configure DDWRT Chillispot Apache2 FreeRadius freeradiusdialupadmin and MySQL on Debian 40.docx
《configure DDWRT Chillispot Apache2 FreeRadius freeradiusdialupadmin and MySQL on Debian 40.docx》由会员分享,可在线阅读,更多相关《configure DDWRT Chillispot Apache2 FreeRadius freeradiusdialupadmin and MySQL on Debian 40.docx(15页珍藏版)》请在冰豆网上搜索。
![configure DDWRT Chillispot Apache2 FreeRadius freeradiusdialupadmin and MySQL on Debian 40.docx](https://file1.bdocx.com/fileroot1/2022-12/13/7bc315df-8985-48a9-a0a1-ee300b3557e7/7bc315df-8985-48a9-a0a1-ee300b3557e71.gif)
configureDDWRTChillispotApache2FreeRadiusfreeradiusdialupadminandMySQLonDebian40
HowToConfigureDD-WRT,Chillispot,Apache2,FreeRadius,Freeradius-Dialupadmin,AndMySQLOnDebian4.0
HowtoconfigureDD-WRT,Chillispot,Apache2,FreeRadius,freeradius-dialupadmin,andMySQLonDebian4.0
Thiswillshowhowtoconfiguretheaboveappsinordertocreateahotspot.Also,Iwillgooversomeattributestocontrolbandwidth.Iamnotanexpertwithanyoftheseapps,butIgotitworking.Ifanyonehasanysuggestion,pleasedonothesitateoncommenting.
▪Requirements(mostoftheseareinDebian'sSynapticPackageManager)
▪Apache2
▪MySQLServer
▪PHP4
▪freeradius
▪freeradius-dialupadmin
▪php4-mysql
▪openssl
▪freeradius-mysql
▪php4-cgi
▪Downloadchillispot-1.1.0(donotinstall)
▪DownloadMySQLQuickAdmin
▪ConfiguringDD-WRT.Iamusingfirmwarev24RC4
1.MakesureyourwirelessrouterhasInternetaccess.
2.OpenyourInternetbrowserto“http:
//192.168.1.1 ”
3.Click“Administration”andmakesureyouchangeyourrouter'susernameandpassword.
4.Clickon“Setup”,under“BasicSetup”.IntheDHCPsetting,deselect“DHCP-Authoritative”.Clickthe“ApplySettings”buttonatthebottom.
5.Click“Wireless”andinthe“WirelessNetworkName(SSID)”textboxtypethenameofthehotspot.Forthishowto,wewillusethefancyname“HotSpot”.Clickthe“ApplySettings”buttonatthebottom.
6.Click“Services”andthen“Hotspot”
7.EnableChillispot.Insertthesesettings:
(OnmyDebianmachine,Iassignedastaticipaddressof192.168.1.2)PrimaryRadiusServerIP/DNS:
192.168.1.2
▪PrimaryRadiusServerIP/DNS:
192.168.1.2
▪BackupRadiusServerIP/DNS:
192.168.1.2
▪DNSIP:
“thisisyourISPDNSserver”
▪RemoteNetwork:
“usethedefault”
▪RedirectURL:
“https:
//192.168.1.2/cgi-bin/hotspotlogin.cgi/ ”
▪SharedKey:
testing123
▪DHCPInterface:
WLAN
▪RadiusNASID:
ID_HotSpot
▪UAMSecret:
testing123
8.leavetherestattheirdefaultsettings
9.Click“ApplySettings”andrebootrouter.
SwitchovertothemachinewithDebian(192.168.1.2).Makesureyouhaveinstallallpackagesrequired.
▪Configuringfreeradius
IliketouseNautilustonavigateasroot.Todothis,opena“RootTerminal”.Typethefollowing:
nautilus--no-desktop–browser.
1.Navigateto/etc/freeradius
2.Edit“radiusd.conf”
▪Line428:
change“proxy-requests”to“no”
▪goto“authorize{“,Line1773
▪Line1844:
uncomment“sql”
▪goto“accounting{“,Line1973
▪Line2001:
uncomment“sql”
▪goto“session{“,Line2018
▪Line2023:
uncomment“sql”
3.Saveandclosethefile.
4.Let'screateauserandtestfreeradius.
