Forums

Brian
Brian
Offline
Resolved
0 votes
UPDATED!! This HOWTO has been VERIFIED/TESTED as working

NOTE: If you want to use daloRADIUS instead of EasyHotSpot, which i personally recommend, go to this thread http://www.clearfoundation.com/component/option,com_kunena/Itemid,232/catid,26/func,view/id,46905/

Hardware Requirements:
1. PC with at least 2 NICs ( I used 3 NICs on mine)
i. eth0: Internet
ii. eth1: Hotspot LAN
iii. eth2: Admin (optional)
2. Access Point

Software Requirements:
1. ClearOS 5.2 Enterprise (http://www.clearfoundation.com/Software/downloads)
2. FreeRadius2
3. Coova-Chilli (http://www.clearcenter.com/media/dev/coova-chilli-1.2.5-1.i386.rpm)
4. Easyhotspot-web_only_0.2 (http://sourceforge.net/projects/easyhotspot/)

Install ClearOS
- Install ClearOS as a Gateway i.e. choose Gateway mode on system mode
- Select software modules
- Graphical Console
- DHCP and Local DNS Servers
- Mail Server
- Web Server
- Database Server / MySQL
- Optional modules (Web Proxy, Antimalware, Antispam, Bandwidth Manager, Intrusion Protection, Protocol filter)

- Follow on-screen instructions to complete installation and reboot the system. The system reboots into a GUI screen. Login using root and password you set during installation and Complete Installation wizard tasks

Firewall Settings
Go to Firewall by clicking the Firewall link at the end of the installation wizard. Add firewall rules to allow SSH and HTTP

IP Settings
Go to Network>IP Settings and make sure eth0 is configured for Internet Access and eth1 is set on something line Hot LAN or LAN and on DHCP. If you are using 3 NICs like I did, set eth2 with static/dhcp LAN IP address. Ensure the links are up.

Check Internet connectivity by open a second terminal (CTRL+F2). Login and trying pinging a web address. This verifies that Internet and DNS are working well. If successful, proceed to install FreeRadius2 otherwise check your connections.


Install/Setup FreeRadius2
(http://www.clearfoundation.com/docs/howtos/setting_up_freeradius2_to_use_ldap)
For ClearOS 5.2, run your updates. For older versions, you must upgrade to 5.2 before you can use this module.
# yum update

Install the FreeRadius service by running the following from command line:
# yum --enablerepo=base-plus install app-freeradius

# service syswatch restart


In Webconfig, click on the RADIUS server link under Network » Settings » RADIUS Server
To start the service, click Start. To make the service start automatically on each reboot, click To Auto
You may assign a group to authenticate through your RADIUS server. Select a group and click Update.

To allow a remote device to use the RADIUS server, give the client remote device(s) a nickname without spaces. Insert an IP address or CIDR. Select a password to be used by these client devices (e.g. testing123 from HS_RADSECRET=testing123) and click Add.


NOTE: You can follow the complete HOWTO (http://www.clearfoundation.com/docs/howtos/setting_up_freeradius2_to_use_ldap) if you want to use LDAP authentication.

Configure FreeRadius2 to use SQL

Install freeRadius2-mysql
# yum install freeradius2-mysql

Edit radius.conf file
To do this, edit /etc/raddb/radiusd.conf and pretty much ignore everything except around about line 640 in the modules section uncomment or make sure that you have,

$INCLUDE sql.conf

and then further down make sure you have,

$INCLUDE sql/mysql/counter.conf

Then further around line 710 in the instantiate section make sure you have,

chillispot_max_bytes
noresetcounter


which are our counters which we define in the next section. Then in /etc/raddb/sites-enabled/default, in the authorise section after it has the "Look in an SQL database..." it has an "sql" entry that may be commented out so uncomment it and add the new counters so that it is now,


sql
chillispot_max_bytes
noresetcounter

and then later in /etc/raddb/sites-enabled/default in the accounting section uncomment the sql about line 343,

sql

and then later in /etc/raddb/sites-enabled/default in the session section uncomment the sql about line 370,

sql

and then finally in /etc/raddb/sites-enabled/default in the post-auth section uncomment the sql about line 370,

sql

That should be it. Now update the counter.conf in the next section.

FreeRadius SQL counter.conf settings needed
To match the radcheck and radgroupchecks we use then you also need to add two matching counter.conf checks as follows. Edit the /etc/radddb/sql/mysql/counter.conf file (unless the counter is already defined in that), add the following at the end,

sqlcounter noresetcounter {
counter-name = Session-Timeout
check-name = Session-Timeout
reply-name = Session-Timeout
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='%{%k}'"
}

sqlcounter chillispot_max_bytes {
counter-name = ChilliSpot-Max-Total-Octets
check-name = ChilliSpot-Max-Total-Octets
reply-name = ChilliSpot-Max-Total-Octets
sqlmod-inst = sql
key = User-Name
reset = never
query = "SELECT SUM(AcctInputOctets) + SUM(AcctOutputOctets) FROM radacct WHERE UserName='%{%k}'"
}

IMPORTANT: Make sure you comment out all occurrences ldap and files in /etc/raddb/sites-enabled/default


Setup easyhotspot database to be used by FreeRadius

Go to Webconfig>Server>MySQL and set MySQL to Auto start On Boot and start the Service. You will be required to supply a password for MySQL (if you have not set one already)

On the terminal:

#mysql –u root –p

mysql> create database easyhotspot_opensource;
mysql>CREATE USER 'easyhotspot'@'localhost';
mysql>SET PASSWORD FOR 'easyhotspot'@'localhost' = PASSWORD('easyhotspot');
mysql>GRANT ALL ON easyhotspot_opensource.* to 'easyhotspot'@'localhost';
mysql> quit

Easyhotspot Database Setup
Download easyhotspot from here 2 http://sourceforge.net/projects/easyhotspot/
Recommended: Download the modified and ‘tested as working’ easyhotspot here http://wikieducator.org/File:Easyhotspot_opensource_2011-08-22.odt

