Aradial Technologies Ltd. Information in this document is subject to change without notice. Companies, names, and data used in examples herein are fictitious unless otherwise noted. No part of this document may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without a prior express written permission from Aradial Technologies Ltd. All other products are trademarks or registered trademarks of their respective owners.. http://www.aradial.com http://www.radius-server.com http://www.wifi-radius.com Document Information Software Version: 6.1-7 Document Version: 1.1 Publication Date: 2013 Page 2
Contents Aradial Installer for Windows... 4 General... 4 Registry Configuration... 5 Optional Features... 6 Configuration for MSSQL... 6 Installing Aradial with MySQL and ORACLE Databases... 8 Configuration for Support files... 9 Configuration for License... 10 Installation Trouble Shooting... 11 Microsoft SQL Server... 12 Creating a Database... 12 Create an ODBC connection... 16 Configuration ODBC connection in Aradial... 19 MYSQL Server... 20 Create an ODBC connection... 22 Configuration ODBC connection in Aradial... 25 Quick Aradial Configuration... 26 Run Time Trouble Shooting... 28 IIS configuration... 30 Prerequisites... 30 Aradial IIS extensions... 30 Installing Aradial IIS Extension on Windows 2008... 30 Installing Aradial IIS Extension when not using Windows 2008... 31 Create an admin user for IIS... 31 Configuring ardweb virtual directory... 32 Another Step in IIS 6.x (Windows 2003)... 36 Running Aradial in IIS... 38 Running with SSL... 38 IIS\SSL Trouble Shooting... 39 Page 3
Aradial Installer for Windows General The Aradial Windows installer uses the MSSQL database and installs Aradial at c:\program files (x86)\aradialbilling (default). Schemas for other database types can be found under the installation directory Database folder. Documentation is in the 'Docs' folder. To login to the Aradial Admin: http://locahost:8000 (user: admin, password: password). To login for the Aradial Web Self Care module: http://locahost:8001 To login for the Aradial Hotspots portal module: http://locahost:8002 Or in case you installed IIS: To login to the Aradial Admin: http://locahost/ardweb/ardadminis.dll (user: admin, password: password). To login for the Aradial Web Self Care module: http://locahost/ardweb/ardawscis.dll To login for the Aradial Hotspots portal module: http://locahost/ardweb/ardaportalis.dll - In order for the Installer to configure the MSSQL database automatically please install the MSSQL Server in advance. - In order to Enable SSL secure connection with IIS please download the IIS role to windows Server before Installation. - If you wish to make any changes to MSSQL or IIS please install these components manually. - If you wish to use a database other the MSSQL, please install the component manually and review these sections in this manual. Page 4
Registry Configuration At the beginning of the installer the next dialogue will appear: Service Provider Name: The name of the service provider that uses the Aradial software. Aradial Administration Login: The Aradial administrator login name. Aradial Administration Password: The Aradial administrator login password. Email Server: The SMTP server from which emails will be sent Administrator Email: The email address of the administrator user. Page 5
Optional Features The dialogue for optional features include installation of IIS integration and SQL server integration. The following dialog box is presented: The IIS installation will create a new Administrator user in the Windows server. The username will be IIS, and the user password will be set in this dialogue, The password strength can be tested by pressing the test button. The SQL installation will create an Aradial database at the SQL Server and configure an ODBC data source for accessing it. Configuration for MSSQL The first dialogue for MSSQL installation is: Page 6
In this dialogue the user is required to enter the full Database Instance name. For Example: MY-PC\SQLEXPRESS. In order for the installer to recognize the local sql server the SQL Server Browser service should be running. The size of the database will be configured in the following manner: Small Database 3 data files sized 2 GB, 2 log files sized 1 GB Medium Database 4 data files sized 2 GB, 3 log files sized 1 GB Large Database 5 data files sized 2 GB, 3 log files sized 1 GB The second dialogue is optional, this dialogue is intended to test that the database instance details provided are correct. Page 7
