Installing and Configuring ChilliSpot

Downloading and Installing ChilliSpot

Download and install ChilliSpot from the ChilliSpot website.
To download, type this command from your terminal:

wget http://www.chillispot.info/download/chillispot-1.1.0.i386.rpm

and intall using rpm command.

rpm -Uvh chillispot-1.1.0.i386.rpm

Configuring ChilliSpot

Chillispot configuration resides in a single file, which is /etc/chilli.conf.
Lets edit the file "/etc/chilli.conf" and find these lines that says:

# TAG: net
# IP network address of external packet data network
# Used to allocate dynamic IP addresses and set up routing.
# Normally you do not need to uncomment this tag.
# net 192.168.182.0/24

Uncomment the line that begins with #net and specify the ip address that ChilliSpot will give to tun0.

net 192.168.1.0/24

You need to specify the IP address of the DNS server, which will be told to clients as well. The local machine's one will be fine if the machine operates a DNS service, otherwise enter another one such as your provider's dns server.

# TAG: dns1
# Primary DNS server.
# Will be suggested to the client.
# If omitted the system default will be used.
# Normally you do not need to uncomment this tag.
#
dns1 192.168.1.1

# TAG: dns2
# Secondary DNS server.
# Will be suggested to the client.
# If omitted the system default will be used.
# Normally you do not need to uncomment this tag.
#
dns2 192.168.1.2

Scroll down a little bit and look for the radius section.

You need to specify two radius servers even if you only have one. Of course, you can enter the same server in both lines.

# TAG: radiusserver1
# IP address of radius server 1
# For most installations you need to modify this tag.
radiusserver1 192.168.1.1

# TAG: radiusserver2
# IP address of radius server 2
# If you have only one radius server you should set radiusserver2 to the
# same value as radiusserver1.
# For most installations you need to modify this tag.
radiusserver2 192.168.1.1

Specify your radius authentication and accounting ports.

# TAG: radiusauthport
# Radius authentication port
# The UDP port number to use for radius authentication requests.
# The same port number is used for both radiusserver1 and radiusserver2.
# Normally you do not need to uncomment this tag.
radiusauthport 1812

# TAG: radiusacctport
# Radius accounting port
# The UDP port number to use for radius accounting requests.
# The same port number is used for both radiusserver1 and radiusserver2.
# Normally you do not need to uncomment this tag.
radiusacctport 1813

Enter your radius secret.

# TAG: radiussecret
# Radius shared secret for both servers
# For all installations you should modify this tag.
#
radiussecret wifitesting

The interface to be specified in this section is the LAN interface. This will be your clients gateway.

# DHCP Parameters

# TAG: dhcpif
# Ethernet interface to listen to.
# This is the network interface which is connected to the access points.
# In a typical configuration this tag should be set to eth1.
dhcpif eth1

# Universal access method (UAM) parameters

# TAG: uamserver
# URL of web server handling authentication.
uamserver https://192.168.111.1/hotspot.php

# TAG: uamhomepage
# URL of welcome homepage.
# Unauthenticated users will be redirected to this URL. If not specified
# users will be redirected to the uamserver instead.
# Normally you do not need to uncomment this tag.
uamhomepage http://192.168.111.1:3990/prelogin

# TAG: uamsecret
# Shared between chilli and authentication web server
uamsecret your_radius_secret

# TAG: uamlisten
# IP address to listen to for authentication requests
# Do not uncomment this tag unless you are an experienced user!
uamlisten 192.168.111.1

# TAG: uamport
# TCP port to listen to for authentication requests
# Do not uncomment this tag unless you are an experienced user!
#
uamport 3990

# TAG: uamallowed
# Comma separated list of domain names, IP addresses or network segments
# the client can access without first authenticating.
# It is possible to specify this tag multiple times.
# Normally you do not need to uncomment this tag.
uamallowed www.google.com

# TAG: uamanydns
# If this flag is given unauthenticated users are allowed to use
# any DNS server.
# Normally you do not need to uncomment this tag.
#uamanydns

cp /usr/share/doc/chillispot-1.1.0/hotspotlogin.cgi /var/www/cgi-bin/

vi /etc/raddb/dictionary
$INCLUDE /usr/share/doc/chillispot-1.1.0/dictionary.chillispot

yum -y install bind bind-chroot squid net-snmp net-snmp-devel net-snmp-utils php-snmp cacti