NOTED: rename the file and change file extension from odt to sql

# mysql –u root –p easyhotspot_opensource < easyhotspot_opensource_2011-08-22.sql

Setup Easyhotspot

Preparation
#yum install php php-mysql php-gd php-pear php-db

# wget http://pear.php.net/go-pear.phar
# php go-pear.phar
# pear install DB

Restart Apache1
#Service httpd restart

Copy the easyhotspot folder to /opt
Create a soft link in /var/www/html for easyhotspot/htdocs
# cd /var/www/html/
# ln –s /opt/easyhotspot/htdocs easyhotspot

Setup Raddb To Use Easyhotspot_Opensource Database
Edit /etc/raddb/sql.conf and set the following:-
# vi /etc/raddb/sql.conf


# Connection info:
server = "localhost"
#port = 3306
login = " easyhotspot "
password = " easyhotspot "

# Database table configuration for everything except Oracle
radius_db = " easyhotspot _opensource"

Install/Setup Captive Portal

(http://www.clearfoundation.com/docs/howtos/captive_portal)

Preparation
You will need the working RADIUS server to get this going. Be sure to do the 'Additional setup' items at the bottom so that PAP is working.

You will need to set up localhost as an authorized client of the RADIUS server.
Create a user called coovachilli with mail only and make a group called chilli.


Get the code.
wget http://www.clearcenter.com/media/dev/coova-chilli-1.2.5-1.i386.rpm
wget http://www.clearcenter.com/media/dev/haserl
cp haserl /usr/sbin/
chmod +x /usr/sbin/haserl

Install the code

rpm -Uvh coova-chilli-1.2.5-1.i386.rpm

Configure Coovachilli

/etc/chilli/defaults

Set the following values: HS_LANIF, change this value if it is wrong (ie. HS_LANIF=eth2).

HS_NETWORK, set this to the values of your network (ie. HS_NETWORK=192.168.1.0).
HS_NETMASK, change this value if it is wrong (ie. HS_NETMASK=255.255.255.128).
HS_UAMLISTEN, set this to the IP of your server (ie. HS_UAMLISTEN=192.168.1.1).

HS_DNS1 and HS_DNS1, set these to the IP address of your local DNS server, in this case your server (ie. HS_DNS1=192.168.1.1 and HS_DNS2=192.168.1.1).

HS_RADSECRET, set this to the secret password that you placed in the RADIUS configuration for the localhost entry in Webconfig (ie. HS_RADSECRET=mysecretpassword).

HS_RAD_PROTO=mschapv2, set this so the program knows to use the NT-Password infrastructure of LDAP described in the PAP section of the FreeRADIUS 2 Howto. This value does NOT exist and you must define it (set this to HS_RAD_PROTO=mschapv2).

HS_UAMDOMAINS, set all the domains that you want for your 'walled garden. These sites will work even if users don't authenticate via your captive portal:

HS_UAMDOMAINS=".clearcenter.com,.clearfoundation.com"

Start Coova Chilli
#service chilli start

Testing
Connect a client to network (or Wireless Network). This is where eth1 on your clearOS server is connected.
-The client should receive an IP address of say 10.1.0.x

If so, open a web browser on the client. You should get a redirection to the coova login page.

----
Command history

1 clear
2 service raddiusd stop
3 service radiusd stop
4 radiux -X -xxx
5 radiusd -X -xxx
6 service radiusd start
7 exit
8 radtest testuser testpwd localhost 10 testing123
9 mysql -u root -p easyhotspot_opensource
10 radtest lordb smilemo localhost 10 testing123
11 ls /var/www/
12 ls -l /var/www/
13 ls /opt/easyhotspot/
14 ls -l /opt/easyhotspot/
15 chmod -R 777 /opt/easyhotspot/
16 ls -l /opt/easyhotspot/
17 ls -l /opt/easyhotspot/htdocs/
18 ls -l /var/www/
19 exit
20 yyum --enablerepo=base-plus install app-freeradius
21 ping www.msn.com
22 yum --enablerepo=base-plus install app-freeradius
23 service syswatch restart
24 yum install freeradius2-mysql
25 clear
26 vi /etc/raddb/radiusd.conf
27 vi /etc/raddb/radiusd.conf
28 vi /etc/raddb/sites-enabled/default
29 vi /etc/raddb/sql/mysql/counter.conf
30 vi /etc/raddb/sites-enabled/default
31 vi /etc/raddb/radiusd.conf
32 wget http://192.168.16.3/workingehs.tar
33 tar xfv workingehs.tar
34 ls
35 clear
36 mysql -u root -p
37 mysql -u root -p < easyhotspot/easyhotspot_opensource_2011-08-22.sql
38 mysql -u root -p easyhotspot_opensource < easyhotspot/easyhotspot_opensource_2011-08-22.sql
39 mysql -u root -p
40 clear
41 yum install php php-mysql php-gd php-pear php-db
42 wget http://pear.php.net/go-pear.phar
43 php go-pear.phar
44 pear install DB
45 service httpd restart
46 cp -r easyhotspot/ /opt/
47 ls /opt/
48 cd /var/www/
49 ln -s /opt/easyhotspot/htdocs easyhotspot
50 ls
51 dwget http://www.clearcenter.com/media/dev/coova-chilli-1.2.5-1.i386.rpm
52 cd
53 clear
54 ls
55 wget http://www.clearcenter.com/media/dev/coova-chilli-1.2.5-1.i386.rpm
56 wget http://www.clearcenter.com/media/dev/haserl
57 cp haserl /usr/sbin/
58 chmod +x /usr/sbin/haserl
59 rpm -Uvh coova-chilli-1.2.5-1.i386.rpm
60 vi /etc/chilli/defaults
61 clear
62 vi /etc/raddb/sites-enabled/
63 vi /etc/raddb/sites-enabled/default
64 vi /etc/chilli/defaults
65 vi /etc/raddb/sql.conf
66 vi /etc/raddb/sql.conf
67 mysql -u root -p easyhotspot_opensource
68 INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('testuser', 'Cleartext-Pa
69 rradtest testuser testpwd localhost 10 testing123
70 service radiusd restart
71 radtest testuser testpwd localhost 10 testing123
72 radtest testuser testpwd localhost 10 testing123
73 mysql -u root -p easyhotspot_opensource
74 radtest testuser testpwd localhost 10 testing123
75 radtest lordb smilemo localhost 10 testing123
76 mysql -u root -p easyhotspot_opensource
77 radtest testuser testpwd localhost 10 testing123
78 radtest lordb smilemo localhost 10 testing123
79 radtest testuser testpwd localhost 10 testing123
80 shutdown -h now
81 shutdown -h now
82 ls /var/www/
83 ls /var/www/virtual/
84 ls
85 ls /var/www/virtual/easyhotspot/
86 rm /var/www/virtual/easyhotspot
87 rm -r /var/www/virtual/easyhotspot
88 ls /var/www/virtual/
89 cd /var/www/virtual/
90 ls
91 ls
92 ln -s /opt/easyhotspot/htdocs easyhotspot
93 ls
94 ls lordb.com/
95 ls -l
96 cd ..
97 ls
98 ls -l
99 rm -r easyhotspot/
100 rm -r easyhotspot
101 ls
102 cd html/
103 ls
104 cd ..
105 cd virtual/
106 ls
107 ls -l
108 rm -r easyhotspot
109 ls -l
110 cd ..
111 cd html/
112 ls
113 ln -s /opt/easyhotspot/htdocs easyhotspot [file name=easyhotspot_opensource.gz size=42838]http://www.clearfoundation.com/media/kunena/attachments/legacy/files/easyhotspot_opensource.gz[/file]
Tuesday, May 31 2011, 05:04 PM
Share this post:
Responses (117)
  • Accepted Answer

