-2.el7 base 260 k perl-Net-Daemon noarch 0.48-5.el7 base 51 k perl-PathTools x86_64 3.40-5.el7 base 82 k perl-PlRPC noarch 0.2020-14.el7 base 36 k perl-Pod-Escapes noarch 1:1.04-295.el7 base 51 k perl-Pod-Perldoc noarch 3.20-4.el7 base 87 k perl-Pod-Simple noarch 1:3.28-4.el7 base 216 k perl-Pod-Usage noarch 1.63-3.el7 base 27 k perl-Scalar-List-Utils x86_64 1.27-248.el7 base 36 k perl-Socket x86_64 2.010-5.el7 base 49 k perl-Storable x86_64 2.45-3.el7 base 77 k perl-Text-ParseWords noarch 3.29-4.el7 base 14 k perl-Time-HiRes x86_64 4:1.9725-3.el7 base 45 k perl-Time-Local noarch 1.2300-2.el7 base 24 k perl-constant noarch 1.27-2.el7 base 19 k perl-libs x86_64 4:5.16.3-295.el7 base 689 k perl-macros x86_64 4:5.16.3-295.el7 base 44 k perl-parent noarch 1:0.225-244.el7 base 12 k perl-podlators noarch 2.5.1-3.el7 base 112 k perl-threads x86_64 1.87-4.el7 base 49 k perl-threads-shared x86_64 1.43-6.el7 base 39 k tncfhh x86_64 0.8.3-16.el7 base 680 k tncfhh-libs x86_64 0.8.3-16.el7 base 160 k tncfhh-utils x86_64 0.8.3-16.el7 base 33 k xerces-c x86_64 3.1.1-10.el7_7 updates 879 k Transaction Summary ======================================================================================================================================================================== Install 4 Packages (+45 Dependent packages) Total download size: 17 M Installed size: 52 M Is this ok [y/d/N]: y Downloading packages: (1/49): apr-util-1.5.2-6.el7.x86_64.rpm | 92 kB 00:00:00 (2/49): apr-1.4.8-5.el7.x86_64.rpm | 103 kB 00:00:00 (3/49): boost-system-1.53.0-28.el7.x86_64.rpm | 40 kB 00:00:00 (4/49): boost-thread-1.53.0-28.el7.x86_64.rpm | 58 kB 00:00:00 (5/49): freeradius-3.0.13-10.el7_6.x86_64.rpm | 1.1 MB 00:00:00 (6/49): freeradius-mysql-3.0.13-10.el7_6.x86_64.rpm | 90 kB 00:00:00 (7/49): freeradius-perl-3.0.13-10.el7_6.x86_64.rpm | 88 kB 00:00:00 (8/49): libpcap-1.5.3-12.el7.x86_64.rpm | 139 kB 00:00:00 (9/49): libtalloc-2.1.16-1.el7.x86_64.rpm | 33 kB 00:00:00 (10/49): freeradius-utils-3.0.13-10.el7_6.x86_64.rpm | 222 kB 00:00:00 (11/49): log4cxx-0.10.0-16.el7.x86_64.rpm | 452 kB 00:00:00 (12/49): perl-Carp-1.26-244.el7.noarch.rpm | 19 kB 00:00:00 (13/49): perl-5.16.3-295.el7.x86_64.rpm | 8.0 MB 00:00:00 (14/49): perl-Compress-Raw-Bzip2-2.061-3.el7.x86_64.rpm | 32 kB 00:00:00 (15/49): perl-Compress-Raw-Zlib-2.061-4.el7.x86_64.rpm | 57 kB 00:00:00 (16/49): perl-DBI-1.627-4.el7.x86_64.rpm | 802 kB 00:00:00 (17/49): perl-Data-Dumper-2.145-3.el7.x86_64.rpm | 47 kB 00:00:00 (18/49): perl-Exporter-5.68-3.el7.noarch.rpm | 28 kB 00:00:00 (19/49): perl-File-Path-2.09-2.el7.noarch.rpm | 26 kB 00:00:00 (20/49): perl-Encode-2.51-7.el7.x86_64.rpm | 1.5 MB 00:00:00 (21/49): perl-File-Temp-0.23.01-3.el7.noarch.rpm | 56 kB 00:00:00 (22/49): perl-Filter-1.49-3.el7.x86_64.rpm | 76 kB 00:00:00 (23/49): perl-Getopt-Long-2.40-3.el7.noarch.rpm | 56 kB 00:00:00 (24/49): perl-HTTP-Tiny-0.033-3.el7.noarch.rpm | 38 kB 00:00:00 (25/49): perl-IO-Compress-2.061-2.el7.noarch.rpm | 260 kB 00:00:00 (26/49): perl-Net-Daemon-0.48-5.el7.noarch.rpm | 51 kB 00:00:00 (27/49): perl-PathTools-3.40-5.el7.x86_64.rpm | 82 kB 00:00:00 (28/49): perl-PlRPC-0.2020-14.el7.noarch.rpm | 36 kB 00:00:00 (29/49): perl-Pod-Escapes-1.04-295.el7.noarch.rpm | 51 kB 00:00:00 (30/49): perl-Pod-Perldoc-3.20-4.el7.noarch.rpm | 87 kB 00:00:00 (31/49): perl-Pod-Usage-1.63-3.el7.noarch.rpm | 27 kB 00:00:00 (32/49): perl-Pod-Simple-3.28-4.el7.noarch.rpm | 216 kB 00:00:00 (33/49): perl-Scalar-List-Utils-1.27-248.el7.x86_64.rpm | 36 kB 00:00:00 (34/49): perl-Socket-2.010-5.el7.x86_64.rpm | 49 kB 00:00:00 (35/49): perl-Storable-2.45-3.el7.x86_64.rpm | 77 kB 00:00:00 (36/49): perl-Text-ParseWords-3.29-4.el7.noarch.rpm | 14 kB 00:00:00 (37/49): perl-Time-HiRes-1.9725-3.el7.x86_64.rpm | 45 kB 00:00:00 (38/49): perl-Time-Local-1.2300-2.el7.noarch.rpm | 24 kB 00:00:00 (39/49): perl-constant-1.27-2.el7.noarch.rpm | 19 kB 00:00:00 (40/49): perl-libs-5.16.3-295.el7.x86_64.rpm | 689 kB 00:00:00 (41/49): perl-macros-5.16.3-295.el7.x86_64.rpm | 44 kB 00:00:00 (42/49): perl-parent-0.225-244.el7.noarch.rpm | 12 kB 00:00:00 (43/49): perl-podlators-2.5.1-3.el7.noarch.rpm | 112 kB 00:00:00 (44/49): perl-threads-1.87-4.el7.x86_64.rpm | 49 kB 00:00:00 (45/49): perl-threads-shared-1.43-6.el7.x86_64.rpm | 39 kB 00:00:00 (46/49): tncfhh-0.8.3-16.el7.x86_64.rpm | 680 kB 00:00:00 (47/49): tncfhh-libs-0.8.3-16.el7.x86_64.rpm | 160 kB 00:00:00 (48/49): tncfhh-utils-0.8.3-16.el7.x86_64.rpm | 33 kB 00:00:00 (49/49): xerces-c-3.1.1-10.el7_7.x86_64.rpm | 879 kB 00:00:00 ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Total 15 MB/s | 17 MB 00:00:01 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : boost-system-1.53.0-28.el7.x86_64 1/49 Installing : boost-thread-1.53.0-28.el7.x86_64 2/49 Installing : apr-1.4.8-5.el7.x86_64 3/49 Installing : libtalloc-2.1.16-1.el7.x86_64 4/49 Installing : xerces-c-3.1.1-10.el7_7.x86_64 5/49 Installing : 14:libpcap-1.5.3-12.el7.x86_64 6/49 Installing : apr-util-1.5.2-6.el7.x86_64 7/49 Installing : log4cxx-0.10.0-16.el7.x86_64 8/49 Installing : tncfhh-0.8.3-16.el7.x86_64 9/49 Installing : tncfhh-utils-0.8.3-16.el7.x86_64 10/49 Installing : tncfhh-libs-0.8.3-16.el7.x86_64 11/49 Installing : 1:perl-parent-0.225-244.el7.noarch 12/49 Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 13/49 Installing : perl-podlators-2.5.1-3.el7.noarch 14/49 Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 15/49 Installing : 1:perl-Pod-Escapes-1.04-295.el7.noarch 16/49 Installing : perl-Text-ParseWords-3.29-4.el7.noarch 17/49 Installing : perl-Encode-2.51-7.el7.x86_64 18/49 Installing : perl-Pod-Usage-1.63-3.el7.noarch 19/49 Installing : 4:perl-libs-5.16.3-295.el7.x86_64 20/49 Installing : 4:perl-macros-5.16.3-295.el7.x86_64 21/49 Installed: freeradius.x86_64 0:3.0.13-10.el7_6 freeradius-mysql.x86_64 0:3.0.13-10.el7_6 freeradius-perl.x86_64 0:3.0.13-10.el7_6 freeradius-utils.x86_64 0:3.0.13-10.el7_6 Dependency Installed: apr.x86_64 0:1.4.8-5.el7 apr-util.x86_64 0:1.5.2-6.el7 boost-system.x86_64 0:1.53.0-28.el7 boost-thread.x86_64 0:1.53.0-28.el7 libpcap.x86_64 14:1.5.3-12.el7 libtalloc.x86_64 0:2.1.16-1.el7 log4cxx.x86_64 0:0.10.0-16.el7 perl.x86_64 4:5.16.3-295.el7 perl-Carp.noarch 0:1.26-244.el7 perl-Compress-Raw-Bzip2.x86_64 0:2.061-3.el7 perl-Compress-Raw-Zlib.x86_64 1:2.061-4.el7 perl-DBI.x86_64 0:1.627-4.el7 perl-Data-Dumper.x86_64 0:2.145-3.el7 setup freeradius server-x86_64 0:2.51-7.el7 perl-Exporter.noarch 0:5.68-3.el7 perl-File-Path.noarch 0:2.09-2.el7 perl-File-Temp.noarch 0:0.23.01-3.el7 perl-Filter.x86_64 0:1.49-3.el7 perl-Getopt-Long.noarch 0:2.40-3.el7 setup freeradius server.noarch 0:0.033-3.el7 setup freeradius server 0:2.061-2.el7 perl-Net-Daemon.noarch 0:0.48-5.el7 perl-PathTools.x86_64 0:3.40-5.el7 perl-PlRPC.noarch 0:0.2020-14.el7 perl-Pod-Escapes.noarch 1:1.04-295.el7 perl-Pod-Perldoc.noarch 0:3.20-4.el7 perl-Pod-Simple.noarch 1:3.28-4.el7 perl-Pod-Usage.noarch 0:1.63-3.el7 setup freeradius server.x86_64 0:1.27-248.el7 perl-Socket.x86_64 0:2.010-5.el7 perl-Storable.x86_64 0:2.45-3.el7 perl-Text-setup freeradius server 0:3.29-4.el7 perl-Time-HiRes.x86_64 4:1.9725-3.el7 perl-Time-Local.noarch 0:1.2300-2.el7 perl-constant.noarch 0:1.27-2.el7 setup freradius server 4:5.16.3-295.el7 perl-macros.x86_64 4:5.16.3-295.el7 perl-parent.noarch 1:0.225-244.el7 perl-podlators.noarch 0:2.5.1-3.el7 perl-threads.x86_64 0:1.87-4.el7 perl-threads-shared.x86_64 0:1.43-6.el7 tncfhh.x86_64 0:0.8.3-16.el7 tncfhh-libs.x86_64 0:0.8.3-16.el7 tncfhh-utils.x86_64 0:0.8.3-16.el7 xerces-c.x86_64 0:3.1.1-10.el7_7 Complete!
Step 4: Start Freeradius Service
After installation of freeradius packages if you check the radiusd service then you can see this service in inactive state. This service will not start by default hence you need to manually start it.
[root@localhost ~]# service radiusd status Redirecting to /bin/systemctl status radiusd.service ● radiusd.service - FreeRADIUS high performance RADIUS server. Loaded: loaded (/usr/lib/systemd/system/radiusd.service; disabled; vendor preset: disabled) Active: inactive (dead)
To start radiusd service, you can either use our traditional service radiusd start
command or you can use systemctl start radiusd
command. Both should work fine.
[root@localhost ~]# service radiusd start Redirecting to /bin/systemctl start radiusd.service
Now if you check the status again you can see the service is started and running fine.
[root@localhost ~]# service radiusd status Redirecting to /bin/systemctl status radiusd.service ● radiusd.service - FreeRADIUS high performance RADIUS server. Loaded: loaded (/usr/lib/systemd/system/radiusd.service; disabled; vendor preset: disabled) Active: active (running) since Tue 2020-06-02 22:19:05 UTC; 2s ago Process: 27273 ExecStart=/usr/sbin/radiusd -d /etc/raddb (code=exited, status=0/SUCCESS) Process: 27269 ExecStartPre=/usr/sbin/radiusd -C (code=exited, status=0/SUCCESS) Process: 27265 ExecStartPre=/bin/chown -R radiusd.radiusd /var/run/radiusd (code=exited, status=0/SUCCESS) Main PID: 27276 (radiusd) Tasks: 6 Memory: 8.4M CGroup: /system.slice/radiusd.service └─27276 /usr/sbin/radiusd -d /etc/raddb Jun 02 22:19:04 ip-172-31-9-24.us-west-2.compute.internal systemd[1]: Starting FreeRADIUS high performance RADIUS server.... Jun 02 22:19:05 ip-172-31-9-24.us-west-2.compute.internal systemd[1]: Started FreeRADIUS high performance RADIUS server..
NOTE:
SELinux
policy or Firewall
rules. It might block the port used by Freeradius service or might block the service itself. Hence it is recommended to check your SELinux
policy and firewall
rules whenever service failed to start.
Step 5: Check the Clients.conf and Users File
Now we need to setup the client in /etc/raddb/clients.conf
file. Here we are using default client localhost in our freeradius server setup.
[root@localhost ~]# vi /etc/raddb/clients.conf client localhost { ipaddr = 127.0.0.1 secret = testing123 require_message_authenticator = no nas_type = other }
You can use default bob user to setup freeradius server as shown below. You can setup your User
and cleartext-Password
in /etc/raddb/users
.
[root@localhost ~]# vi /etc/raddb/users “bob” Cleartext-Password := “password” Framed-IP-Address = 192.168.10.10, Reply-Message = “Hello, %{User-Name}”
Now you need to restart your service for the changes to reflect.
[root@localhost ~]# systemctl restart radiusd
Step 6: Test Your Configuration
Once setup is completed you can actually test the setup by using below radtest
command. Here we are trying authenticate to RADIUS Server through User Bob
and by using password hello
as you can see below. Once the authentication went successful you will receive Accept-Accept
message. This shows that you have completed the steps to setup freeradius server.
[root@localhost ~]# radtest bob hello 127.0.0.1 100 testing123 Sent Access-Request Id 56 from 0.0.0.0:41585 to 127.0.0.1:1812 length 73 User-Name = "bob" User-Password = "hello" NAS-IP-Address = 172.31.9.24 NAS-Port = 100 Message-Authenticator = 0x00 Cleartext-Password = "hello" Received Access-Accept Id 56 from 127.0.0.1:1812 to 0.0.0.0:0 length 32 Reply-Message = "Hello, bob"
bob: User-name
hello: User-Password
127.0.0.1: Server Hostname or IP Address
100: NAS Port
testing123: Cleartext-Password
Recommended Posts:-
10 Useful iproute2 tools examples to Manage Network Connections in Linux
Popular firewalld examples to open a port on RedHat/CentOS 7
8 Most Popular mkdir command in Linux with Examples
26 Useful Firewall CMD Examples on RedHat/CentOS 7
12 Most Popular rm command in Linux with Examples
9 useful w command in Linux with Examples
Getting Started: Setup FreeRadius Server
5 Easy Steps to recover LVM2 Partition , PV , VG , LVM metadata in Linux
Hi. Thanks for the tutorial.
Do you know how to configure Freeradius 3 + EAP-TLS?
fyi step 5 has a typo.
"/etc/raddb/client.conf " should be "/etc/raddb/clients.conf" instead
Hi Ken,
Thanks for noticing this typo. It stands corrected now.
After installation on public IP, unnecessary traffic problem with the freeradius server,
Hi, I have installed FreeRadius and the box is showing NAS-IP-Address as 127.0.0.1 instead of public ip of the box.
=======================================================
^C[root@localhost mods-available]# radtest radmin talari 10.75.134.53 0 testing123
Sent Access-Request Id 223 from 0.0.0.0:53302 to 10.75.134.53:1812 length 76
User-Name = "radmin"
User-Password = "talari"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Message-Authenticator = 0x00
Cleartext-Password = "talari"
Received Access-Accept Id 223 from 10.75.134.53:1812 to 0.0.0.0:0 length 27
Reply-Message = "ADMIN"
=============================================================
Can someone help me to change the NAS-IP-Address? I`m not able to reach the radius server from client application.