UbuntuUbuntu Based

How To Install FreeRADIUS on Ubuntu 24.04 LTS

r00t

Install FreeRADIUS on Ubuntu 24.04

In this tutorial, we will show you how to install FreeRADIUS on Ubuntu 24.04 LTS. FreeRADIUS is a powerful, open-source RADIUS server that provides robust authentication, authorization, and accounting (AAA) services. It is widely used in various network environments, from small businesses to large enterprises, to ensure secure access to network resources.

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the FreeRADIUS on Ubuntu 24.04 (Noble Numbat). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

Prerequisites

  • A server running one of the following operating systems: Ubuntu and any other Debian-based distribution like Linux Mint.
  • It’s recommended that you use a fresh OS install to prevent any potential issues.
  • SSH access to the server (or just open Terminal if you’re on a desktop).
  • An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies.
  • An Ubuntu 24.04 system with root access or a user with sudo privileges.

Install FreeRADIUS on Ubuntu 24.04 LTS Noble Numbat

Step 1. Updating the Package Repository.

To ensure a smooth installation process, it’s crucial to update your system packages to their latest versions. Open a terminal and run the following commands:

sudo apt update
sudo apt upgrade

These commands will refresh the package list and upgrade any outdated packages to their latest stable releases. This step helps prevent compatibility issues and ensures that you have access to the most recent security patches and bug fixes.

Step 2. Installing Dependencies.

FreeRADIUS requires several dependencies to function properly. To install these dependencies, run the following command:

sudo apt install build-essential libssl-dev libpam0g-dev libtool autoconf

Step 3. Installing FreeRADIUS on Ubuntu 24.04.

Now that the dependencies are in place, you can proceed with installing FreeRADIUS. Ubuntu’s package manager provides a convenient way to install FreeRADIUS:

sudo apt install freeradius

This command will download and install the latest stable version of FreeRADIUS, along with any additional required packages.

Alternatively, if you need more control over the installation process or want to use a specific version of FreeRADIUS, you can build it from source:

wget https://github.com/FreeRADIUS/freeradius-server/releases/download/release_3_2_4/freeradius-server-3.2.4.tar.gz
tar -xvf freeradius-server-3.2.4.tar.gz
cd freeradius-server-3.2.4

Configure and compile FreeRADIUS:

./configure
make
sudo make install

Building from source allows you to customize the installation, enable or disable specific modules, and apply patches if needed. However, for most users, installing FreeRADIUS via the package manager is sufficient and provides a more straightforward setup process.

After the installation is complete, start the FreeRADIUS service and enable it to run automatically at system startup:

sudo systemctl start freeradius
sudo systemctl enable freeradius

These commands will start the FreeRADIUS service and ensure that it starts automatically whenever your Ubuntu system boots up. You can verify that the service is running by using the following command:

sudo systemctl status freeradius

If the service is active and running, you’ll see output similar to “Active: active (running)” in the status report.

Step 4. Basic Configuration.

FreeRADIUS comes with a default configuration that works well for most setups. The main configuration files are located in the /etc/freeradius/3.0/ directory.

To customize the server’s behavior, you can edit the radiusd.conf file. This file allows you to set the listen addresses and ports, define the authentication type, and enable logging. Here are some example configuration snippets:

listen {
  ipaddr = 127.0.0.1
  port = 1812
}

modules {
  pap {
    # PAP authentication settings
  }
}

logging {
  auth_log = /var/log/freeradius/radius.log
}

In the listen section, you can specify the IP addresses and ports on which FreeRADIUS should listen for incoming requests. The modules section allows you to configure various authentication methods, such as PAP, CHAP, or EAP. The logging section enables you to define where FreeRADIUS should store its log files.

It’s essential to carefully review and modify the configuration files according to your network’s requirements. FreeRADIUS provides extensive documentation and examples within the configuration files themselves, making it easier to understand and customize the settings.

Remember to restart the FreeRADIUS service after making any changes to the configuration files:

sudo systemctl restart freeradius

Step 5. Configure Clients.

To allow network devices to communicate with your FreeRADIUS server, you need to configure them as clients. The client configuration is stored in the clients.conf file.

Open the file in a text editor:

sudo nano /etc/freeradius/3.0/clients.conf

Add a new client entry for each network device that will be sending authentication requests to the FreeRADIUS server. Here’s an example configuration:

client your_network_device {
ipaddr = 192.168.1.1
secret = your_secret_password
require_message_authenticator = no
nastype = other
}

Replace your_network_device with a descriptive name for the client, ipaddr with the IP address of the network device, and your_secret_password with a strong, unique password that will be used for secure communication between the client and the FreeRADIUS server.

Repeat this process for each network device that needs to authenticate through FreeRADIUS. Once you’ve added all the clients, save the file and restart the FreeRADIUS service for the changes to take effect.

Step 6. User Management.

FreeRADIUS stores user information in the users file, located in the /etc/freeradius/3.0/ directory. This file contains user entries that define the authentication credentials and authorization parameters for each user.

To add a new user, open the users file in a text editor:

sudo nano /etc/freeradius/3.0/users

Add a new entry for each user, following this format:

username Cleartext-Password := "password"

Replace username with the actual username and password with the user’s password. You can also specify additional attributes for the user, such as session timeout, VLAN assignment, or bandwidth limitations.

Here’s an example user entry with additional attributes:

meilana Cleartext-Password := "secretpassword"
Session-Timeout := 3600,
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-Id = 10

In this example, the user “meilana” has a session timeout of 3600 seconds (1 hour) and is assigned to VLAN 10.

After adding the user entries, save the file and restart the FreeRADIUS service for the changes to take effect.

Step 7. Testing the Installation.

To ensure that your FreeRADIUS installation is working correctly, you can test it using the radtest utility, which comes with the FreeRADIUS package.

First, run FreeRADIUS in debug mode to see detailed output:

sudo freeradius -X

This command will start FreeRADIUS in the foreground and display debug messages, which can help you identify any issues or misconfigurations.

In another terminal window, use radtest to send a test authentication request:

radtest username password localhost 0 testing123

Replace username and password with the credentials of a user you configured in the users file. The localhost parameter specifies the server address, 0 represents the port number (which defaults to 1812), and testing123 is the shared secret for the local test client.

If the test is successful, you should see an “Access-Accept” message in the output, indicating that the user authentication was successful. If you encounter any errors, review the debug output in the FreeRADIUS terminal window to identify and resolve the issues.

Congratulations! You have successfully installed FreeRADIUS. Thanks for using this tutorial for installing the FreeRADIUS on the Ubuntu 24.04 LTS system. For additional help or useful information, we recommend you check the FreeRADIUS website.

VPS Manage Service Offer
If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!
Tags
r00t
Photo of r00t

r00t

r00t is a seasoned Linux system administrator with a wealth of experience in the field. Known for his contributions to idroot.us, r00t has authored numerous tutorials and guides, helping users navigate the complexities of Linux systems. His expertise spans across various Linux distributions, including Ubuntu, CentOS, and Debian. r00t's work is characterized by his ability to simplify complex concepts, making Linux more accessible to users of all skill levels. His dedication to the Linux community and his commitment to sharing knowledge makes him a respected figure in the field.
Copyright © 2024 idroot.us | All Rights Reserved.
Back to top button