    Fernando
    Fernando
    Offline
    Sunday, March 29 2015, 11:09 AM - #Permalink
    Resolved
    0 votes
    #yum --enablerepo=clearos-core install freeradius-mysql

    you´ll fix with this line
    The reply is currently minimized Show
  • Accepted Answer

    Friday, September 20 2013, 03:33 PM - #Permalink
    Resolved
    0 votes
    In clearos-epel there is freeradius-mysql but not freeradius2-mysql. Would that do?
    The reply is currently minimized Show
  • Accepted Answer

    ezequiel
    ezequiel
    Offline
    Thursday, September 19 2013, 10:01 PM - #Permalink
    Resolved
    0 votes
    Hello!

    When I execute this command:
    yum install freeradius2-mysql

    this error appear:

    No package freeradius2-mysql available.
    Error: Nothing to do

    I'm using clearos 6.3.

    First I tried with clearos 6.3 x64 and I got a similar error, but with clearos 6.3 32 bits too.

    Any hint?
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, December 20 2012, 10:23 AM - #Permalink
    Resolved
    0 votes
    from http://www.clearfoundation.com/docs/howtos/setting_up_freeradius2_to_use_ldap

    yum --enablerepo=base-plus

    install app-freeradius

    service syswatch restart
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, December 20 2012, 02:15 AM - #Permalink
    Resolved
    0 votes
    What you are looking for on 6.3 is in the core repo (no need to enable any repo)

    yum install app-radius
    The reply is currently minimized Show
  • Accepted Answer

    Jura
    Jura
    Offline
    Thursday, December 20 2012, 01:54 AM - #Permalink
    Resolved
    0 votes
    Hi, I am using ClearOS 6.3, and I am having this error while installing free radius http://www.clearfoundation.com/media/kunena/attachments/legacy/images/radius_error.PNG
    The reply is currently minimized Show
  • Accepted Answer

    Jura
    Jura
    Offline
    Tuesday, December 18 2012, 01:02 AM - #Permalink
    Resolved
    0 votes
    Brian wrote:
    Elias,

    we can spend time trying to fix this but there is a fast workaround.

    1. download easyhotspot ubuntu iso
    2. either install it. you can install it in a virtual system or simply boot the iso
    3. once booted, copy the the easyhotspot web from this distribution including the databases
    4. then copy this into your clearOS and you ready to go.

    the good thing about this is that you dont need to worry about IPTABLES or firewall rules. it works from the box easy and simple.

    also, you should be able to authenticate using ldap also without any configuration just when you install the app-freeradius. if you not about then you something did not install correctly or setup right.

    all the best



    Hi, I am having problem with this. I allotted 1GB per user. When the user signs out for the day, and returns tomorrow to use the same account with 900MB left, they can't sign in anymore
    The reply is currently minimized Show
  • Accepted Answer

    Saturday, December 08 2012, 03:56 PM - #Permalink
    Resolved
    0 votes
    Hallo Brian, I have tried to find information about coova chili for 64bit OS.

    And the only one possible way that must be taken is to build from source.

    And when I do it always fails. Is there any solution? Thank's before
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, October 25 2012, 09:32 AM - #Permalink
    Resolved
    0 votes
    hi Jura,
    i have not used the vitualpc version before
    The reply is currently minimized Show
  • Accepted Answer

    Jura
    Jura
    Offline
    Wednesday, October 24 2012, 02:05 AM - #Permalink
    Resolved
    0 votes
    Hi Sir Brian,

    I downloaded the virtual pc version. what is the user account (username and password) so that it can be logged in?

