Would you like to learn how to configure Zabbix Radius authentication on Apache? In this tutorial, we are going to show you how to authenticate Zabbix users using the Apache Radius module for HTTP authentication.
• Ubuntu 18
• Ubuntu 19
• Zabbix 4.4.1
• Freeradius 3.0.17
Hardware List:
The following section presents the list of equipment used to create this Zabbix tutorial.
Every piece of hardware listed above can be found at Amazon website.
Zabbix Playlist:
On this page, we offer quick access to a list of videos related to Zabbix installation.
Don’t forget to subscribe to our youtube channel named FKIT.
Zabbix Related Tutorial:
On this page, we offer quick access to a list of tutorials related to Zabbix installation.
Tutorial Zabbix – FreeRadius Server Installation
• IP – 192.168.15.10.
• Operational System – Ubuntu 19.10
• Hostname – UBUNTU
On the Linux console, use the following commands to install the FreeRadius service.
Now, we need to add FreeRadius clients to the clients.conf;.
Locate and edit the clients.conf.
Add the following lines at the end of the clients.conf file.
In our example, we are adding 1 client device:
The client device was named ZABBIX and has the IP address 192.168.15.9.
Now, we need to add FreeRadius users to the USERS configuration file.
Locate and edit the Freeradius users configuration file.
Add the following lines at the end of the file
Keep in mind that Zabbix is case sensitive.
We are creating an account named Admin and not admin.
Restart the Freeradius server.
Test your radius server configuration file.
You have finished the Freeradius installation on Ubuntu Linux.
Tutorial Zabbix – Apache Radius Module Configuration
• IP – 192.168.15.9
• Operational System – Ubuntu 19.10
• Hostname – ZABBIX
Install the required Apache Radius module.
Enable the Apache2 Radius module.
Now, we need to configure Apache to request authentication to users trying to acess the Zabbix directory.
Edit the Apache 000-default.conf configuration file.
Here is the 000-default.conf file before our configuration.
Here is the 000-default.conf file after our configuration.
The Apache server was configured to request password authentication to acess the Zabbix directory /var/www/html/zabbix.
The Apache web server was configured to authenticate user accounts using the Radius server 192.168.15.10.
Restart the Apache service.
Congratulations! You successfully configured the Apache authentication.
Tutorial Zabbix – Radius Authentication Configuration
Open your browser and enter the IP address of your web server plus /zabbix.
In our example, the following URL was entered in the Browser:
• http://192.168.15.9/zabbix
On the login screen, use the default username and default password.
• Default Username: Admin
• Default Password: zabbix
After a successful login, you will be sent to the Zabbix Dashboard.
On the dashboard screen, access the Administration menu and select the Authentication option.
On the Authentication screen, select the HTTP settings option.
You need to configure the following items:
• Enable HTTP authentication: Yes
• Default login form: HTTP login Form
• Case sensitive login: Yes
Click on the Update button.
After finishing your configuration, you should log off the Zabbix web interface.
Try to access the Zabbix server URL and verify if the Apache web server will request you to authenticate yourself.
On the login screen, use the Admin user and the password from the Radius server.
• Username: Admin
• Password: Enter the Admin Radius password. [boss123]
After a successfull login, you will be sent directly to the Zabbix dashboard.
Congratulations! You have configured the Zabbix Radius authentication on Apache.
In order to authenticate an account using Radius, the User account MUST EXIST in the Radius USERS file and on the Zabbix Local database.
If you configure the Radius authentication, this does not mean that you don’t need to create the Account locally on the Zabbix dashboard.
