How To install MySQL on Pfsense 2.4.5-RELEASE-p1

ontzuevanhussen

@Gertjan my ufw status on VPS :
Screen Shot 2020-06-19 at 06.14.57.png

ontzuevanhussen

@Gertjan This is my pfSense SQL configuration:
Screen Shot 2020-06-19 at 06.22.53.png

Screen Shot 2020-06-19 at 06.23.47.png

Screen Shot 2020-06-19 at 06.24.02.png

ontzuevanhussen

@Gertjan This my System logs on pfSense:
Screen Shot 2020-06-19 at 07.03.28.png

ontzuevanhussen

@Gertjan I have create user and allow from remote access my database:
Screen Shot 2020-06-19 at 07.13.47.png

Gertjan

First image :

Doesn't that ring a bell ?
A service that is listening on address 127.0.0.1 can only be reached by the system itself. That's the defintion of localhost or 127.0.0.1.
Everybody else, locally on a LAN ,and the Internet : negative.
You have to listen (add) to address "0.0.0.0" which means all available IPv4 addresses.
This will include the one you masked here :

You should have a :
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 13538/mysqld

and of course, please, limit the access to this port with a firewall rule, so it accepts only traffic from your pfSense.
If not, "you get hacked in no time", because the MySQL traffic is non intended to be exposed to the entire Internet.

I'll leave it up to you to find the instruction to be placed into /etc/my.cnf so the mysql server daemon listens to 'everything'.

ontzuevanhussen

@Gertjan Ok now it works well.
Screen Shot 2020-06-19 at 21.04.49.png

but table nas, radacct, radcheck, radgroupcheck, radgroupreply, radreply, and radusergroup is no data. why?

Gertjan

When you enable all "SQL" options :

only two tables get filled in with data from the Freeradius process :
radpostauth and radacct.

The radcheck, radgroupcheck should by filled in by you, using phpmyadmin.
Their content can not be modified from within pfSense.
As you have figured out : the users and passsword could have been placed also in a database table, but pfSense uses us a file on disk for this ( PackageFreeRADIUS > Users > Users )
The Freeradius package only exposes a (very) small part of all possible FreeRadius possibilities.
Most option are hard coded, and can't be changed using the pfSEnse GUI.

To get the idea, see this file : /usr/local/etc/raddb/sites-enabled/default and the entire directory /usr/local/etc/raddb/ (all files and folders).

What these tables do, how to fill them in, etc, there is only one way to find that out : https://freeradius.org/documentation/

Remember : MySQL (MariadDB) is actually doing nothing special. It's just the scratch pad area of FreeRadius.

"FreeRadius" is a complex thing.

ontzuevanhussen

@Gertjan Ok, I try to insert table Radcheck and radgroupcheck, like this:
Screen Shot 2020-06-21 at 17.50.59.png

Screen Shot 2020-06-21 at 17.51.25.png

Is that true? Can you help me again how to insert this table..

Gertjan

You can't.

To have FreeRadius use all the MySQL database tables, you have to modify /usr/local/etc/raddb/sites-enabled/default - and probably other files as well - which means you have to modify pfSense itself.
This means thorough FreeRadius knowledge and a good understanding about how pfSense makes the set up files.
If that was the case, you wouldn't ask question, you were just doing it.

sapsin

This post is deleted!