The Test connection button will be disabled in case of windows Authentication, and in order to enable the SQL Authentication, the SQL Server must be configured to allow both Windows and SQL Authentications. Note: In case of an error during the Database Installation, the Install wizard will announce an error and a rollback action will occur. Installing Aradial with MySQL and ORACLE Databases In case of using a different database than SQL Server. Install the database software Use the database scripts under Database folder to build the Aradial database. Each database appears in a different folder. In order to install the demo database, run the DemoData.sql For MS SQL and MYSQL configuration, please refer to the chapters below. Page 8
Configuration for Support files The dialogue for the support files is: The Aradial installation support files are the logs and the database files. For optimal performance the support files require around 250 GB, the hard disk space can be viewed with the See Disk Space. Page 9
Configuration for License The dialogue for the license file is: To receive the license file, the Mac Address and IP address provided by the installer need to be sent via mail to support@aradial.com. Once the license file is saved on the server, the location of the file needs to be selected and the installer will apply the license automatically. Page 10
Installation Trouble Shooting SQL server doesn t appear in the list of databases during installation. - Verify that the service SQL Server Browser is running. - If the SQL server is on a remote server enable the Named Pipes protocol. Installation completed successfully, but the database was not created (as reported by the application error log and can be seen from SQL Server Management Studio). - Provide the user Everyone permissions on the directory where the database files reside. - Uninstall the product. - Install the product. Install the database files in the previously configured directory. The following error is observed when accessing the Admin application: You do not have permission to view this directory or page using the credentials you supplied. - Grant the user IIS permissions on all files in the directory [Aradial]WebserverIsapi. - Restart the service World Wide Web Publishing Service. Installation Failed. - Email support@aradial.com and attach the file C:\Installation.log. Page 11
Microsoft SQL Server These are the guidelines for manually installing Aradial with MS SQL Server database. To create the Aradial database on your SQL server, use the script provided in the <Aradial path>\database\mssql\mssql.sql. Creating a Database Go to Enterprise Manager of MS SQL. Open Object Explorer: Point to the Databases and right-click to open a context menu: Page 12
Select New Database. Define new database name (ARD60SQL in our example) and press OK: Page 13
The new database appears in the list: Page 14
Highlight your Aradial database and open File Open File: Browse directories to get to <Aradial path>\database\mssql and open MSSQL.sql: Page 15
Verify that the script will be executed on the chosen database (refer to the SQL Editor toolbar: Press Execute. Create an ODBC connection After the database has been created, create the ODBC DSN using the ODBC Data Source Administrator (My Computer>Control Panel>Administrative Tools>Data Sources (ODBC) (On 64 bit Windows, run c:\windows\syswow64\odbcad32.exe instead). After opening the ODBC Data Source Administrator, select the System DSN and click on Add Select the SQL Native Client or SQL Server driver, and click on Finish. The Create New Data Source to SQL Server dialog will open, as shown below: Page 16
For the Name field, enter the name of the DSN, as Aradial should call it (see Connect String in Advanced Configuration). Select your SQL server from the Server selection box, and click Next. In the next page, for How should SQL Server verify the authenticity of the login ID? Select With SQL Server authentication using a login ID and password entered by the user: Page 17
In Login ID, enter a valid SQL Server login ID, and enter the login password at the password field. Click Next. In the next page, check the checkbox for Change the default database to: and select the database with Aradial structure (ARD60SQL as in the example). Page 18
Click on Next then on Finish. Configuration ODBC connection in Aradial After configuring the ODBC source, make sure to configure Aradial to use the source you have defined: Edit the registry (set ODBC name as a value): HKEY_LOCAL_MACHINE\SOFTWARE\Aradial\Radius\6.0\DataBase\ConnectSt r The connection string format: <ODBC DSN name>;user;password Page 19
MYSQL Server 1. Install the MYSQL database on the DB machine 2. Create root user and password. 3. Open MySQL Workbench (or open MYSQL command line client). Page 20
4. Open connection to start Querying, enter root and your password. Page 21
