1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How To Configure FreeRadius and Chilli

Discussion in 'DD-WRT Firmware' started by seanbracken, Sep 30, 2005.

  1. seanbracken

    seanbracken Network Guru Member

    A howto for DD-WRT, Chillispot and FreeRadius.
    ********Warning ********
    Following these instructions will invalidate your Linksys warranty. You do so at your own risk. These instructions assume that you have an understanding of Linux, PHP MySQL and Apache. If you brick your AP you might get it back by holding down the reset pin for 20 seconds, unplug the power while still holding down the reset button for another 20 seconds and then plugging the power back in while still keeping the reset button held in for a further 20 seconds. This should bring it back to the defaults of whatever firmware you have installed. You should be able to login to
    *******End of Warning********
    Feel free to copy or use this information in any way you like'

    What you will need:-

    a) DD-WRT
    Download the latest version here http://brainslayer.braincontrol.org/dd-wrt.v22.zip

    b) FreeRadius
    Download the latest version here ftp://ftp.freeradius.org/pub/radius/old/freeradius.1.0.3.tar.gz

    c) phpMyPrepaid
    Download the latest version here http://jabali.net/~carl/phpMyPrepaid.0.1.3RC2.tar
    also download the radiusd.conf file from http://jabali.net/~carl/

    d) Linsys WRT54G AP

    e) You will also need PHP, Apache, MySQL amd MySql Delopment Modules,(These need to be setup first.) some patience, plenty of beer and cigarettes.

    Step 1 DD-WRT/Chillispot Configuration

    Configure the WRT-54G with the standard Linksys software and the use the upgrade firmware module to install the dd-wrt package on the AP.
    *******IMPORTANT******* Use your cable connection to do the upgrade. NOT the wireless connection
    Reboot the AP and login to your new firmare.
    Set Dynamic configuration DHCP
    Disable DHCP (Chillispot will manage DHCP for your clients.)
    Change the Local IP of the AP to
    Set your gateway and DNS addresses.
    Update changes and log back in to the new IP address.

    Go to the administration page.
    Enable Chillispot
    Enter the IP address of your Radius server
    Enter the DNS
    Enter the redirect URL eg HTTPS:// (MAke sure that the address ends in / and is https.)
    Enter a shared key. (This can be anything you like, but keep a note of it you will need it later.)
    Set DHCP Interface to Lan+Wlan
    Enter a NAS id (Your name for your AP)
    Enter a UAM secret (This is the password that Chilli will use to talk to hotspotlogin.cgi)
    Save your settings and reboot the AP. Please give the AP about 10 minutes to reboot and initialise all the new services.

    Step 2 FreeRadius Configuration.

    Untar the FreeRadius tar file and enter its directory.
    Type ./configure --with-experimental-modules
    login as root and type make install
    When this is finished copy the radiusd.conf file that you downloaded earlier to /usr/local/etc/raddb/
    You should not need to edit radiusd.conf
    Edit /usr/local/etc/raddb/sql.conf and in the SQL section make these changes
    # Database type
    # Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
    # rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
    driver = "rlm_sql_mysql"

    # Connect info
    server = "localhost"
    login = "yourlogin"
    password = "your password"

    # Database table configuration
    radius_db = "radius"

    Edit the /usr/local/etc/raddb/clients.conf file and enter the details of your NAS (AP)
    client xxx.xxx.xxx.xxx { (This is the address of your NAS or WRT54G )
    secret = xxxxxxx (The secret you entered in the Chilli Config)
    shortname = private-network-9 (This can be any name)
    nastype = other
    ( If you want to set up several AP's with one secret the IP address above should be )

    Step 3 hotspotlogin.cgi
    Copy hotspotlogin.cgi from http://chillispot.org to /var/www/cgi-bin
    Edit the file and change the secret to the UAM secret that you entered in the Chillispot configuration on the WRT54G

    Step 4 phpMyPrepaid and MySQL

    Extract the phpMyPrepaid file to a directory on your webserver eg /var/www/html/myprepaid
    Create a MySQL database called radius and create a user and password for it. Use a script called db_mysql.db that you will find in the phpMyPrepaid download to create the database tables.
    Edit the dbconnect.php file in the phpMyPrepaid directory and enter the username and password for your MySQL radius database. IMPORTANT Save this file behind your web directory or your passwords will be easy to hack.
    Edit config.inc.php and change the line that points to dbconnect to wherever you have saved dbconnect.php
    In your web browser got to http://yoursite.com/whereveryouputphpmyprepaid/ and create some tickets. Check your database to see if the users have been setup in radcheck. Launch FreeRadius as root with this command radiusd -xxyx -l stdout. Pick a user and password from your database and try to login from a wireless client. If you can then it is time for step 5. If not go back to step 1 and check everything.

    Step 5 Have a cup of coffee and unwind. If all is well you have finished. I'll keep an eye on this post and do my best to help anyone with problems.

    Regards and good luck.

    Sean Bracken

    I have setup a test Radius system and a very easy way to configure a Linksys AP on my server. The link is http://swarmhotspots.com/chilli-test-area
  2. usgard

    usgard Network Guru Member

    Hi seanbracken,
    nice howto!!

    But one question....

    Do i have to install the freeradius-packet onto the wrt-router or do i need a seperated machine?

  3. Help.....I set http redirect to (webserver).....

    Help.....I set http redirect to (webserver), no I can not http to the WRT45G..........

    The IP of my WRT54G is

    When I http to it, I get the webpage on my apache server

    Anyway to undo this via telnet? short of me climbing the tower to reset the radio?

Share This Page