lost and found ( for me ? )

install freeradius on ubuntu 13.10

Here is how to install freeradius and use radtest tool.


install freeradius over apt-get.
# apt-get install freeradius -y

# touch /var/run/freeradius/freeradius.pid
# chown freerad.freerad /var/run/freeradius/freeradius.pid

# which freeradius

# freeradius -v
freeradius: FreeRADIUS Version 2.1.12, for host x86_64-pc-linux-gnu, built on Feb 24 2014 at 15:09:01

# pwd
root@ubuntu-vm1:/etc/freeradius# ls
acct_users                 clients.conf       modules          sites-enabled
attrs                      dictionary         policy.conf      sql.conf
attrs.access_challenge     eap.conf           policy.txt       sqlippool.conf
attrs.access_reject        experimental.conf  preproxy_users   templates.conf
attrs.accounting_response  hints              proxy.conf       users
attrs.pre-proxy            huntgroups         radiusd.conf
certs                      ldap.attrmap       sites-available

edit /etc/freeradius/users file.
add a user.
# pwd

root@ubuntu-vm1:/etc/freeradius# cp users users.orig

# tail -1 /etc/freeradius/users
testuser01 Cleartext-Password := "testuser01"

start freeradius as debug mode.
# service freeradius stop

# freeradius -X
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on authentication address port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.

send request packets with radtest.
# radtest testuser01 testuser01
0 testing123
Sending Access-Request of id 178 to port 1812
User-Name = "testuser01"
User-Password = "testuser01"
NAS-IP-Address =
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host port 1812, id=178, length=20

radius debug log.
if the request was accepted by the radius daemon, you will see “Access-Accept” messages.
rad_recv: Access-Request packet from host port 48282, id=178, length=80
User-Name = "testuser01"
User-Password = "testuser01"
NAS-IP-Address =
NAS-Port = 0
Message-Authenticator = 0x87bac26dae66f6cf8d2d0d5c5d61723d
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "testuser01", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry testuser01 at line 205
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group PAP {...}
[pap] login attempt with password "testuser01"
[pap] Using clear text password "testuser01"
[pap] User authenticated successfully
++[pap] returns ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 178 to port 48282
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 178 with timestamp +161
Ready to process requests.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.