FreeRadius(AAA) installation and Configuration on Linux

Free Radius

RADIUS which stands for Remote Authentication Dial In User Service, is a network protocol – a system that defines rules and conventions for communication between network devices for remote user authentication and accounting. Commonly used by Internet Service Providers (ISPs), cellular network providers, and corporate and educational networks. The RADIUS protocol serves three primary functions:

  1. Authentication: Authenticates users or devices before allowing them access to a network.
  2. Authorization: Authorizes users or devices for specific network services.
  3. Accounting: Accounts for and tracks the usage of those services.


Topic

  • How to Configure FreeRadius on Linux?
  • How to install FreeRadius on Linux?
  • How to use FreeRadius?
  • FreeRadius installation and Configuration on Linux


Solution


FreeRadius Installation

We’ll explore the steps to install FreeRadius on various Linux distributions like CentOS, RHEL, Suse Linux. Ubuntu, Debian, etc. with minimal configuration.

FreeRadius Installation on CentOS/RHEL:
# yum install freeradius freeradius-utils

FreeRadius Installation on Ubuntu/Debian:
# apt-get install install freeradius freeradius-utils

Note: It is needed to install freeradius-ldap package if LDAP integration is required.


FreeRadius Configuration

  • Main configuration file of FreeRadius is /etc/raddb/radiusd.conf where we add or modify all Radius configuration. Add or modify necessary configuration in the following files.
/etc/raddb/radiusd.conf
/etc/raddb/sites-enabled/default
/etc/raddb/users

  • Create Radius user

    Create Radius plain text user entry in /etc/raddb/users file with the reference of sample configuration below.

user1 Cleartext-Password := “user123”

Reply-Message := “Hello %{User-Name}”

Radius client ACL
Define radius client details in /etc/raddb/clients.conf as below for network access.

client internal-network {

ipaddr = 192.168.100.0/24

secret = testing123

}

  • Validate Radius Configuration
    # /usr/sbin/radiusd -d /etc/raddb -CX

  • Start and enable Radius Service

# systemctl start radiusd
# systemctl status radiusd


FreeRadius Troubleshooting

Always debug radiususddaemon with the following command to troubleshoot any radius related issues.
# /usr/sbin/radiusd -X


You May Also Like

avatar

About the Author: TekFik

TekFik is a technical blogging site helps techies and engineers to solve their day to day issues and also allows everyone to share knowledge and feedback. Please feel free to contact us at tekfik.rd@gmail.com if there is anything.

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *