This is the continuation of last nights entry on how to set up ChilliSpot with FreeRadius, on a Tomato firmware based router.
With the mysql database created, and setup, and the configuration done for FreeRadius, we must of course, test that FreeRadius is working as expected.
First, we need to create a shared secret for us to share with freeradius.
Start with:
nano /etc/raddb/clients.conf
At the end of this file, place:
client 127.0.0.1 {
secret = mysecret
nastype = other
shortname = blah
}
Save and exit nano.
We do this by ensuring it is started, with:
/etc/init.d/radiusd restart
This will restart the radius server if it is running, and if it isn’t, start it anyway.
Note, if the below is having issues with testing, open /etc/raddb/radiusd.conf, and comment all but SQL as options in the “authorize {” section.
The next step is to test.
/etc/init.d/radiusd restart
Now, we test by executing the following from the command line:
radtest testuser testpass localhost 1 mysecret
If you see:
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=212, length=20
You have done perfectly well. The radius server and MySQL database are functioning correctly.
With this done, the only two parts left (or one part if you aren’t running Tomato firmware), are configuring ChilliSpot and setting up Tomato to run with Chilli.
I’m going to follow the setup for Tomato here, so it’s obviously not intended for those that want to just run ChilliSpot.
If you haven’t already, follow these instructions to setup a CIFS mounted share on your tomato router:
Visit your routers web page, scroll down the list on the left, find Administration, click it.
Underneath Administration, you will see CIFS Client, obviously, Click It.
With the new page in front of you, set up CIFS as follows (replacing the values to the values of your shared folder, I highly recommend doing a unix share using Samba on a Linux box (such as the one you are running FreeRadius and MySQL on)).
UNC = “\\IPADDRESS-OF-SHARE\SHARE-NAME”
eg.
UNC = “\\192.168.1.2\Tomato”
Username = user
Password = passw0rd
(The above values will be values that you have on your linux box that Samba will authenticate to).
Leave Domain blank, unless you are running a Domain and authenticate to it.
Execute when mounted, leave blank also.
Click Save at the bottom, verify the router reports space on the share.
That’s the share setup.
We now need to source chillispot for the router. We can’t run regular chillispot on a router that is very much different in many ways, we instead, will run another version of ChilliSpot, which is the version compiled for OpenWRT, the same version that is run by DD-WRT and other routers.
We get chillispot (the version we need) from this URL: http://www.chillispot.org/download/
We are grabbing the package: chillispot_1.0RC3-1_mipsel.ipk (or whatever the latest version is with the .ipk extension).
Once you have the package, open it with WinRAR.
Inside the package you’ll find another archive, open it, to find two more archives, named data.tar.gz, and control.tar.gz. We are interested in is data.tar.gz.
Open data.tar.gz by double clicking, discover we have a usr/ and etc/ folder.
We want all these files placed into the share you setup earlier on your unix server for hosting the chillispot files for the router.
To do this, in any address bar in windows, type in \\ip-address-of-server\share-name and you’ll get prompted for a username and password.
eg.
\\192.168.1.2\Tomato
Enter your username and password, which will allow access to the share.
Select the contents of the archive, that is double click the “.” folder within WinRAR, and select the two etc and usr folders, and drag them onto the network share.
With this done, this post is still getting fairly long, and probably a bit too much to consume, so I’ll drop it off here, and tomorrow’s post will go further into configuring the ChilliSpot service and the Tomato router.
Enjoy!