    Thanks!
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Tuesday, October 09 2012, 02:51 PM - #Permalink
    Resolved
    0 votes
    i also need a a dump of you database
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Tuesday, October 09 2012, 02:41 PM - #Permalink
    Resolved
    0 votes
    what are you using for the front end? are you on skype? my skype name is bsikute
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, October 09 2012, 01:04 PM - #Permalink
    Resolved
    0 votes
    re attached it. thank you again.

    i cant seem to attach the file here so i just hosted it in my website. please use the link to download. thank you. http://www.nerdsmind.com/raddb.zip
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Tuesday, October 09 2012, 12:34 PM - #Permalink
    Resolved
    0 votes
    hi Chad,

    i cant see the attachment. it has to be a zip file
    The reply is currently minimized Show
  • Accepted Answer

    Tuesday, October 09 2012, 03:27 AM - #Permalink
    Resolved
    0 votes
    attached is my raddb contents.

    thank you very much for responding. this is really giving me a lot of hope. thank you again.
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Monday, October 08 2012, 02:13 PM - #Permalink
    Resolved
    0 votes
    ok. send it as soon as possible
    The reply is currently minimized Show
  • Accepted Answer

    Monday, October 08 2012, 01:55 PM - #Permalink
    Resolved
    0 votes
    thank you very much for your reply. currently i reformatted the server (again) i may be able to send it to you tommorow. is that ok? i am currently re installing clearos and update is very slow.
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Monday, October 08 2012, 01:32 PM - #Permalink
    Resolved
    0 votes
    hi Chad,

    could you attach a zip file of your /etc/raddb folder?
    The reply is currently minimized Show
  • Accepted Answer

    Sunday, October 07 2012, 01:23 AM - #Permalink
    Resolved
    0 votes
    greetings my friends.. i am from Philippines and it's been almost 3 weeks now that i've been trying my best to make this wifi server run.. but unfortunately, is not successful. so i am humbly asking your help to please assist me i really need to make this run in order to keep my job...

    when i tried testing this is what i get from Radius:

    rad_recv: Access-Request packet from host 127.0.0.1 port 34892, id=65, length=60
    User-Name = "kuhduv15"
    User-Password = "patcatec"
    NAS-IP-Address = 192.168.87.1
    NAS-Port = 10
    +- entering group authorize {...}
    ++[preprocess] returns ok
    ++[chap] returns noop
    ++[mschap] returns noop
    [suffix] No '@' in User-Name = "kuhduv15", looking up realm NULL
    [suffix] No such realm "NULL"
    ++[suffix] returns noop
    [eap] No EAP-Message, not doing EAP
    ++[eap] returns noop
    ++[unix] returns notfound
    rlm_ldap: Entering ldap_groupcmp()
    [files] expand: dc=nerdsmind,dc=com -> dc=nerdsmind,dc=com
    [files] expand: %{Stripped-User-Name} ->
    [files] expand: %{User-Name} -> kuhduv15
    [files] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=kuhduv15)
    rlm_ldap: ldap_get_conn: Checking Id: 0
    rlm_ldap: ldap_get_conn: Got Id: 0
    rlm_ldap: attempting LDAP reconnection
    rlm_ldap: (re)connect to localhost:389, authentication 0
    rlm_ldap: bind as cn=manager,cn=internal,dc=nerdsmind,dc=com//vjE1fTCAtyLs2Gr to localhost:389
    rlm_ldap: waiting for bind result ...
    rlm_ldap: Bind was successful
    rlm_ldap: performing search in dc=nerdsmind,dc=com, with filter (uid=kuhduv15)
    rlm_ldap: object not found
    rlm_ldap::ldap_groupcmp: search failed
    rlm_ldap: ldap_release_conn: Release Id: 0
    [files] users: Matched entry DEFAULT at line 1
    ++[files] returns ok
    [sql] expand: %{User-Name} -> kuhduv15
    [sql] sql_set_user escaped user --> 'kuhduv15'
    rlm_sql (sql): Reserving sql socket id: 4
    [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'kuhduv15' ORDER BY id
    [sql] User found in radcheck table
    [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'kuhduv15' ORDER BY id
    [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'kuhduv15' ORDER BY priority
    [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '30Mins' ORDER BY id
    [sql] User found in group 30Mins
    [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '30Mins' ORDER BY id
    rlm_sql (sql): Released sql socket id: 4
    ++[sql] returns ok
    rlm_sqlcounter: Entering module authorize code
    rlm_sqlcounter: Could not find Check item value pair
    ++[chillispot_max_bytes] returns noop
    rlm_sqlcounter: Entering module authorize code
    sqlcounter_expand: 'SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='%{User-Name}''
    [noresetcounter] expand: SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='%{User-Name}' -> SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='kuhduv15'
    sqlcounter_expand: '%{sql:SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='kuhduv15'}'
    [noresetcounter] sql_xlat
    [noresetcounter] expand: %{User-Name} -> kuhduv15
    [noresetcounter] sql_set_user escaped user --> 'kuhduv15'
    [noresetcounter] expand: SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='kuhduv15' -> SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='kuhduv15'
    rlm_sql (sql): Reserving sql socket id: 3
    [noresetcounter] row[0] returned NULL
    rlm_sql (sql): Released sql socket id: 3
    [noresetcounter] expand: %{sql:SELECT SUM(Acctsessiontime) FROM radacct WHERE UserName='kuhduv15'} ->
    rlm_sqlcounter: No integer found in string ""
    ++[noresetcounter] returns noop
    [expiration] Checking Expiration time: 'August 21 2014 24:00:00'
    ++[expiration] returns ok
    ++[logintime] returns noop
    [pap] Found existing Auth-Type, not changing it.
    ++[pap] returns noop
    Found Auth-Type = Reject
    Auth-Type = Reject, rejecting user
    Failed to authenticate the user.
    Using Post-Auth-Type Reject
    +- entering group REJECT {...}
    [attr_filter.access_reject] expand: %{User-Name} -> kuhduv15
    attr_filter: Matched entry DEFAULT at line 11
    ++[attr_filter.access_reject] returns updated
    Delaying reject of request 0 for 1 seconds
    Going to the next request
    Waking up in 0.9 seconds.
    Sending delayed reject for request 0
    Sending Access-Reject of id 65 to 127.0.0.1 port 34892
    Waking up in 4.9 seconds.
    Cleaning up request 0 ID 65 with timestamp +6
    Ready to process requests.


    ----------------------------------------------------------------------------------------------

    please tell me where i went wrong... thank you very much.
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, September 27 2012, 11:54 AM - #Permalink
    Resolved
    0 votes
    you welcome Renier
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, September 27 2012, 11:52 AM - #Permalink
    Resolved
    0 votes
    Thank you for the advice Brian, will give it a go and post feedback.
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, September 27 2012, 11:49 AM - #Permalink
    Resolved
    0 votes
    Please use daloradius for more features and control instead of easyhotspot.
    sourceforge.net/projects/daloradius
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, September 27 2012, 11:46 AM - #Permalink
    Resolved
    0 votes
    see my /etc/raddb files attached [file name=raddb-20120927-2.zip size=114856]http://www.clearfoundation.com/media/kunena/attachments/legacy/files/raddb-20120927-2.zip[/file]
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, September 27 2012, 11:43 AM - #Permalink
    Resolved
    0 votes
    i have looked at your counter file in /etc/raddb/sql/mysql/counter.conf

    you are missing quiet alot of lines. my counter files looks like this:

    # -*- text -*-
    ##
    ## counter.conf -- PostgreSQL queries for rlm_sqlcounter
    ##
    ## $Id$

    # Rather than maintaining seperate (GDBM) databases of
    # accounting info for each counter, this module uses the data
    # stored in the raddacct table by the sql modules. This
    # module NEVER does any database INSERTs or UPDATEs. It is
    # totally dependent on the SQL module to process Accounting
    # packets.
    #
    # The 'sqlmod_inst' parameter holds the instance of the sql
    # module to use when querying the SQL database. Normally it
    # is just "sql". If you define more and one SQL module
    # instance (usually for failover situations), you can
    # specify which module has access to the Accounting Data
    # (radacct table).
    #
    # The 'reset' parameter defines when the counters are all
    # reset to zero. It can be hourly, daily, weekly, monthly or
    # never. It can also be user defined. It should be of the
    # form:
    # num[hdwm] where:
    # h: hours, d: days, w: weeks, m: months
    # If the letter is ommited days will be assumed. In example:
    # reset = 10h (reset every 10 hours)
    # reset = 12 (reset every 12 days)
    #
    # The 'key' parameter specifies the unique identifier for the
    # counter records (usually 'User-Name').
    #
    # The 'query' parameter specifies the SQL query used to get
    # the current Counter value from the database. There are 3
    # parameters that can be used in the query:
    # %k 'key' parameter
    # %b unix time value of beginning of reset period
    # %e unix time value of end of reset period
    #
    # The 'check-name' parameter is the name of the 'check'
    # attribute to use to access the counter in the 'users' file
    # or SQL radcheck or radcheckgroup tables.
    #
    # DEFAULT Max-Daily-Session > 3600, Auth-Type = Reject
    # Reply-Message = "You've used up more than one hour today"
    #
    sqlcounter dailycounter {
    counter-name = Daily-Session-Time
    check-name = Max-Daily-Session
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = daily

    # This query properly handles calls that span from the
    # previous reset period into the current period but
    # involves more work for the SQL server than those
    # below
    query = "SELECT SUM(acctsessiontime - \
    GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) \
    FROM radacct WHERE username = '%{%k}' AND \
    UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"

    # This query ignores calls that started in a previous
    # reset period and continue into into this one. But it
    # is a little easier on the SQL server
    # query = "SELECT SUM(acctsessiontime) FROM radacct WHERE \
    # username = '%{%k}' AND acctstarttime > FROM_UNIXTIME('%b')"

    # This query is the same as above, but demonstrates an
    # additional counter parameter '%e' which is the
    # timestamp for the end of the period
    # query = "SELECT SUM(acctsessiontime) FROM radacct \
    # WHERE username = '%{%k}' AND acctstarttime BETWEEN \
    # FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
    }

    sqlcounter monthlycounter {
    counter-name = Monthly-Session-Time
    check-name = Max-Monthly-Session
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = monthly

    # This query properly handles calls that span from the
    # previous reset period into the current period but
    # involves more work for the SQL server than those
    # below
    query = "SELECT SUM(acctsessiontime - \
    GREATEST((%b - UNIX_TIMESTAMP(acctstarttime)), 0)) \
    FROM radacct WHERE username='%{%k}' AND \
    UNIX_TIMESTAMP(acctstarttime) + acctsessiontime > '%b'"

    # This query ignores calls that started in a previous
    # reset period and continue into into this one. But it
    # is a little easier on the SQL server
    # query = "SELECT SUM(acctsessiontime) FROM radacct WHERE \
    # username='%{%k}' AND acctstarttime > FROM_UNIXTIME('%b')"

    # This query is the same as above, but demonstrates an
    # additional counter parameter '%e' which is the
    # timestamp for the end of the period
    # query = "SELECT SUM(acctsessiontime) FROM radacct \
    # WHERE username='%{%k}' AND acctstarttime BETWEEN \
    # FROM_UNIXTIME('%b') AND FROM_UNIXTIME('%e')"
    }

    sqlcounter noresetcounter {
    counter-name = Max-All-Session-Time
    check-name = Max-All-Session
    sqlmod-inst = sql
    key = User-Name
    reset = never
    query = "SELECT IFNULL(SUM(AcctSessionTime),0) FROM radacct WHERE UserName='%{%k}'"
    }
    sqlcounter noresetcounter {
    counter-name = Session-Timeout
    check-name = Session-Timeout
    reply-name = Session-Timeout
    sqlmod-inst = sql
    key = User-Name
    reset = never
    query = "SELECT SUM(Acctsessiontime) FROM radacct WHERE serName='%{%k}'"
    }

    sqlcounter chillispot_max_bytes {
    counter-name = ChilliSpot-Max-Total-Octets
    check-name = ChilliSpot-Max-Total-Octets
    reply-name = ChilliSpot-Max-Total-Octets
    sqlmod-inst = sql
    key = User-Name
    reset = never
    query = "SELECT SUM(AcctInputOctets) + SUM(AcctOutputOctets) FROM radacct WHERE UserName='%{%k}'"
    }
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, September 27 2012, 11:27 AM - #Permalink
    Resolved
    0 votes
    Hi Brian

