Results 1 to 1 of 1
  1. #1
    Webmaster-Site founder Admin's Avatar
    Join Date
    Apr 2011
    Planet Earth !!!
    Blog Entries
    Thanked 1,316 Times in 500 Posts

    Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS

    Debian Wi-Fi hotspot using CoovaChilli, FreeRadius, MySQL and daloRADIUS

    March 24th, 2010 | Tags: CoovaChilli, daloRADIUS, debian, FreeRadius, hotspot, MySQL, NAT, network, routing, wi-fi
    I decide to create hotspot from my server to allow other connect to Internet for free. I used “Captive portal” solution based on these applications:

    When somebody wants to connect to Internet using my wifi, the first page he can see is the register/login page (whatever page he wants to visit).
    After registration/login he is able to connect to Internet.
    So let’s see how I did it.
    Let’s have one server with two network interfaces – first (eth0) goes to Internet, the second one (eth1) is the wifi for “unknown” clients.

    Install basic software:
    aptitude install mysql-server phpmyadmin freeradius freeradius-utils freeradius-mysql apache2 php-pear php-db
    a2enmod ssl
    a2ensite default-ssl
    service apache2 restart
    cd /tmp && wget ''
    tar xvzf daloradius-0.9-8.tar.gz
    mv /tmp/daloradius-0.9-8 /var/www/daloradius
    chown -R www-data:www-data /var/www/daloradius
    cp -r /var/www/daloradius/contrib/chilli/portal2/* /var/www/
    rm /var/www/index.html

    Because my machine is 64 bit I need to build CoovaChilli package myself:
    aptitude --assume-yes install dpkg-dev debhelper libssl-dev
    cd /tmp
    wget -c
    tar xzf coova-chilli*.tar.gz
    cd coova-chilli*
    dpkg-buildpackage -rfakeroot

    Install CoovaChilli:
    cd ..
    dpkg -i coova-chilli_*_amd64.deb

    Configure FreeRadius

    Change /etc/freeradius/clients.conf:
    client {
    secret = mysecret

    Change /etc/freeradius/sql.conf:
    server = "localhost"
    login = "root"
    password = "xxxx"

    Uncomment in /etc/freeradius/sites-available/default:
    authorize {

    accounting {

    Uncomment in /etc/freeradius/radiusd.conf:
    $INCLUDE sql.conf

    Configure MySQL database for FreeRadius

    mysql -u root --password=xxxx
    mysql> CREATE DATABASE radius;
    mysql> exit

    mysql -u root --password=xxxx radius < /var/www/daloradius/contrib/db/fr2-mysql-daloradius-and-freeradius.sql

    daloRADIUS configuration

    Modify this file /var/www/daloradius/library/daloradius.conf.php
    $configValues['CONFIG_DB_PASS'] = 'xxxx';
    $configValues['CONFIG_MAINT_TEST_USER_RADIUSSECRET'] = 'mysecret';
    $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';

    You also need to modify following configuration files to setup sign in web pages /var/www/signup-*/library/daloradius.conf.php:
    $configValues['CONFIG_DB_PASS'] = 'xxxx';
    $configValues['CONFIG_DB_NAME'] = 'radius';
    $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';
    $configValues['CONFIG_SIGNUP_SUCCESS_MSG_LOGIN_LINK'] = "<br />Click <b>here</b>".
    " to return to the Login page and start your surfing<br /><br />";

    Chnage lines in /var/www/signup*/index.php to (changed ‘User-Password’ -> ‘Cleartext-Password’ and ‘==’ -> ‘:=’):
    $sql = "INSERT INTO ".$configValues['CONFIG_DB_TBL_RADCHECK']." (id, Username, Attribute, op, Value) ".
    " VALUES (0, '$username', 'Cleartext-Password', ':=', '$password')";

    Another file need to be modified to communicate with CoovaChilli is /var/www/hotspotlogin/hotspotlogin.php
    $uamsecret = "uamsecret";

    Now you should be able to reach daloRADIUS installation on
    username: administrator
    password: radius


    We should not forget to enable packet forwarding and setup NAT:
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
    echo 1 > /proc/sys/net/ipv4/ip_forward
    sed --in-place=.old 's/^#\(net.ipv4.ip_forward=1\)/\1/' /etc/sysctl.conf
    sysctl -p

    CoovaChilli configuration

    Let’s start with /etc/chilli/defaults:


    Then don’t forget to enable CoovaChilli to start in /etc/default/chilli

    Maybe you need to execute chilli and radius server with some debug options to see “errors” during client connection:
    chilli --fg --debug
    freeradius -X

    Few links we created:

    This how-to describe simple configuration of CoovaChilli so there are many things to configure. I didn’t mentioned anything about security – so it’s up to you to tweak it yourself.
    You can find additional info on this web page:

    Source :
    Attached Images Attached Images

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts