Synology usage series 34 – FreeRadius Accounting for OpenVPN with MySQL and daloRadius


FreeRadius Setting

Edit /opt/etc/raddb/sql.conf, update the values below

database = mysql
readclient = yes
nas_table = “nas”
login = “radius”
password = “radpass”
radius_db = “radiusdb”

Edit /opt/etc/raddb/sites-enabled/default, uncomment the sql line in accounting{}, session{} and post-auth{} section.

accounting{
   .
   sql
   .
}
session{
   .
   sql
   .
}
post-auth{
   .
   sql
   .
}

Look at /opt/etc/raddb/radiusd.conf and make sure the line below is NOT COMMENTED.

$INCLUDE ${confdir}/sql.conf

Install MySQL driver library

The mysql driver (rlm_sql_mysql.so) provided by optware requires libmysqlclient_r.so.14. It is obtainable by downloading the MySQL 4 package from ipkg feed.


# cd /root
# mkdir tmp
# cd tmp
# wget http://ipkg.nslu2-linux.org/feeds/optware/syno-x07/cross/unstable/mysql_4.1.22-3_arm.ipk
# tar xvf mysql_4.1.22-3_arm.ipk
# tar xvzf data.tar.gz
# cp -r opt/lib/mysql /opt/lib/
# rm -r -f /root/tmp

Setup OpenVPN as new NAS

First restart apache

# /usr/syno/etc/rc.d/S97apache-user.sh stop
# /usr/syno/etc/rc.d/S97apache-user.sh start

Now login to daloRadius using any web browser.

http://192.168.1.100/daloradius-0.9-9

username: administrator
password: radius

Replace the ip address to your nas ip address.

After login, navigate to Management/NAS/New NAS, add the openvpn nas as below

IP: 192.168.1.101 (Assign a new IP address here for openvpn)
Shortname: OpenVPN
NAS Type: 5
NAs Port: 5
Secret: Assign a secret password here

Setup OpenVPN

# vi /opt/etc/openvpn/config/radiusplugin.cnf



# same as the shortname in daloRadius NAS setup
NAS-Identifier=OpenVPN 

# same as the IP in daloRadius NAS setup
NAS-IP-Address=192.168.1.101 

server
{
        # The UDP port for radius accounting.
        acctport=1813

Restart OpenVPN and FreeRadius Server

# /opt/etc/init.d/S55freeradius restart
# killall openvpn 2>/dev/null
# /opt/etc/init.d/S20openvpn start

Setup DONE! Now open openvpn gui and login to your vpn server. Navigate to Accounting/General/All Records and you will see your vpn session is being logged.

Reference

Authentication, Authorization & Accounting With FreeRadius & MySQL Backend & Web Based Management with Daloradius

List of IPKG packages installed

php-pear
php
bzip2
libxml2
libxslt
pcre
php-gd
libgd
libpng
libjpeg
freetype
fontconfig
expat
gconv-modules





Leave a Reply

Your email address will not be published. Required fields are marked *