Installing Freeradius as previously described, causes the default configuration files to be copied to /etc/raddb. Unless noted otherwise, the rest of this document refers to files relative to this directory.

Startup Configuration

The installation script does not copy an init script — you need to do that manually. From the root of your freeradius build directory:

cp redhat/rc.radiusd-redhat /etc/rc.d/init.d/radiusd

chown root:root /etc/rc.d/init.d/radiusd

Use chkconfig to start this automatically. Here’s some information about chkconfig.

Server Configuration

First off, it’s a good idea to test the generic freeradius installation. Since the default configuration has no defined clients, you will need to test from the server itself. You can use the radtest program in conjunction with a local unix account for this. The following example assumes you have a local account called testuser with the password ‘hello’. The NAS port number is 12 (you could use any number) and the default radius secret for localhost is testing123.

radtest testuser hello localhost 12 testing123

On success you should see output similar to:

Sending Access-Request of id 93 to 127.0.0.1 port 1812
User-Name = “testuser”
User-Password = “hello”
NAS-IP-Address = 255.255.255.255
NAS-Port = 12

rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=93, length=20

The main configuration is done in radius.conf.

openssl dhparam -check -text -5 1024 -rand /home/jeff/unattend.txt -out hcca-wlceap.dh

dd if=/dev/urandom of=random count=2