5. Press the add schema button and add Aradial database. 6. Connect to the schema which you created. 7. Go to FileOpen Sql script 8. Choose the script MySql.sql in ~ROOT Directory\Database\MYSQL 9. Execute the script on the Schema which you created. Create an ODBC connection After the database has been created, create the ODBC DSN using the ODBC Data Source Administrator (My Computer>Control Panel>Administrative Tools>Data Sources (ODBC) (On 64 bit Windows, run c:\windows\syswow64\odbcad32.exe instead). After opening the ODBC Data Source Administrator, select the System DSN and click on Add Page 22
Click on the MYSQL ODBC 5.1 driver and then finish Page 23
Data source name: name of the ODBC connection(odbc DSN name) Description:(optional) TCP/IP Server: The IP of the database machine( for example :127.0.0.1 for local computer) User: the user name that was created before. Password: same as user. Database: there should be a list with Aradial in it. If not then the configuration of the ODBC is wrong. Click ok. Page 24
Configuration ODBC connection in Aradial After configuring the ODBC source, make sure to configure Aradial to use the source you have defined: Edit the registry (set ODBC name as a value): HKEY_LOCAL_MACHINE\SOFTWARE\Aradial\Radius\6.0\DataBase\ConnectSt r The connection string format: <ODBC DSN name>;user;password Page 25
Quick Aradial Configuration After the Database is created, you need to do the following: Start the Aradial services. To verify that the Admin and the server has started please see the 'Admin.log' and 'ServerErrors.log' in the directory Log. If there is a problem with the license it will be written in the Log files (if so please send it to support@aradial.com for analysis). Configure your access point to use the RADIUS protocol. Setup the IP address and port of the machine running Aradial. Setup a secret that will be shared by Aradial and your access point. Add your access point to Aradial list of NAS s. You can do it by: o Activating the Aradial Admin web application (from the Aradial menu). o Go to the "NAS & Proxy" and define the NAS -> Put the: Name, IP Address, and secret. To choose the NAS Model: o Search for your model. o If not found: - Choose the "Default" as your NAS type for ISP and VOIP. - For Hotspots choose ' -- Default_Access_Point ' or '-- Default_WLAN_Gateway ' - Choose the --Default_VOIP as your NAS type for VOIP. - If you want: Configure another NAS as Aradial_NAS_Simulator and use our NAS simulator for testing. Setup your access point IP address in the IP field and the secret in the Secret and Confirm. Use Default as the NAS model. Page 26
Add users to the Aradial user database by: Go to the Accounts screen. Add users by activating the Add User button. For more info on User Management, please see the chapter about Accounts in the Aradial Billing manual. For more info on NAS configuration, please see the chapter about NAS Configuration of the Aradial AAA manual. Page 27
Run Time Trouble Shooting The Aradial logs can be found at: <aradial_path>/logs (usually c:\program files\aradialbilling\logs). In all problems please look at them. You can open, close and also browse them using the Admin UI. - Server.log the RADIUS server debug log. - ServerErrors.log The RADIUS server errors log. - RadiusData.log all the packets that are sent from/to Aradial to the NAS. - RadiusError.log All the authentication problems. E.g. wrong password. - EapDebug.log EAP detailed log. - Performance.log Performance of the RADIUS server. - IPPools.log details of IP pools allocations. - Admin.log the log of the admin. The server fails to start, possibilities: - Aradial is defined by default to use the 1812, 1813 ports. Another RADIUS server might run on the computer and prevent Aradial to acquire the sockets. Look at Aradial server log and see if you see bind failure. In this case shutdown the other RADIUS server or change Aradial ports in the Admin. - Check whether the ServerIP configuration parameter is set, in case it is, make sure that the IP match the IP of one of the network interfaces. - License problem - Too many users in the database. This would be written to the ServerErrors log. Aradial does not receive messages from a NAS - Firewall problem Resolution: open the 1812, 1813 or the new ports configured. - NAS is not defined in Aradial - check if an error appears at RadiusErrors.log saying Request address unlisted. Resolution: define the NAS at Aradial. Page 28
- Wrong NAS secret check if an error appears at RadiusErrors.log saying Password mismatch with typed password displayed as gibberish. - Wrong configuration of the IP or port on the NAS. Aradial fails to return values to the NAS/AP - Firewall problem open incoming 1812, 1813 at the router. Aradial fails to proxy messages the NAS/AP - Firewall problem, Aradial uses random port to proxy a RADIUS server - When Aradial loads it writes the ports to the server log: Example: 08/01/2005 23:01:57 Started RADIUS Server: AuthPort=1812, AcctPort=1813, ProxyAuthPort=2941, ProxyAcctPort=2942 08/01/2005 23:01:57 IP=Default 08/01/2005 23:01:57 Single Thread Mode - The ports can be configured to be fixed ports. Aradial process get stuck with MS Access - Verify that you are not operating with Multithreading (Advanced configuration under Misc), as MS Access does not support multi threaded operation. NAS/AP fails to write to accounting log. - Enabling Enable Monthly Partitioning of Accounting Database Tables in advanced configuration under accounting, required creating monthly partition tables instead of using the AccountingLog table. - If it is enabled and the table does not exist the accounting data will be missing. - Disable the option if not needed or create the tables. Page 29
IIS configuration This chapter defines how to manually configure Aradial IIS Extensions with IIS 5.x and IIS 6.x. Aradial UI applications run as extension modules on IIS. Prerequisites Install IIS 5.x (Windows XP Pro) or IIS 6.x. on the Windows 2003. On Windows 2008, where IIS is pre-installed, go to Server Roles, and IIS. Make sure to include the Isapi Extension component. Verify the IIS Admin service is running (open Windows services and start / check it). Aradial IIS extensions Aradial has several extensions: The extensions must be put at: "<Aradial path>\webserver\isapi" 1. Aradial Admin - "<Aradial path>\webserver\isapi\ardadminis.dll" 2. Aradial Portal - "<Aradial path>\webserver\isapi\ardportalis.dll" 3. Aradial Web Self Care - "<Aradial path>\webserver\isapi\ardwscis.dll" Installing Aradial IIS Extension on Windows 2008 Execute using cmd the <Aradial path>\installscripts\ardiis.cmd {IIS User password} Page 30
Installing Aradial IIS Extension when not using Windows 2008 The following steps need to be done in order to manually install IIS on systems older then Windows 2008. Create an admin user for IIS First you must create an admin account / user in Windows XP or 2003/2008 for the IIS service and configure its password. Go to: Control Panel >> Administrative Tools >> Computer Management >> Local Users and Groups >> Users 1. Press right click and choose the New User action. 2. Fill in the user IIS 3. Set the password. 4. Set that the user account password never expires. 5. Set that User Can not change his password. Please see below a screen shot: 6. Press Create. 7. Find the IIS user in the list, and press Properties using the mouse right button, Page 31
8. Press on the Member of tab. 9. Remove the Users. 10. Press Add, and add the Administrators. 11. Press OK Configuring ardweb virtual directory 1. Go to: Control Panel >> Administrative Tools 2. Double click the "Internet Information Service" 3. At Default Web site, using the right mouse click, choose "new and sub menu Virtual Directory". Page 32
4. Set the alias name (e.g. ardweb) 5. Set the directory that contains the IIS extension Dll's (<Aradial path>\webserver\isapi). Page 33
6. Enable "Execute, disable all other options, and press next until the alias is created. 7. Go the created virtual directory properties (right click ardweb ) a. Go to the "Directory Security" tab, and press "Edit" b. Set the "User Name" to the IIS user that was created. Note that currently, IIS does not except the real "Administrator" user. Page 34
c. Fill in the password. 8. Optional: Go to "Virtual directory", and disable "Directory browsing" (Recommended step, not a must). Page 35
Another Step in IIS 6.x (Windows 2003) In order for the IIS Extensions to run on IIS 6.0 there is a need to allow the Extensions. To do that: 1. Open IIS Console. a. Go to: Control Panel >> Administrative Tools b. Double click the "Internet Information Service" 2. Go to Web Service Extension Page 36
3. Press "Add a new Web service extension" Put Aradial in the name. Add the Admin, Wsc and Portal Is DLLs. 4. Check 'set extension to allowed' Page 37
Running Aradial in IIS To open Aradial Admin under IIS: http://localhost/ardweb/ardadminis.dll Enter to login: user: admin Pwd: password To open Aradial Portal under IIS: http://localhost/ardweb/ardportalis.dll To open Aradial Self Service under IIS: http://localhost/ardweb/ardwscis.dll Running with SSL In order to run with SSL there is a need to install a certificate for the IIS. Follow the 2 articles below to create a certificate: http://www.somacon.com/p41.php http://www.somacon.com/p42.php Page 38
IIS\SSL Trouble Shooting 1. Sometimes the 80 or 443 ports for SSL are not enabled in the Windows firewall. 2. SSL see articles below. Page 39