Last project for kampus sebelum hijrah yaitu menginstall freeradius untuk backend manajemen account user internet dan wifi hotspot serta dialupadmin untuk interface. Mikrotik digunakan sebagai server gateway semua pengguna. Untuk lebih praktisnya aku menggunakan debian linux (dalam hal ini aku pake aja kubuntu linux) dengan alasan efisiensi waktu, debian gampang banget cara nginstall dan nambain paketnya. nah caranya sbb: 1. install apache2 dan php5 bash# apt-get install apache2 php5( jalankan apache) bash# /etc/init.d/httpd start2. install mysql & mysqlclient bash# apt-get install mysql mysql-client mysqlclient12-devbash# /etc/init.d/mysqld start
bash# mysql -u root
3. install freeradius & freeradius mysql bash# apt-get install freeradius freeradius-mysql4. download dialupadmin dari sourceforge dan extract di /usr/local bash# cd /usr/localbash# tar -xzf dialupadmin.xxx5. pindah ke folder /var/www bash# cd /var/www6. buat simbolik link ke usr/local bash# ln -s /usr/local/dialup_admin dialup_admin7. setting folder dan file permision agar bisa execute bash# chmod -R 755 dialup_admin bash# chown apache.apache -R dialup_admin8. setting account untuk freeradius bash# cd /etc/freeradiusbash# vi userstambahkan baris berikut dan simpan ( [ESC] + :wq ) "imam" Auth-Type := Local, User-Password == "imam"
Reply-Message = "selamat datang %u"
Service-Type = Framed-User,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "20modun",
Fall-Through = Yes
9. setting clients.conf, tambahkan client untuk IP mikrotik bash# vi /etc/freeradius/clients.conf tambahkan baris berikut: client 10.10.17.5 { secret = rahasiadong shortname = hotspot.unsoed.ac.id}ubah juga secret untuk 127.0.0.1 atau localhost (samin dengan secret code diatas) dan simpan. 10. testing radius (kalo bukan radiusd ya freeradius ) bash # radiusd -XXX -A11. buka console yang laen dan testing login bash # radtest imam imam localhost 0 rahasiadong kalau berhasil harusnya muncul texts: selamat datang imam12. setting sql.conf server = "localhost" login = "root" password = ""13. donload juga freeradius src bash# apt-get source freeradius14. buat database radius bash# mysql -u root -e "create database radius"bash# mysql -u root radius < /freeradius-0.5/src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql kalo gak pake sql berikut: create database if not exists radius;use radius;CREATE TABLE radacct ( RadAcctId bigint(21) NOT NULL auto_increment, AcctSessionId varchar(32) NOT NULL default '', AcctUniqueId varchar(32) NOT NULL default '', UserName varchar(64) NOT NULL default '', Realm varchar(64) default '', NASIPAddress varchar(15) NOT NULL default '', NASPortId varchar(15) default NULL, NASPortType varchar(32) default NULL, AcctStartTime datetime NOT NULL default '0000-00-00 00:00:00', AcctStopTime datetime NOT NULL default '0000-00-00 00:00:00', AcctSessionTime int(12) default NULL, AcctAuthentic varchar(32) default NULL, ConnectInfo_start varchar(50) default NULL, ConnectInfo_stop varchar(50) default NULL, AcctInputOctets bigint(12) default NULL, AcctOutputOctets bigint(12) default NULL, CalledStationId varchar(50) NOT NULL default '', CallingStationId varchar(50) NOT NULL default '', AcctTerminateCause varchar(32) NOT NULL default '', ServiceType varchar(32) default NULL, FramedProtocol varchar(32) default NULL, FramedIPAddress varchar(15) NOT NULL default '', AcctStartDelay int(12) default NULL, AcctStopDelay int(12) default NULL, PRIMARY KEY (RadAcctId), KEY UserName (UserName), KEY FramedIPAddress (FramedIPAddress), KEY AcctSessionId (AcctSessionId), KEY AcctUniqueId (AcctUniqueId), KEY AcctStartTime (AcctStartTime), KEY AcctStopTime (AcctStopTime), KEY NASIPAddress (NASIPAddress)) ;## Table structure for table 'radcheck'#CREATE