5.Edit“user”in/etc/freeradius
6.Online53,insertthefollowing:
▪test1User-Password==“password1”
▪DEFAULTAuth-Type:
=chap
▪Fall-Through :
=1
3.Saveandclosethefile.
4.Edit“clients.conf”in/etc/freeradius
▪Line35:
changethe“secret”totheoneyouusedinDD-WRTconfiguration(testing123)
3.Saveandclosethefile.
4.Gotoyou“RootTerminal”andrestartfreeradius
▪/etc/init.d/freeradiusrestart
11.Testuser
▪radtesttest1password1127.0.0.10testing123
(Ifyouget“re-sending”continuously,checkyoursettingagain.Ifyougetsomethinglikethis“rad-recv:
Access-Reject”,thenweknowfreeradiusisworkingandwecanmoveon.Alsoyoumightwanttodeletethetestuseroutof“clients.conf”.)
▪ConfiguringMySQL
1.Thishow-toisafreshinstallationofDebian,soIwillhavetosetthepasswordfortherootofMySQL.
2.Open“RootTerminal”andtypethefollowing:
▪mysql-uroot-p
***Pressenterwhenitasksforthepassword(thereisnopassword)
▪setpasswordfor'root'@'localhost'=password('root_password');
▪quit;
3.CreatetheradiusdatabaseandcreateanewMySqlusertoaccessdatabase.Onthe“RootTerminal”,type:
▪mysql-uroot-p
***Enterthenewpassword(root_password).
▪createdatabasedb_radius;
▪grantallprivilegesondb_radius.*to'user_radius'@'localhost'identifiedby'user_radius_password';
▪flushprivileges;
▪quit;
4.ImportMySqlstatementtothedb_radius.Downloadandextract“http:
//www.freeradius.org/download.html ”Thiswilldownloadtoyourdesktop.Typethefollowingin“RootTerminal”:
▪cd/home/username/Desktop/freeradius-1.1.7/doc/examples/
▪mysql-uuser_radius-pdb_radius5.Letseeifthedatabaseandinformationisthere.Typethefollowingin“RootTerminal”:
▪mysql-uuser_radius-p
▪showdatabases;
▪usedb_radius;
▪showtables;
▪***Youshouldseethefollowingtables:
nas,radacct,radcheck,radgroupcheck,radgroupreply,radippool,radpostauth,radreply,andusergroup.
▪quit;
▪ConfigurefreeradiustouseMySQL
1.UsingNautilus,navigateto/etc/freeradiusandeditsql.conf
▪Line22:
changeto“user_radius”
▪Line23:
changeto“user_radius_password”
▪Line26:
changeto“db_radius”
▪saveandclosethefile.
2.Let'screateatestuserforMySQL.Open“RootTerminal”.Andtypethefollowing:
▪mysql-uuser_radius-pdb_radius
▪insertintoradcheck(Username,Attribute,Value)VALUES('testsql','Password','passwordsql');
▪select*fromradcheck; (***thiswillshowtheinformationyoujusttyped)
▪quit;
3.Restartfreeradius.Using“RootTerminal”,type:
▪/etc/init.d/freeradiusrestart
4.Testtheaccount.Using“RootTerminal”,type:
▪radtesttestsqlpasswordsql127.0.0.10testing123
▪ConfiguringSSLcertificate
1.Openaterminal.Iopenaterminalasroot.Gotothetop-left,click“Applications”,“Accessories”andthen“RootTerminal”
2.changedirectorytoapache2
▪cd/etc/apache2
3.createanewdirectorycalled“ssl”
▪mkdirssl
4.changedirectorytothenewfolder
▪cdssl
5.Typethefollowingcommandstocreatethecertificate:
▪opensslgenrsa-outhotspot.DomainN.key1024
▪opensslreq-new-keyhotspot.DomainN.key-outhotspot.DomainN.csr
(fillintheappropriateinformation,when“CommonName”comesupusethenameofthewebsite,hotspot.DomainN)
▪opensslx509-req-days730-inhotspot.DomainN.csr-signkeyhotspot.DomainN.key-outhotspot.DomainN.crt
Thecertificatehasbeencreated.Nowwewillmoveontofreeradius.
