January 27

How to make Wi-Fi hotspot

Make Wi-Fi Hotspot with Chillispot and Freeradius


Requirement
1. Access Point (I use 3COM 3CRWE725075A)
2. Debian or Ubuntu Server
3. Lan Cable (at lease 2 line)
4. Lan card 2 card
5. Internet

1. Config Ethernet card

# nano /etc/network/interfaces

and append to file

[code lang=”shell” gutter=”false”]auto eth1[/code]

2. Enable ipforward

# nano /etc/sysctl.conf

and uncomment this line

[code lang=”shell” gutter=”false”]net.ipv4.ip_forward=1[/code]

3. Enable ipforward

# echo “1” > /proc/sys/net/ipv4/ip_forward

4. Enable tunnel, edit file

# nano /etc/modules

and append to file

[code lang=”text” gutter=”false”]tun[/code]

save and type command

# modprobe tun

5. Restart network

# invoke-rc.d networking restart

6. Config MySQL
6.1 log-in to mysql

# mysql -u root -p

6.2 Create database and user to grant a privillege own database.  User is “radius” and password is “radius”

[sql]
CREATE DATABASE IF NOT EXISTS `radius` ;
CREATE USER ‘radius’@’%’ IDENTIFIED BY ‘radius’;
GRANT USAGE ON * . * TO ‘radius’@’%’ IDENTIFIED BY ‘radius’;
GRANT ALL PRIVILEGES ON `radius` . * TO ‘radius’@’%’;
QUIT;[/sql]

7. Install and Config Freeradius
7.1 install Freeradius 2.x

# apt-get install freeradius freeradius-utils freeradius-mysql

7.2 Config database

# nano /etc/freeradius/sql.conf

Edit for database detail

[code lang=”text” gutter=”false”]# Connection info:
server = "localhost"
login = "radius"
password = "radius"

radius_db = "radius"
[/code]

7.3 Config freeradius to use sql

# nano /etc/freeradius/site-available/default

in authorize section uncomment sql line

[code lang=”text” gutter=”false”]
authorize{
sql
}
[/code]

in accounting section uncomment sql line

[code lang=”text” gutter=”false”]accounting {
sql
}
[/code]

in session section uncomment sql

[code lang=”text” gutter=”false”]session {
sql
}[/code]

7.4 Edit radius secret

# nano /etc/freeradius/clients.conf

Add this line to end of file

[code lang=”text” gutter=”false”]
client localhost {
secret = testing123
}[/code]

7.5 Restart Freeradius

# invoke-rc.d freeradius restart

7.6 Import schema to MySQL

# cat /etc/freeradius/sql/schema.sql | mysql -u root -p radius

8. Install and config chillispot
8.1 Install chillispot

# apt-get install chillispot

8.2 Enter information about chillispot

[code lang=”text” gutter=”false”]
IP address of radius server 1: 127.0.0.1
Radius shared secret: testing123
Ethernet interface for DHCP to listen: eth1
URL of web server handling authentication: https://192.168.2.1/cgi-bin/hotspotlogin.cgi
URL of welcome homepage: https://192.168.2.1/welcome.html
Shared password between chillispot and webserver: password
[/code]

and edit in file

# nano /etc/chilli.conf

TUN Parameter, uncomment and edit to

[code lang=”text” gutter=”false”]net 192.168.2.0/24
[/code]

Copy iptable rule to daemon

# cp /usr/share/doc/chillispot/firewall.iptables /etc/init.d/chilli.iptables

Change permission to run this file

# chmod a+x /etc/init.d/chilli.iptables

Link to runlevel for automatic start up this script

# ln -s /etc/init.d/chilli.iptables /etc/rc4.d/S41chilli.iptables

Enable Chillispot

# nano /etc/default/chillispot

and set Enabled to 1

[code lang=”text” gutter=”false”]ENABLED=1[/code]

8. Config Apache Server
8.1 Create login page from example file

# mkdir -p /var/www/hotspot/cgi-bin

Use from example file

# zcat -c /usr/share/doc/chillispot/hotspotlogin.cgi.gz | tee /var/www/hotspot/cgi-bin/hotspotlogin.cgi

Change permission to run this file

# chmod a+x /var/www/hotspot/cgi-bin/hotspotlogin.cgi

Edit file hotspotlogin

# nano /var/www/hotspot/cgi-bin/hotspotlogin.cgi

Set uamsecret with the same as chillispot and set userpassword to 1

[code lang=”text” gutter=”false”]$uamsecret = "password";
$userpassword=1;[/code]

