Setting up ChilliSpot with FreeRadius on Tomato Part III

With the previous two completed, that is, setting up FreeRadius, MySQL, and sourcing the ChilliSpot package, and having this on your now setup CIFS network share.

What we need to do now is look at the configuration, and make it suit our requirements.

Open your network share, and edit the file ‘chilli.conf’ in your favourite (or not) editor. Chilli.conf is located in the /etc/ folder.

Find “radiusserver1”, edit this to the LAN IP of your Linux server running FreeRadius.

Make the same edit to radiusserver2.

Find radiussecret, set it to the value of the secret you specified in /etc/raddb/clients.conf yesterday, we chose “mypass”.

Find dhcpif, change it to “eth1” (should already be set to this).

We haven’t yet created a webpage to handle requests as yet, either. Chillispot (the regular package), comes with a script called “hotspotlogin”, download the regular chillispot Source Code, from, open the file with WinRAR, and inside, find the “doc/” folder, which is inside the chillispot-1.1.0 folder, inside the archive. Extract the “hotspotlogin.cgi” file to a place where you can get to it.

Rename hotspotlogin.cgi to “hotspotlogin”.

This is relatively simple to implement on most apache servers, you do also require SSL for this to function. The parameter in the configuration file has, we want to edit this to be the IP address of the radius server, eg.

Find “uamsecret”, and set a secret, remember this, it has to be specified in the “hotspotlogin” file.

This guide is going to assume you already have Apache setup with SSL, and perl, and configured correctly. If you don’t, you should refer to Google for assistance, it’s relatively simple, but can be a little confusing for some.

You can place the hotspotlogin file in any folder on your webserver you like, but it should be in the location that would match the uamserver we specified in chilli.conf. Essentially, you should try and access the uamserver URL in your browser. If you see a Page Cannot Be Found error, you haven’t placed it in the right location, or your server isn’t configured correctly.

For most, the location needed is /var/www/html/.

Permissions on the “hotspotlogin” file should be set to read and execute for the apache user on your system.

The next part of this, is to edit the hotspotlogin file, with the uamsecret, and other settings.

Open the hotspotlogin file with your favourite editor, and locate the “$uamsecret” line, remove the # at the front of this line, and set the secret to whatever you set the uamsecret to in chillispot.

Uncomment the next line also, which is the “#$userpassword” line.

With those lines setup, we now only have edit the iptables script to work with Tomato, and ensure we don’t destroy its fantastic QoS changes in the process.

I am yet to dig this up, so that will come another time. To start chillispot tho (without the blocking of internet access that it does), we can simply telnet into the router, and start chilli, but that would be pretty pointless right now.

Again, I remind all this information is provided on an all care, 0 responsibility basis. Don’t come crying to me if it doesn’t work for you, I very well might have not tested this information myself, and it would serve you right for taking information off the internet, instead of investigating what you are doing. Of course, the information provided isn’t intended to do harm (and of course isn’t likely to cause harm), so use it at your own risk, if in doubt, hire a professional. This should be a little more scary compared to the last one :).


This entry was posted in Linux, Networking, Random. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *