Ubuntu Server and freeRADIUS 2.0.5

For the last week, I have been attempting to install a RADIUS daemon on my Ubuntu Server. Alas, the RADIUS server I had originally installed, did not agree with the version of PERL that Ubuntu had been compiled with. Ain’t it always like that…sigh.

The only option was to compile the latest stable version of freeRADIUS 2.0.5 on Ubuntu and cross my fingers. It was NOT all that easy. Before you compile freeRADIUS, there are two changes you’ll have to make before freeRADIUS plays nice with Debian. After you have downloaded freeRADIUS from freeradius.org (as a non-root user), do the following:

If you don’t have dpkg-buildpackage, then now is the time to download it with :

After the freeradius archive has been expanded, you’ll have to fix an error in the source code. The error is at lines 47-48 in debian/patches/01-radiusd-to-freeradius.dpatch. Make the following alteration:

to

Next chmod the untared freeradius folder with this:

Then, perform the following:

After all that, you may still get some errors. Most notably, what I got was the following:

This had little to do with a mis-configuration of freeradius, rather I had accidentally initiated two freeradius processes running at the same time. The second process couldn’t bind, so simply killing the process gave me fine results.

The people at wiki.freedius.org are fine at handling issues, but you must provide a detailed report by running freeradius with the ‘-X’ switch:

Add the following to the top of the users file in /etc/freeradius:

Without adding that last tid-bit, you’ll never get RADIUS to accept your requests. It took me forever to figure that out. Next, verify there is an entry in the clients.conf file in /etc/freeradius with the following:

If you have used freeRADIUS before, you’ll notice that the client format has changed. You can use the previous 1.x format for compatibility if you choose. Fire-up another terminal window and type the following:

You should have reported back to you the following message:

So far, all this means is your server is running and is returning Access-Accept messages back to you. Plus, authentication is working…for the most part.

Related posts

Leave a Comment