Freeradius and MYSQL
Hello,
I am working with freeradius and MYSQL. My goal is to authenticate users through the radius server with my users' database in mysql. I already have all the users created in mysql but when I try to establish an authentication I get the error that freeradius cannot establish the connection with the database.
I am working with freeradius and MYSQL. My goal is to authenticate users through the radius server with my users' database in mysql. I already have all the users created in mysql but when I try to establish an authentication I get the error that freeradius cannot establish the connection with the database.
Bitte markiere auch die Kommentare, die zur Lösung des Beitrags beigetragen haben
Content-ID: 669785
Url: https://administrator.de/en/freeradius-and-mysql-669785.html
Ausgedruckt am: 24.12.2024 um 18:12 Uhr
6 Kommentare
Neuester Kommentar
By default the MySQL Database is accepting local queries only. You have to grand privileges to the user@% (all localtions), then your radius server is not at the same computer like the database. If its a windows MySQL server then the TCPIP protocol is disabled by default in the MySQL server settings.
Take a look at a local tutorial:
Freeradius with database and GUI which describes all steps in detail. Use a translator to read it in English or your language of choice.
In case you have the database on a separate server the most important config is under /etc/freeradius/3.0/mods-available/sql
Instead of "localhost" in the connection you have to setup the database IP address here. In case you need to encrypt the session you maybe want to activate all the TLS settings in the connection screenshot above. You should make sure that a ping between radius and database works and proofs a running IP connection. Database ports should be open in a firewall and in the database setting itself so that it accepts remote access. There are also some easy checks for a remote client connectivity:
https://mariadb.com/kb/en/configuring-mariadb-for-remote-client-access/
If database and Radius Server are on the same system (localhost) just follow the above tutorial!! This will bring things instantly to work.
So far the posted debug output looks quite ok for the Radius authentication itself but looks like there is no network (or local) connection to the database and therefor the user "user1" could not be looked up and fails authentication.
Freeradius with database and GUI which describes all steps in detail. Use a translator to read it in English or your language of choice.
In case you have the database on a separate server the most important config is under /etc/freeradius/3.0/mods-available/sql
Instead of "localhost" in the connection you have to setup the database IP address here. In case you need to encrypt the session you maybe want to activate all the TLS settings in the connection screenshot above. You should make sure that a ping between radius and database works and proofs a running IP connection. Database ports should be open in a firewall and in the database setting itself so that it accepts remote access. There are also some easy checks for a remote client connectivity:
https://mariadb.com/kb/en/configuring-mariadb-for-remote-client-access/
If database and Radius Server are on the same system (localhost) just follow the above tutorial!! This will bring things instantly to work.
So far the posted debug output looks quite ok for the Radius authentication itself but looks like there is no network (or local) connection to the database and therefor the user "user1" could not be looked up and fails authentication.
The error message is clear and can be read in the log
You have not modified the configuration to fit the needs for your database system. So open /etc/raddb/mods-enabled/sql and change the line dialect line to
and comment out the line with "rlm_sql_null" and remove the comment from the next line
Then inside the section sql {} add the correct connection details to your database
Afterwards restart the radius service.
You have not modified the configuration to fit the needs for your database system. So open /etc/raddb/mods-enabled/sql and change the line dialect line to
dialect = "mysql"
# driver = "rlm_sql_null"
driver = "rlm_sql_${dialect}"
# server address
server = "localhost"
# server port
port = 3306
# username
login = "radius"
# password
password = "Passw0rd"
# database name
radius_db = "radius"
Serie: Freeradius Y MYSQL 1
Freeradius and MYSQL (englisch)6