Wireless Controller,低端也要好几万吧,几万?几万?能替代不?能替代不?
折腾吧,陪着折腾,人家卖几万块,不是说能轻易取代的。做出来交差,好不好用上面决定吧!
一、安装freeradius相关组件:
- yum install freeradius2.i386
- yum install freeradius2-mysql.i386
- yum install freeradius2-utils.i386
二、安装mysql,系统安装时已安装好:
- yum list |grep mysql
- mysql.i386 5.0.77-3.el5 installed
- mysql-connector-odbc.i386 3.51.26r1127-1.el5 installed
- mysql-server.i386 5.0.77-3.el5 installed
三、安装后即可启动radiusd,如启动异常,可查看“
/var/log/radius/radius.log”日志排错。编辑“
/etc/raddb/users”文件,将steve前面的#号注释去掉,以便进行测试:
如果程序正常运行,最后三行如下
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
- # radtest steve testing localhost 1812 testing123
最后的testing123是在/etc/raddb/中定义的localhost的密码。
如果结果中出现Access-Accept,说明安装成功。
测试完成后将steve用户再恢复原样,即加上#注释。
四、Radius与Mysql关联。
a.启用mysql服务:
b.创建radius数据库:
- #mysql -u root -p //默认没有密码
- mysql>create database radius;
- mysql>exit;
c.导入mysql数据库:
- # mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sql
- # mysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql
- # mysql -u root -p radius < /etc/raddb/sql/mysql/ippool.sql
- # mysql -u root -p radius < /etc/raddb/sql/mysql/wimax.sql
- # mysql -u root –p
- mysql>use radius
mysql> GRANT SELECT ON radius.* TO 'radius'@'localhost' IDENTIFIED BY 'radpass';
mysql> GRANT ALL on radius.radacct TO 'radius'@'localhost';
mysql> GRANT ALL on radius.radpostauth TO 'radius'@'localhost';
d.加入组信息:
- mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');
- mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type','=','Framed-User');
- mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask','=','255.255.255.255');
- mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0');
e.
加入用户信息:- mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('stein', 'Password', 'stein');
f.把用户加到组里
- mysql> insert into radusergroup(username,groupname) values('stein','user');
- mysql> select * from radcheck where UserName='stein';
g.修改mysql root密码:
- mysqladmin -u root -p password Abcd-1234
五、修改配置文件:
/etc/raddb/sql.conf:
- server = "localhost"
- login = "root"
- password = "Abcd-1234"
/etc/raddb/client.conf:
- client 10.11.3.0/24 {
- secret = core
- shortname =core1
- nastype = core1
- }
- client 10.11.3.200 {
- ipaddr = 10.11.3.200
- secret = core
- shortname =core2
- nastype = core2
- }
/etc/raddb/sites-available/default:
/etc/raddb/sites-available/inner-tunnel:
- authorize {
- ..
- ..
- sql //去掉前面的注释#
- #files //前面加上注释#,一定要加
- }
- preacct {
- ..
- # files //前面加上注释#,一定要加
- }
- accounting {
- ...
- sql //去掉前面的注释#
- }
六、配置完成,用mysql帐号进行测试:
- #radiusd -Xx
- #radtest stein stein localhost 1812 testing123
出现Access-Accept,说明成功。
在windows OS中,802.1x连线需要进行设定,不在此讨论。Android中会自动弹出认证窗口,输入mysql建立的帐号密码即可进行验证连接。
网友参考文档:
阅读(4750) | 评论(0) | 转发(0) |