▪ConfiguringApache2
1.UsingNautilus,navigateto“/etc/apache2”andedit“ports.conf”.Addthislineafter“Listen80”
▪Listen443
2.Enablesslmodules.
▪With“Nautilus,navigateto“cd/etc/apache2/mods-available.Right-click“ssl.conf”and“ssl.load”andselect“MakeLink”.Thiswillmaketolinks,“linktossl.conf”and“linktossl.load”
▪Cutandpastethesetwofilesto“/etc/apache2/mods-enabled”
▪Renameeachfilebyremoving“linkto”.Theyshouldlooklike“ssl.conf”and“ssl.load”withanarrow
2.Navigateto“/etc/apache2/sites-available”andedit“default”
▪Line1:
remove“NameVirtualHost*”andadd“ServerNamehotspot.DomainN”
▪Line2:
changeto“443>
▪Line17:
commentout“RedirectMatch^/$/apache2-default/”
***Rightbefore
,type:
▪SSLEngineon
▪SSLCertificateFile/etc/apache2/ssl/.crt
▪SSLCertificateKeyFile/etc/apache2/ssl/.key
4.Saveandclosethefile.Restartapache2in“RootTerminal”
▪apache2-krestart
5.OpenanInternetbrowserandintheaddressbartype:
▪“https:
//localhost/ ”
***YourInternetbrowsershouldaskyoutoacceptthecertificatethatwascreated.
▪Installandconfigure“hotspotlogin.cgi”
1.Downloadandextract http:
//www.chillispot.info/download.html
2.Don'tinstallchillispot.Navigateto“/home/username/Desktop/chillispot-1.1.0/doc”withNautilus
3.Copy“hotspotlogin.cgi”to“/usr/lib/cgi-bin”
4.Edit“hotspotlogin.cgi”
▪Line27:
uncomment“$uamsecret”
▪insertyoursecret(testing123)
5.UsingNautilus,navigateto“/etc/freeradius”andedit“clients.conf”
▪Line27:
change“client127.0.0.1”to“client192.168.1.1”
***thisshouldbetheipaddressofyourDD-WRT
6.Saveandclosethefile.Nowrestartfreeradius.Open“RootTerminal”andtype:
▪/etc/init.d/freeradiusrestart
7.Grabalaptopandturniton.Checktoseeifyougottherightipaddress(shouldbesomethinglike,192.168.182.X)
8.OpenanInternetbrowser.Thepageshouldberedirectedandapop-upaboutacceptingacertificateshouldcomeup.Acceptitandyoushouldseethe“hotspotlogin.cgi”askingforausernameandpassword.Enterthesqltestuser(testsqlpasswordsql).Youshouldnowbeloggedinandabletosurftheweb.
***Ifyougetablankscreen,checkyourpermissionson“hotspotlogin.cgi”file.Othershouldhave“execute”checked.
▪Configurefreeradius-dialupadmin
1.Createafolderandalink.Opena“RootTerminal”andtype:
▪cd/var/www
▪mkdirdialup
▪ln-s/usr/share/freeradius-dialupadmin/htdocs/var/www/dialup
2.Thereisnousername/passwordforfreeradius-dialupadmin,sowewillcreateone.WithNautilus,navigateto“/etc/apache2”andedit“httpd.conf”.Addthefollowing:
▪DocumentRoot/var/www/dialup
▪
▪
▪AuthName"RestrictedArea"
▪AuthTypeBasic
▪AuthUserFile/var/www/.htaccess
▪requirevalid-user
▪
▪
▪
▪OptionsIndexesFollowSymLinksMultiViews
▪AllowOverrideNone
▪Orderallow,deny
▪allowfromall
▪
3.Create.htaccesfileforthedirectory.Opena“RootTerminal”andtype:
▪htpasswd-cm/var/www/.htaccessdialup-user
***Afteryouhitenter,itwillaskforthenewpassword(dialup-password).Restartapache2with“RootTerminal”
▪apache2-krestart
4.Testitoutbyopenaninternetbrowserandgoingto“http:
//localhost/htdocs ”
5.Whenitaskfortheusername/password,entertheonesyoucreatedfordialupadmin(dialup-user/dialup-password).
6.Edit/usr/share/freeradius-dailupadmi