8.2 Create Welcome page

#nano /var/www/hotspot/welcome.html

[code lang=”html”]
<html>
<head></head>
<body>
<a href="http://192.168.2.1:3990/prelogin">Log in</a>
</body>
</html>
[/code]

8.2 Create Certificate
create store folder

# mkdir /etc/apach2/ssl

make certificate and follow instruction

# make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/apache2/ssl/apache.pem

enable ssl mod

# a2enmod ssl

8.3 Create Virtual Host

# nano /etc/apache2/site-available/hotspot

[code lang=”text”]
NameVirtualHost 192.168.2.1:443
<VirtualHost 192.168.2.1:443>
ServerAdmin webmaster@localhost
DocumentRoot "/var/www/hotspot"
ServerName "192.168.2.1"
<Directory "/var/www/hotspot/">
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>

ScriptAlias /cgi-bin/ /var/www/hotspot/cgi-bin/
<Directory "/var/www/hotspot/cgi-bin/">
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>

ErrorLog /var/log/apache2/hotspot-error.log

LogLevel warn

CustomLog /var/log/apache2/hotspot-access.log combined

ServerSignature On
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>
[/code]

enable site hotspot

# a2ensite hotspot

restart apache server

# invoke-rc.d apache2 restart

9. Install phpmyprepaid
9.1 Download Phpmyprepaid

#wget http://nchc.dl.sourceforge.net/project/phpmyprepaid/phpmyprepaid/Phpmyprepaid-RC3/phpmyprepaidRC3.tgz

9.2 Untarbal the package

# tar xzf phpmyprepaidRC3.tgz

9.3 Copy to default site

# cp -R phpmyprepaid/www/ /var/www/phpmyprepaid

change permission to run this file

# chmod a+x -R /var/www/phpmyprepaid

9.4 Log-in to MySQL

# mysql -u root -p

[code lang=”sql”]
CREATE DATABASE IF NOT EXISTS `phpmyprepaid` ;
CREATE USER ‘phpmyprepaid’@’%’ IDENTIFIED BY ‘phpmyprepaid’;
GRANT USAGE ON * . * TO ‘phpmyprepaid’@’%’ IDENTIFIED BY ‘phpmyprepaid’;
GRANT ALL PRIVILEGES ON `phpmyprepaid` . * TO ‘phpmyprepaid’@’%’;
QUIT;[/code]

9.5 Point web browser to URL

[code lang=”text” gutter=”false”]
http://yourwebserver/phpmyprepaid/install/setup.php[/code]

And following instruction untill you finish

9.6 Edit database

# mysql -u root -p

[sql]USE phpmyprepaid;
ALTER TABLE `usergroup` ADD `priority` INT( 11 ) NOT NULL DEFAULT ‘1’ AFTER `location_id`;
QUIT;
[/sql]

10. Reconfig Freeraidus to use phpmyprepaid
10.1 Edit file sql

# nano /etc/freeradius/sql.conf

[code lang=”text” gutter=”false”]
# Connection info:
server = "localhost"
login = "phpmyprepaid"
password = "phpmyprepaid"

radius_db = "phpmyprepaid"

# Table to keep group info
usergroup_table = "usergroup"
[/code]

10.2 Edit file attribute by append to this file

# nano /etc/freeradius/dictionary

[code lang=”text” gutter=”false”]
ATTRIBUTE       Max-All-Session         3000    integer
[/code]

11. Restart Your Server

# reboot

12. Setup Access Point (3COM 3CRWE725075A)
12.1 Setup your laptop or computer network card to ip address
IP : 169.254.2.2
Netmask : 255.255.255.0

12.2 Restore your Access Point to factory default
12.3 Point your web browser to

http://169.254.2.1

12.4 Log in with

user : admin
password :    (no password)

12.5 Select Setup Wizard (for newby )

12.6 Select VAP you wish to configure to 1, it mean your how many your SSID.

12.7 Enter your SSID

12.8  Select Auto Channel Select to Enable. (not nescessary)

12.9 Disable DHCP Client, clause I want an our server release DHCP to client

12.10 Set Authentication to “Open” and Encryption to “Disable”

12.11 Save your configuration, your hotspot are done.

CategoriesDebian Engineerball Linux Network TK's LAB Ubuntu

Tagsapache chillispot Debian freeradius how to Linux Network Ubuntu wi-fi wireless

ball Written by:

Teerapat Khunpech Live, Tech, Beers, Bike, Cafe Racer, Docker, Devops, Eco-System