While I (haphazardly) upgraded my Debian box from 8.8/Jessie to 9.0/Stretch, it also upgraded the FreeRADIUS service from 2.2.5 to 3.0.12. With this foolish upgrade, the RADIUS service stopped working.
After inspecting all config files and copying all the required configurations to the appropriate config, I manage to restart the RADIUS services (maybe I was lucky).
Below are my notes in order to migrate (i.e successfully recover) from FreeRADIUS 2.2.5 to 3.0.12 in Debian LInux ("Stretch").
After inspecting all config files and copying all the required configurations to the appropriate config, I manage to restart the RADIUS services (maybe I was lucky).
Below are my notes in order to migrate (i.e successfully recover) from FreeRADIUS 2.2.5 to 3.0.12 in Debian LInux ("Stretch").
Old configuration files are located in /etc/freeradius which have been backup by the "apt-get upgrade"
# Old FreeRADIUS config
/etc/freeradius/radiusd.conf.dpkg-bak
# Old Clients Config
/etc/freeradius/clients.conf.dpkg-bak
# Old Users Account Config
/etc/freeradius/users.dpkg-bak
FreeRADIUS 3.0 configuration are located in /etc/freeradius/3.0
# FreeRADIUS config
/etc/freeradius/3.0/radiusd.conf
# Clients Config
/etc/freeradius/3.0/clients.conf
Note: Old client config can be copied over with no issues (I think)
# User Accounts
/etc/freeradius/3.0/users -> mods-config/files/authorize
Note: Only copy the users config within this file just before the "DEFAULT" settings
If you requires verbose logging for "failed/successful" authentication which I usually need, configure this in the radius.conf
# Edit /etc/freeradius/3.0/radiusd.conf
log {
destination = files
file = ${logdir}/radius.log
syslog_facility = daemon
stripped_names = no
auth = yes
}
Restart the service when finished
systemctl restart freeradius.service
To view logs from FreeRADIUS
tail -f /var/log/freeradius/radius.log
Tue Jul 1 17:13:47 2017 : Auth: (2631) Login OK: [admin] (from client TEST-SW-5120 port 0)
Tue Jul 1 17:13:48 2017 : Auth: (2651) Login OK: [admin] (from client TEST-SW-5130 port 0)
Tue Jul 4 17:13:51 2017 : Auth: (2651) Login OK: [admin] (from client TEST-SW-7250 port 0)
Enjoy!