nasirhafeez

FreeRADIUS Advanced Use Cases

Contents

Introduction

Installation

Expiration

nasirhafeez

LAMP Server Setup on Ubuntu 20

Contents

Basic Setup

MySQL Setup

Apache Site Setup

nasirhafeez

TP Link Omada Controller Let's Encrypt SSL Certificate

Tested successfully on Ubuntu 20:

snap install core; sudo snap refresh core
snap install --classic certbot
tpeap stop
certbot certonly --standalone --preferred-challenges http -d example.com
openssl pkcs12 -export -inkey /etc/letsencrypt/live/example.com/privkey.pem -in /etc/letsencrypt/live/example.com/fullchain.pem -certfile /etc/letsencrypt/live/example.com/chain.pem -name eap -out omada.p12 -password pass:tplink

nasirhafeez

OpenNDS Guide for OpenWRT: Youtube Companion

This setup has been tested successfully on GL.iNet GL-MT300N-V2 device with OpenWRT v22.

Firewall Setup

By default OpenWRT firewall does not allow web or SSH access on WAN IP. As a captive portal blocks all traffic on LAN until user is authenticated so when we initially enable captive portal on OpenWRT we lose access to the router from LAN side. To manage our OpenWRT we should therefore open access from WAN side.

Access your OpenWRT router via Luci interface. Go to Network => Firewall => Traffic Rules and add a new rule for opening port 80 (HTTP):

nasirhafeez

FreeRADIUS Setup

Install FreeRADIUS:

apt-get install freeradius freeradius-mysql freeradius-utils

Allow all NAS clients to connect to it:

nasirhafeez

Coova Chilli Commands

Installation

Recommended OpenWRT firmware version: OpenWRT 19. Newer versions do not have iptables installed by default so Coova Chilli will not work out of the box

opkg update
opkg install coova-chilli nano

nasirhafeez

OpenVPN Server for Mikrotik on Docker

Introduction

The goal of this project is to configure a Dockerized OpenVPN server instance in Ubuntu 18 so that Mikrotik OpenVPN clients can connect to it.

There are a few limitations in Mikrotik’s implementation of OpenVPN client that we need to keep in mind: