Install MySQL

Install MySQL [root@localhost ~]# yum install mysql-server mysql php-mysql

Configure MySQL
Set the MySQL service to start on boot [root@localhost ~]# chkconfig mysqld on Start the MySQL service [root@localhost ~]# service mysqld start Log into MySQL [root@localhost ~]# mysql -u root Set the root user password for all local domains SET PASSWORD FOR 'root'@'localhost' = PASSWORD('new-password'); SET PASSWORD FOR 'root'@'localhost.localdomain' = PASSWORD('new-password'); SET PASSWORD FOR 'root'@'127.0.0.1' = PASSWORD('new-password'); Drop the Any user DROP USER ''@'localhost'; DROP USER ''@'localhost.localdomain'; Exit MySQL exit

Install freeRadius
[root@localhost ~]#yum -y install freeradius freeradius-mysql

Configure MySQL with freeRadius

The config file of free radius is stored at "/etc/raddb", Now change the directory to it [root@localhost ~]#cd /etc/raddb Next is creating freeradius database [root@localhost raddb]# mysql u root -p Enter password: mysql>create database radius mysql>exit Now import freeradius tables from mysql.sql file. This file is placed in "/usr/share/doc/freeradius(VERSION)/examples/mysql.sql". [root@localhost raddb]# mysql -u root -p radius < /usr/share/doc/freeradius1.1.3/examples/mysql.sql Provide all privilege to user radius on database radius mysql -u root -p Enter password:mysqlrootsecret mysql> GRANT ALL PRIVILEGES ON radius.* TO 'radius'@'localhost' IDENTIFIED BY 'mysqlsecret'; mysql> FLUSH PRIVILEGES; mysql> quit Next step is edit file sql.conf to setup MySQL server, login, password and database information [root@localhost raddb]#vi sql.conf Set the following parameters # Connect info server = "localhost" login = "radius"

password = "myradiussecret" # Database table configuration radius_db = "radius" Dont edit anything except server, login, password and database unless you know what you're doing. Uncomment readclients in file sql.conf # Set to 'yes' to read radius clients from the database ('nas' table) readclients = yes Next, edit clients.conf file to set radius secret key [root@localhost raddb]#vi clients.conf Set the following parameters for secret key secret = "myradiussecret"

At last edit radiusd.conf config file. Uncomment the following line in radiusd.conf by removing "#" $INCLUDE ${confdir}/sql.conf

In the same file look for "accounting {" , "authorize {" and "session {" then remove "#" (comment) from "sql". If we are not using local file users to look the radius users, comment the line file to #file in authorize section. In authorize section authorize { # Read the 'users' file # files # # Look in an SQL database. The schema of the database # is meant to mirror the "users" file. # # See "Authorization Queries" in sql.conf sql In accounting section accounting { # See "Accounting queries" in sql.conf sql In session section session { # See "Simultaneous Use Checking Querie" in sql.conf sql

Now test the radius server for authentication. Create one account in radius database. Login to mysql and select radius database, then add username = test and password = password. mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('test', 'Password', 'password'); mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('test', 'Auth-Type', 'Local');

Next is test our user with radtest. As: [root@host raddb]# radtest test password localhost 1812 myradiussecret If successful the output will be: rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=31, length=20