FreeRADIUS INSTALLATION

Products PMP
1

Systematic procedure for basic FreeRADIUS installation in LINUX:

 

FreeRADIUS Version: 2.X 

-          Install the server through the command “sudo apt-get install freeradius

-          Navigate to the path “/etc/freeradius/” through the command “cd /etc/freeradius/

-          To define a client or AP IP, edit /etc/freeradius/clients.conf and add its entity as below

Here AP’s IP address is 10.110.65.159 and its shared secret is “SECRET”

1.png 

 

 

-           For authenticating a SM ,edit "/etc/freeradius/users" file and add the username and password as below.

 Here “SM_AUTHENTICATION” is the username and “password” is the shared secret.2.jpg

 

 

 

-          Edit “/etc/freeradius/users” file for user authentication through radius as below

Here “USERAUTHENTICATION” is the username and “password” is the shared Secret.

“Cambium-Canopy-UserLevel” and “Cambium-Canopy-Usermode” called Vendor specific attributes (VSA).3.png

 

 

 

 

-          To add these VSA’s download the Cambium Dictionary files at  https://support.cambiumnetworks.com/files/pmp450/ and copy the downloaded files at /usr/share/freeradius/.

-          Add the name of the copied file(dictionary.canopy) by editing the file “/usr/share/freeradius/dictionary”

 Here “dictionary.canopy” is the dictionary file added.4.png

 

 

 

 

 

 

-          Add Cambium certificates by downloading them at https://support.cambiumnetworks.com/files/pmp450/ . Unzip and copy the files at “/etc/freeradius/certs/".

The certs folder should contain files same as below

5.png

 

 

 

-          Finally editing “eap.conf” file as below helps freeradius to look for certificates, dictionary files and other.

6.png
6.png718×219 16.7 KB
7.jpg
7.jpg716×97 7.77 KB
8.jpg
8.jpg716×234 16.1 KB

-          To  copy the inner tunnel request to outer tunnel make the changes in eap.conf  as below:

9.jpg
9.jpg718×279 19 KB

 

 

 

 

 

 

 

 

 

 

 

ADDITONAL LINKS:

-          Guide for getting started  https://wiki.freeradius.org/guide/Getting-Started

-          Guide to troubleshoot freeraidus https://wiki.freeradius.org/guide/Troubleshooting

Commands:

-          To run the freeradius in debugging mode: freeradius –XX

-          To stop the running freeradius:service freeradius stop

-          To start the freeradius:service freeradius start

-          Always restart the freeradius after making any changes.To restart the freeradius:service freeradius restart

-          Freeradius is intelligent enough to automatically determine outer tunnel type and inner tunnel type.

 

10 Likes
2

Any chance an updated version of this howto exists? I’m hoping to use more up-to-date stuff. Like FreeRADIUS Version 3.0.20 on Ubuntu 20.04 or Centos 8.

1 Like