A How To for DD-WRT, FreeRadius and Chillispot.

Creating a Wi-Fi Internet hotspot service from scratch can seem like a daunting task. I had many sleepless nights trying to get to grips with FreeRadius, DD-WRT, Chillispot etc. I hope that this How To helps you to avoid some of the problems I encountered along the way.

Regards Sean Bracken

********Warning ********

Following these instructions may invalidate your Linksys warranty. You do so at your own risk. These instructions assume that you have an understanding of Linux, PHP MySQL and Apache. If you brick your AP you might get it back by holding down the reset pin for 20 seconds, unplug the power while still holding down the reset button for another 20 seconds and then plugging the power back in while still keeping the reset button held in for a further 20 seconds. This should bring it back to the defaults of whatever firmware you have installed. You should be able to login to 192.168.1.1

Feel free to copy or use this information in any way you like.

What you will need?

a) DD-WRT
Download the latest version here http://dd-wrt.com

b) FreeRadius
Download the latest version here http://freeradius.org/

c) phpMyPrepaid
Download the latest version here http://sourceforge.net

d) Linsys WRT54GL AP

e) You will also need PHP, Apache, MySQL amd MySql Delopment Modules,(These need to be setup first.) some patience, plenty of coffee and cigarettes.

Step 1 DD-WRT/Chillispot Configuration

Configure the WRT-54G with the standard Linksys software and the use the upgrade firmware module to install the dd-wrt package on the AP.
*******IMPORTANT******* Use your cable connection to do the upgrade. NOT the wireless connection.
Reboot the AP and login to your new firmare.
Set Dynamic configuration DHCP
Disable DHCP (Chillispot will manage DHCP for your clients.)
Change the Local IP of the AP to 192.168.10.1.
Set your gateway and DNS addresses.
Update changes and log back in to the new IP address.

Go to the administration page.
Enable Chillispot
Enter the IP address of your Radius server.
Enter the DNS.
Enter the redirect URL eg HTTPS://123.123.123.123/cgi-bin/hotspotlogin.cgi/ (MAke sure that the address ends in / and is https.)
Enter a shared key. (This can be anything you like, but keep a note of it you will need it later.)
Set DHCP Interface to Lan+Wlan
Enter a NAS id (Your name for your AP)
Enter a UAM secret (This is the password that Chilli will use to talk to hotspotlogin.cgi)
Save your settings and reboot the AP. Please give the AP about 10 minutes to reboot and initialise all the new services.

Step 2 FreeRadius Configuration.

Untar the FreeRadius tar file and enter its directory.
Type ./configure –with-experimental-modules
make
login as root and type make install
When this is finished copy the radiusd.conf file that you downloaded earlier to /usr/local/etc/raddb/
You should not need to edit radiusd.conf
Edit /usr/local/etc/raddb/sql.conf and in the SQL section make these changes.

# Database type
# Current supported are: rlm_sql_mysql, rlm_sql_postgresql,
# rlm_sql_iodbc, rlm_sql_oracle, rlm_sql_unixodbc, rlm_sql_freetds
driver = “rlm_sql_mysql”

# Connect info<br>
server = “localhost”<br>
login = “yourlogin”<br>
password = “your password”

# Database table configuration
radius_db = “radius”

Edit the /usr/local/etc/raddb/clients.conf file and enter the details of your NAS (AP)

client xxx.xxx.xxx.xxx { (This is the address of your NAS or WRT54G )
secret = xxxxxxx (The secret you entered in the Chilli Config)
shortname = private-network-9 (This can be any name)
nastype = other
( If you want to set up several AP’s with one secret the IP address above should be 0.0.0.0/0 )
}

Step 3 hotspotlogin.cgi
Copy hotspotlogin.cgi from http://chillispot.org to /var/www/cgi-bin

Edit the file and change the secret to the UAM secret that you entered in the Chillispot configuration on the WRT54G.

You can also use a php script. It is not as secure as the cgi script but easier to personalise. If you want a copy email me at sean@swarmhotspots.com

Step 4 phpMyPrepaid and MySQL

Extract the phpMyPrepaid file to a directory on your webserver eg /var/www/html/myprepaid
Create a MySQL database called radius and create a user and password for it. Use a script called db_mysql.db that you will find in the phpMyPrepaid download to create the database tables.
Edit the dbconnect.php file in the phpMyPrepaid directory and enter the username and password for your MySQL radius database. IMPORTANT Save this file behind your web directory or your passwords will be easy to hack.
Edit config.inc.php and change the line that points to dbconnect to wherever you have saved dbconnect.php
In your web browser got to http://yoursite.com/whereveryouputphpmyprepaid/ and create some tickets. Check your database to see if the users have been setup in radcheck. Launch FreeRadius as root with this command radiusd -xxyx -l stdout. Pick a user and password from your database and try to login from a wireless client. If you can then it is time for step

5. If not go back to step 1 and check everything.

Step 5 Have a cup of coffee and unwind. If all is well you have finished. I’ll keep an eye on this post and do my best to help anyone with problems.

I have setup a free Radius test area for people that have no access to a Radius server. You can use this service to test your Chillispot configuration. The address is http://swarmhotspots.com/Chilli-Test-Area

I would welcome any feedback from this article and will do all I can to help any of you with problems.

Comments

comments