Setting up external Radius server for Hotspot authentication: Difference between revisions
mNo edit summary |
mNo edit summary |
||
| Line 12: | Line 12: | ||
==Preparing Ubuntu machine== | ==Preparing Ubuntu machine== | ||
====Installing the server==== | |||
---- | |||
Firstly, update the package list and upgrade to the latest packages: | Firstly, update the package list and upgrade to the latest packages: | ||
| Line 17: | Line 20: | ||
sudo apt update | sudo apt update | ||
sudo apt upgrade | sudo apt upgrade | ||
</pre> | |||
Next, install freeradius package: | |||
<pre> | |||
sudo apt install freeradius | |||
</pre> | |||
====Defining a Client==== | |||
---- | |||
Client - Hotspot that will use freeradius to authenticate users. | |||
In order to add/edit clients, we need to access clients.conf file, use your favourite text editor to access it: | |||
<pre> | |||
sudo nano /etc/freeradius/3.0/clients.conf | |||
</pre> | |||
For this example we will add the following lines in order to accept any IP address as a client: | |||
<pre> | |||
client 0.0.0.0/0 { | |||
secret = demosecret | |||
shortname = 0.0.0.0/0 | |||
} | |||
</pre> | |||
Note: IP of a specific Public IP of the client can be used instead of 0.0.0.0/0 | |||
====Defining a User and Password==== | |||
---- | |||
Before we create a user and password, let's use MD5 encryption instead of a clear text password. We will generate MD5 for '''demo123''' password using the following command: | |||
<pre> | |||
echo -n demo123| md5sum | awk '{print $1}' | |||
</pre> | |||
We will now define credentials for user '''demo'''. Use your favourite text editor to open '''users''' file: | |||
<pre> | |||
sudo nano /etc/freeradius/3.0/users | |||
</pre> | |||
Add required lines to the file: | |||
<pre> | |||
demo MD5-Password:= "62cc2d8b4bf2d8728120d052163a77df" | |||
Reply-Message := "%{User-Name} authenticated successfully" | |||
</pre> | </pre> | ||
Revision as of 11:40, 28 October 2022
Main Page > General Information > Configuration Examples > WIFI > Setting up external Radius server for Hotspot authenticationSummary
In this example we will perform a basic external Radius server configuration and test it with RUT device for Hotspot authentication. We will use freeradius package to set up a local Radius server on Ubuntu operating system. A router with a public IP address will be directly connected to the Radius server and forward authentication requests to a LAN IP address of the server via default Radius ports.
Prerequisites
- RUT1 - Router with a Public IP address to make local server able to accept external authentication requests
- Ubuntu machine - To host a local freeradius server
- RUT2 - To configure Hotspot and test Radius authentication method using our installed server
Preparing Ubuntu machine
Installing the server
Firstly, update the package list and upgrade to the latest packages:
sudo apt update sudo apt upgrade
Next, install freeradius package:
sudo apt install freeradius
Defining a Client
Client - Hotspot that will use freeradius to authenticate users. In order to add/edit clients, we need to access clients.conf file, use your favourite text editor to access it:
sudo nano /etc/freeradius/3.0/clients.conf
For this example we will add the following lines in order to accept any IP address as a client:
client 0.0.0.0/0 {
secret = demosecret
shortname = 0.0.0.0/0
}
Note: IP of a specific Public IP of the client can be used instead of 0.0.0.0/0
Defining a User and Password
Before we create a user and password, let's use MD5 encryption instead of a clear text password. We will generate MD5 for demo123 password using the following command:
echo -n demo123| md5sum | awk '{print $1}'
We will now define credentials for user demo. Use your favourite text editor to open users file:
sudo nano /etc/freeradius/3.0/users
Add required lines to the file:
demo MD5-Password:= "62cc2d8b4bf2d8728120d052163a77df"
Reply-Message := "%{User-Name} authenticated successfully"