    With a time based login I get the following radius debug dump:

    rad_recv: Access-Request packet from host 127.0.0.1 port 43688, id=187, length=341
    ChilliSpot-Version = "1.2.5"
    User-Name = "movbat12"
    MS-CHAP-Challenge = 0x3b6c9d81b621375c7f35e8c4bcf97ee3
    MS-CHAP2-Response = 0xc42d3b6c9d81b621375c7f35e8c4bcf97ee3f1b71996f3bfffff4c122d953e9409c4c0de9e89def21e375c7dfe6ebe1e320f
    Service-Type = Login-User
    Acct-Session-Id = "5064377a00000002"
    Framed-IP-Address = 192.168.182.21
    NAS-Port-Type = Wireless-802.11
    NAS-Port = 2
    NAS-Port-Id = "00000002"
    Calling-Station-Id = "5C-B5-24-28-9F-C6"
    Called-Station-Id = "00-0C-29-80-D9-37"
    NAS-IP-Address = 192.168.182.1
    NAS-Identifier = "nas01"
    WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,"
    WISPr-Location-Name = "My_HotSpot"
    WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff";
    Message-Authenticator = 0x33e56a3d7e6e071b6f27725e2a850c0a
    +- entering group authorize {...}
    ++[preprocess] returns ok
    ++[chap] returns noop
    [mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
    ++[mschap] returns ok
    [suffix] No '@' in User-Name = "movbat12", looking up realm NULL
    [suffix] No such realm "NULL"
    ++[suffix] returns noop
    ++[unix] returns notfound
    rlm_ldap: Entering ldap_groupcmp()
    [files] expand: dc=clearos,dc=lan -> dc=clearos,dc=lan
    [files] expand: %{Stripped-User-Name} ->
    [files] expand: %{User-Name} -> movbat12
    [files] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=movbat12)
    rlm_ldap: ldap_get_conn: Checking Id: 0
    rlm_ldap: ldap_get_conn: Got Id: 0
    rlm_ldap: attempting LDAP reconnection
    rlm_ldap: (re)connect to localhost:389, authentication 0
    rlm_ldap: bind as cn=manager,cn=internal,dc=clearos,dc=lan/myNvzCfeXgz0x94W to localhost:389
    rlm_ldap: waiting for bind result ...
    rlm_ldap: Bind was successful
    rlm_ldap: performing search in dc=clearos,dc=lan, with filter (uid=movbat12)
    rlm_ldap: object not found
    rlm_ldap::ldap_groupcmp: search failed
    rlm_ldap: ldap_release_conn: Release Id: 0
    [files] users: Matched entry DEFAULT at line 1
    ++[files] returns ok
    [sql] expand: %{User-Name} -> movbat12
    [sql] sql_set_user escaped user --> 'movbat12'
    rlm_sql (sql): Reserving sql socket id: 4
    [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'movbat12' ORDER BY id
    [sql] User found in radcheck table
    [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'movbat12' ORDER BY id
    [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'movbat12' ORDER BY priority
    [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '60Mins' ORDER BY id
    [sql] User found in group 60Mins
    [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '60Mins' ORDER BY id
    rlm_sql (sql): Released sql socket id: 4
    ++[sql] returns ok
    rlm_sqlcounter: Entering module authorize code
    rlm_sqlcounter: Could not find Check item value pair
    ++[chillispot_max_bytes] returns noop
    rlm_sqlcounter: Entering module authorize code
    rlm_sqlcounter: Could not find Check item value pair
    ++[noresetcounter] returns noop
    [expiration] Checking Expiration time: 'October 25 2012 24:00:00'
    ++[expiration] returns ok
    ++[logintime] returns noop
    [pap] Found existing Auth-Type, not changing it.
    ++[pap] returns noop
    Found Auth-Type = Reject
    Auth-Type = Reject, rejecting user
    Failed to authenticate the user.
    Using Post-Auth-Type Reject
    WARNING: Unknown value specified for Post-Auth-Type. Cannot perform requested action.
    Delaying reject of request 0 for 1 seconds
    Going to the next request
    Waking up in 0.9 seconds.
    Sending delayed reject for request 0
    Sending Access-Reject of id 187 to 127.0.0.1 port 43688
    WISPr-Session-Terminate-Time := "2012-10-25T24:00:00"
    Session-Timeout := 3600
    Idle-Timeout := 300
    Acct-Interim-Interval := 120
    Waking up in 4.9 seconds.
    Cleaning up request 0 ID 187 with timestamp +94
    Ready to process requests.
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, September 27 2012, 11:18 AM - #Permalink
    Resolved
    0 votes
    Hi Renier,

    the error is given in this line:

    rlm_sql: Failed to create the pair: Invalid octet string "2047" for attribute name "Max-All-MB"

    Are you able to authenticate/login successfully using a time-based user?
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, September 27 2012, 10:58 AM - #Permalink
    Resolved
    0 votes
    Thank you Brian. will await your reply
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Thursday, September 27 2012, 10:26 AM - #Permalink
    Resolved
    0 votes
    Hi Renier,

    I see you are using easyhotspot web interface. let me look at what you ve sent and will revert soonest
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, September 27 2012, 10:02 AM - #Permalink
    Resolved
    1 votes
    and here is the database as well. [file name=easyhotspot_opensource.zip size=64859]http://www.clearfoundation.com/media/kunena/attachments/legacy/files/easyhotspot_opensource.zip[/file]
    The reply is currently minimized Show
  • Accepted Answer

    Thursday, September 27 2012, 07:50 AM - #Permalink
    Resolved
    0 votes
    Good Day

    Hope someone can help me on this or point me in the right direction of where to look for the problem, I have Freeradius+Coovachilli+EasyHotSpot setup on a VM running on ESXI. I have double checked all my config files and setup steps, but seem to still have a problem getting my users(Vouchers) that I created to Authenticate. Attached is my freeradius files and below my freeradius debug dump.

