yum install freeradius-ldap freeradius-utils freeradius

cd /etc/raddb/mods-enabled/
ln -s ../mods-available/ldap

vi ldap

In the ldap section change the following fields. In my example I stall radius on the same machine as the ldap server so I am going to connect to localhost. The following config is not the complete config, only the changed part!

ldap {
        server = "localhost"
        port = 389
        identity = "cn=manager,dc=helux,dc=nl"
        password = mypass
        base_dn = "dc=helux,dc=nl"

        update {
                control:Password-With-Header    += 'userPassword'
                control:NT-Password             := 'SambaNTPassword'
        }
        user {
                access_attribute = "dialupAccess"
                access_positive = yes
        }
}

vi /etc/raddb/clients.conf

client private-network-1 {
	ipaddr		= 172.16.0.0/16
	secret		= testing123
}
client private-network-1-ipv6 {
        ipv6addr        = 2a02:22a0:bbb7:400::/56
        secret          = testing123
}

In this situation I already have a CA and a certificate created on the CA for this machine. So I move the old directory and create a new one!

cd /etc/raddb
mv certs certs.org
mkdir certs
chown root:radiusd certs
chmod 770 certs

Now let's copy the necessary files.

• the certificate and private key must be concatenated in server.pem
• the CA certificate must have the name ca.pem
• copy the dh file from the original certs directory
• set the correct permissions

Result:

cd /etc/raddb/certs
ls -l

total 16
-rw-r-----. 1 root radiusd 1375 Jun 24 16:24 ca.pem
-rw-r-----. 1 root radiusd  245 Jun 24 16:24 dh
-rw-r-----. 1 root radiusd 6297 Jun 24 16:24 server.pem