TABLE radcheck ( id int(11) unsigned NOT NULL auto_increment, UserName varchar(64) NOT NULL default '', Attribute varchar(32) NOT NULL default '', op char(2) NOT NULL DEFAULT '==', Value varchar(253) NOT NULL default '', PRIMARY KEY (id), KEY UserName (UserName(32))) ;## Table structure for table 'radgroupcheck'#CREATE TABLE radgroupcheck ( id int(11) unsigned NOT NULL auto_increment, GroupName varchar(64) NOT NULL default '', Attribute varchar(32) NOT NULL default '', op char(2) NOT NULL DEFAULT '==', Value varchar(253) NOT NULL default '', PRIMARY KEY (id), KEY GroupName (GroupName(32))) ;## Table structure for table 'radgroupreply'#CREATE TABLE radgroupreply ( id int(11) unsigned NOT NULL auto_increment, GroupName varchar(64) NOT NULL default '', Attribute varchar(32) NOT NULL default '', op char(2) NOT NULL DEFAULT '=', Value varchar(253) NOT NULL default '', PRIMARY KEY (id), KEY GroupName (GroupName(32))) ;## Table structure for table 'radreply'#CREATE TABLE radreply ( id int(11) unsigned NOT NULL auto_increment, UserName varchar(64) NOT NULL default '', Attribute varchar(32) NOT NULL default '', op char(2) NOT NULL DEFAULT '=', Value varchar(253) NOT NULL default '', PRIMARY KEY (id), KEY UserName (UserName(32))) ;## Table structure for table 'usergroup'#CREATE TABLE usergroup ( UserName varchar(64) NOT NULL default '', GroupName varchar(64) NOT NULL default '', priority int(11) NOT NULL default '1', KEY UserName (UserName(32))) ;## Table structure for table 'radpostauth'#CREATE TABLE radpostauth ( id int(11) NOT NULL auto_increment, user varchar(64) NOT NULL default '', pass varchar(64) NOT NULL default '', reply varchar(32) NOT NULL default '', date timestamp(14) NOT NULL, PRIMARY KEY (id)) ;## The next table is commented out because it is not# currently used in the server.### Table structure for table 'dictionary'##CREATE TABLE dictionary (# id int(10) DEFAULT '0' NOT NULL auto_increment,# Type varchar(30),# Attribute varchar(64),# Value varchar(64),# Format varchar(20),# Vendor varchar(32),# PRIMARY KEY (id)#);## Table structure for table 'nas'#CREATE TABLE nas ( id int(10) NOT NULL auto_increment, nasname varchar(128) NOT NULL, shortname varchar(32), type varchar(30) DEFAULT 'other', ports int(5), secret varchar(60) DEFAULT 'secret' NOT NULL, community varchar(50), description varchar(200) DEFAULT 'RADIUS Client', PRIMARY KEY (id), KEY nasname (nasname));15. tambain user untuk radius ##contoh isian database delete from radcheck; INSERT INTO radcheck(UserName,Attribute,op,Value) VALUES ('user1','User-Password','==','password1'), ('user2','User-Password','==','password2'); delete from usergroup; INSERT INTO usergroup(UserName, GroupName) VALUES ('user1', 'dynamic'),('user2', 'static'); INSERT INTO radreply(UserName, Attribute, op, value) VALUES ('user2', 'Cisco-Avpair', ':=', 'throttle=yes'), ('user2', 'Framed-IP-Address', ':=', '10.10.16.80'); delete from radgroupreply; INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES ('static', 'Cisco-Avpair', ':=', 'throttle=no'), ('dynamic', 'Cisco-Avpair', ':=', 'throttle=yes'), ('dynamic', 'Framed-Compression', ':=', 'Van-Jacobsen-TCP-IP'), ('dynamic', 'Framed-IP-Address', ':=', '255.255.255.254'), ('dynamic', 'Framed-MTU', ':=', '1500'), ('dynamic', 'Framed-Protocol', ':=', 'PPP'), ('dynamic', 'Framed-Route', ':=', '10.10.16.80'), ('dynamic', 'Service-Type', ':=', 'Framed-User');16. setting radiusd.conf , aktifkan modul sql
authorize {
sql
files
mschap
}
authenticate {
mschap
}
accounting {
unix
sql
radutmp
}
17. jalankan lagi radius mode debug
bash# killall radiusd
bash# radiusd -X -A
18. bersambung ke bagian 2 hehehee...panjang sekali sih
males ngetiknya (contact
iferianto@yahoo.com aja klo ada project ya. otre boz)
| |