    rad_recv: Access-Request packet from host 127.0.0.1 port 38649, id=32, length=341
    ChilliSpot-Version = "1.2.5"
    User-Name = "yengez14"
    MS-CHAP-Challenge = 0xaefa7ba431c896f2b827310920cf0295
    MS-CHAP2-Response = 0xc42daefa7ba431c896f2b827310920cf0295f1b71996f3bfffff4ca69c1f113e40d29c51989774a88248d7e12a254e850eb1
    Service-Type = Login-User
    Acct-Session-Id = "506402bc00000001"
    Framed-IP-Address = 192.168.182.20
    NAS-Port-Type = Wireless-802.11
    NAS-Port = 1
    NAS-Port-Id = "00000001"
    Calling-Station-Id = "5C-B5-24-28-9F-C6"
    Called-Station-Id = "00-0C-29-80-D9-37"
    NAS-IP-Address = 192.168.182.1
    NAS-Identifier = "nas01"
    WISPr-Location-ID = "isocc=,cc=,ac=,network=Coova,"
    WISPr-Location-Name = "My_HotSpot"
    WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff";
    Message-Authenticator = 0xf5a619e4be610ba9aaf88307cab3d9d3
    +- entering group authorize {...}
    ++[preprocess] returns ok
    ++[chap] returns noop
    [mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
    ++[mschap] returns ok
    [suffix] No '@' in User-Name = "yengez14", looking up realm NULL
    [suffix] No such realm "NULL"
    ++[suffix] returns noop
    ++[unix] returns notfound
    rlm_ldap: Entering ldap_groupcmp()
    [files] expand: dc=clearos,dc=lan -> dc=clearos,dc=lan
    [files] expand: %{Stripped-User-Name} ->
    [files] expand: %{User-Name} -> yengez14
    [files] expand: (uid=%{%{Stripped-User-Name}:-%{User-Name}}) -> (uid=yengez14)
    rlm_ldap: ldap_get_conn: Checking Id: 0
    rlm_ldap: ldap_get_conn: Got Id: 0
    rlm_ldap: performing search in dc=clearos,dc=lan, with filter (uid=yengez14)
    rlm_ldap: object not found
    rlm_ldap::ldap_groupcmp: search failed
    rlm_ldap: ldap_release_conn: Release Id: 0
    [files] users: Matched entry DEFAULT at line 1
    ++[files] returns ok
    [sql] expand: %{User-Name} -> yengez14
    [sql] sql_set_user escaped user --> 'yengez14'
    rlm_sql (sql): Reserving sql socket id: 1
    [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'yengez14' ORDER BY id
    [sql] User found in radcheck table
    [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'yengez14' ORDER BY id
    [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'yengez14' ORDER BY priority
    [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '20Meg' ORDER BY id
    rlm_sql: Failed to create the pair: Invalid octet string "2047" for attribute name "Max-All-MB"
    rlm_sql (sql): Error getting data from database
    [sql] Error retrieving check pairs for group 20Meg
    [sql] Error processing groups; rejecting user
    rlm_sql (sql): Released sql socket id: 1
    ++[sql] returns fail
    Using Post-Auth-Type Reject
    WARNING: Unknown value specified for Post-Auth-Type. Cannot perform requested action.
    Delaying reject of request 3 for 1 seconds
    Going to the next request
    Waking up in 0.9 seconds.
    Sending delayed reject for request 3
    Sending Access-Reject of id 32 to 127.0.0.1 port 38649
    WISPr-Session-Terminate-Time := "2012-10-25T24:00:00"
    Waking up in 4.9 seconds.
    Cleaning up request 3 ID 32 with timestamp +844
    Ready to process requests. [file name=raddb-20120927.zip size=117385]http://www.clearfoundation.com/media/kunena/attachments/legacy/files/raddb-20120927.zip[/file]
    The reply is currently minimized Show
  • Accepted Answer

    Jura
    Jura
    Offline
    Friday, September 21 2012, 03:14 AM - #Permalink
    Resolved
    0 votes
    Hi, is there a specific hardware that is needed, or can I customize for myself?

    Can I use any model of Linksys Access Point or is there a recommended one? Thanks!
    The reply is currently minimized Show
  • Accepted Answer

    zhia c
    zhia c
    Offline
    Tuesday, April 03 2012, 03:06 AM - #Permalink
    Resolved
    0 votes
    hii guys i need some help

    i did something stupid, ill try to re install app-freeradius
    but after i remove app-freeradius from my clearos, i delete all files and folders inside /etc/raddb/ folder
    i think it can clean up all the installation files

    after that i install app-freeradius as in this >> http://www.clearfoundation.com/docs/howtos/setting_up_freeradius2_to_use_ldap

    but when i tried to radtest, something bad happen

    "radclient: dict_init: Couldn't open dictionary "/etc/raddb/dictionary": No such file or directory"

    could some body help my ?

    TIA
    The reply is currently minimized Show
  • Accepted Answer

    Itsisme
    Itsisme
    Offline
    Tuesday, March 20 2012, 08:26 AM - #Permalink
    Resolved
    0 votes
    I found a screen dump here:

    http://www.freesoftwaremagazine.com/files/nodes/2910/screenshot.jpg
    Looks like I have to enter DB values in here..

    But how to make tickets based on time as in 1 hour 1 day etc...?

    Can not seem to find a manual describing this. In easyhotspot this was all build in. In daloradius unfortunately is not very inuative.

    I hope you can help me with the last hurdle and than it should be fuly working..

    Thanks in advance..
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Monday, March 19 2012, 06:49 PM - #Permalink
    Resolved
    0 votes
    hi Itsisme,

    i need you to navigate the interface carefully. you have to create billing profiles, plans and rates. then you can create login accounts and batch users
    The reply is currently minimized Show
  • Accepted Answer

    Itsisme
    Itsisme
    Offline
    Monday, March 19 2012, 02:15 PM - #Permalink
    Resolved
    0 votes
    Brain I now have Dalorius running but how does one create tickets as used in easyhotspot?
    I loved the way that the web interface of easy hotspot uses this.

    In the logs I still have an error regarding the database:

    tail -n 100 -f /var/log/radius/radius.log

    Mon Mar 19 11:02:24 2012 : Info: Loaded virtual server inner-tunnel
    Mon Mar 19 11:02:24 2012 : Info: Loaded virtual server clearos-inner-tunnel
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql (sql): Attempting to connect to easyhotspot@localhost:3306/radiusdb
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #0
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #1
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #2
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #3
    Mon Mar 19 11:02:24 2012 : Info: rlm_sql_mysql: Starting connect to MySQL server for #4
    Mon Mar 19 11:02:25 2012 : Info: Loaded virtual server <default>
    Mon Mar 19 11:02:25 2012 : Info: Ready to process requests.
    Mon Mar 19 13:17:23 2012 : Error: [sql] Couldn't insert SQL accounting START record - Column 'AcctStopTime' cannot be null
    Mon Mar 19 13:35:48 2012 : Error: [sql] Couldn't insert SQL accounting START record - Column 'AcctStopTime' cannot be null

    Chilli now works at the moment but not sure how to set up user limitations as in tickets per hour day and or data usage.

    I hope you can point me in the right direction...
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Friday, March 16 2012, 01:39 PM - #Permalink
    Resolved
    0 votes
    please attached a zip of you /etc/raddb folder
    The reply is currently minimized Show
  • Accepted Answer

    Nuno
    Nuno
    Offline
    Friday, March 16 2012, 01:35 PM - #Permalink
    Resolved
    0 votes
    Hi Brian,

    Thank you for the help. One question is it normal when I do:

    mysql> create database easyhotspot_opensource;
    Query OK, 1 row affected
    mysql>CREATE USER 'easyhotspot'@'localhost';
    Query OK, 0 rows affected
    mysql>SET PASSWORD FOR 'easyhotspot'@'localhost' = PASSWORD('easyhotspot');
    Query OK, 0 rows affected
    mysql>GRANT ALL ON easyhotspot_opensource.* to 'easyhotspot'@'localhost';
    Query OK, 0 rows Affected
    mysql> quit

    And I'm trying to understand how do I get the file easyhotspot_opensource_2011-08-22.sql to the PC I'm setting up?

    Thanks,
    The reply is currently minimized Show
  • Accepted Answer

    Itsisme
    Itsisme
    Offline
    Friday, March 16 2012, 01:30 PM - #Permalink
    Resolved
    0 votes
    Hello Brian,

    Would it not be good to have a rewrite of the complete manual as I tried now the one you suggested (daloradius) but still after following that guide no luck with radius (radius test after the sql settings still nogo)

    This is the link I followed after your tip.

    http://www.howtoforge.com/authentication-authorization-and-accounting-with-freeradius-and-mysql-backend-and-webbased-management-with-daloradius

    Still would lke to get this to work properly but stuck ....

    I assume the easyhostspot_opensource is skipped using daloradius?

    WARNING: Found User-Password == "...".
    WARNING: Are you sure you don't mean Cleartext-Password?
    WARNING: See "man rlm_pap" for more information.
    [sql] User found in radcheck table
    [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'sqltest' ORDER BY id
    [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'sqltest' ORDER BY priority
    rlm_sql (sql): Released sql socket id: 3
    ++[sql] returns ok
    ++[pap] returns updated
    Found Auth-Type = PAP
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !!! Replacing User-Password in config items with Cleartext-Password. !!!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    !!! Please update your configuration so that the "known good" !!!
    !!! clear text password is in Cleartext-Password, and not in User-Password. !!!
    !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
    +- entering group PAP {...}
    [pap] login attempt with password "testpwd"
    [pap] Using clear text password "testpwd"
    [pap] User authenticated successfully
    ++[pap] returns ok
    +- entering group post-auth {...}
    [sql] expand: %{User-Name} -> sqltest
    [sql] sql_set_user escaped user --> 'sqltest'
    [sql] expand: %{User-Password} -> testpwd
    [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'sqltest', 'testpwd', 'Access-Accept', '2012-03-16 14:15:48')
    rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( 'sqltest', 'testpwd', 'Access-Accept', '2012-03-16 14:15:48')
    rlm_sql (sql): Reserving sql socket id: 2
    rlm_sql_mysql: MYSQL check_error: 1054 received
    rlm_sql (sql) in sql_postauth: Database query error - Unknown column 'username' in 'field list'
    rlm_sql (sql): Released sql socket id: 2
    ++[sql] returns fail
    Using Post-Auth-Type Reject
    +- entering group REJECT {...}
    [attr_filter.access_reject] expand: %{User-Name} -> sqltest
    attr_filter: Matched entry DEFAULT at line 11
    ++[attr_filter.access_reject] returns updated
    Delaying reject of request 0 for 1 seconds
    Going to the next request
    Waking up in 0.9 seconds.
    Sending delayed reject for request 0
    Sending Access-Reject of id 238 to 127.0.0.1 port 39608
    Waking up in 4.9 seconds.
    Cleaning up request 0 ID 238 with timestamp +4
    Ready to process requests.
    The reply is currently minimized Show
  • Accepted Answer

    Brian
    Brian
    Offline
    Friday, March 16 2012, 11:08 AM - #Permalink
    Resolved
    0 votes
    Hi Numo,

    put in /etc/raddb/radiusd.conf

    around line 710 in the instantiate section make sure you have,

    chillispot_max_bytes
    noresetcounter

    LIKE THIS:

    # daily
    expiration
    logintime
    chillispot_max_bytes
    noresetcounter
    The reply is currently minimized Show
  • Accepted Answer

    Nuno
    Nuno
    Offline
    Friday, March 16 2012, 10:13 AM - #Permalink
    Resolved
    0 votes
    Hi Brian,

    I'm new to all this, trying to follow your "how to" but dont know where exactly should I writte the following:

    chillispot_max_bytes
    noresetcounter

    is it after exec, expr, dayli, expiration or logtime line?

    Thanks
    The reply is currently minimized Show
Your Reply