.Download
freeradius软件!
2.安装mysql数据库
建议Ubuntu下用“新立得软件包管理器”安装mysql
5.0,需先安装mysql数据库,因为freeradius会查找相关库文件。
3.安装freeradius
root@ns:/software#
cd /software/
root@ns:/software# ls
free*
freeradius-server-2.0.5.tar.gz
root@ns:/software# tar -zxvf
freeradius-server-2.0.5.tar.gz
root@ns:/software# ls
free*
freeradius-server-2.0.5.tar.gz
freeradius-server-2.0.5
root@ns:/software#
cd freeradius-server-2.0.5
root@ns:/software/freeradius-server-2.0.5#
./configure
root@ns:/software/freeradius-server-2.0.5#make
root@ns:/software/freeradius-server-2.0.5#make
install
4.测试freeradius是否正常安装!
root@ns:/software/freeradius-server-2.0.5#
radiusd -X
Listening on authentication address * port 1812
Listening on
accounting address * port 1813
Listening on proxy address * port
1814
Ready to process
requests.
出现以上信息证明freeradius安装正常!
5.配置数据库
root@ns:/etc#
root@ns:/etc# cd
/usr/local/etc/raddb/sql/mysql
root@ns:/usr/local/etc/raddb/sql/mysql#
root@ns:/usr/local/etc/raddb/sql/mysql# ls
admin.sql counter.conf
dialup.conf ippool.conf ippool.sql nas.sql
schema.sql
root@ns:/usr/local/etc/raddb/sql/mysql#
root@ns:/usr/local/etc/raddb/sql/mysql# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL
connection id is 11
Server version: 5.0.51a-3ubuntu5.2 (Ubuntu)
Type
'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> create
database radius;
Query OK, 1 row affected (0.02 sec)
mysql> show
databases;
+--------------------+
| Database
|
+--------------------+
| information_schema |
| mysql |
| radius |
+--------------------+
4 rows in set (0.00
sec)
mysql>
exit
root@ns:/usr/local/etc/raddb/sql/mysql#
root@ns:/usr/local/etc/raddb/sql/mysql#
mysql -uroot -p radiusroot@ns:/usr/local/etc/raddb/sql/mysql#
mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands
end with ; or \g.
Your MySQL connection id is 11
Server version:
5.0.51a-3ubuntu5.2 (Ubuntu)
Type 'help;' or '\h' for help. Type '\c' to
clear the buffer.
mysql> use radius;
mysql> insert into
radgroupreply (groupname,attribute,op,value)
values ('user','Auth-Type',':=','Local');
mysql>
insert into radgroupreply (groupname,attribute,op,value)
values
('user','Service-Type','=','Framed-User');
mysql> insert into radgroupreply (groupname,attribute,op,value)
values
('user','Framed-IP-Netmask','=','255.255.255.255');
mysql> insert into
radgroupcheck (groupname, attribute, op, value) values ("user", "Auth-Type", ":=", "Local");
mysql>
insert into
radcheck (username,attribute,op,value)
values ('test-user1','User-Password','==','test-passwd1');
mysql>
insert into radusergroup(username,groupname) values('test-user1','user');
insert
into radgroupreply (groupname,attribute,op,value) values
('user','Auth-Type',':=','Local');
insert into radgroupreply
(groupname,attribute,op,value) values
('user','Service-Type',':=','Framed-User');
insert into radgroupreply
(groupname,attribute,op,value) values
('user','Framed-IP-Address',':=','255.255.255.254');
insert into
radgroupreply (groupname,attribute,op,value) values
('user','Framed-IP-Netmask',':=','255.255.255.0');
6.测试freeradius与mysql是否正常运行
(1)打开一个终端,运行radiusd
-X
root@ns:/etc# radiusd -X
radiusd: #### Opening IP addresses and Ports
####
listen {
type = "auth"
ipaddr = *
port =
0
}
listen {
type = "acct"
ipaddr = *
port =
0
}
Listening on authentication address * port 1812
Listening on
accounting address * port 1813
Listening on proxy address * port
1814
Ready to process requests.
(2)新开一个终端用mysql数据库中的用户去测试
root@ns:/etc#
radtest 'test-user1
test-password1 127.0.0.1 0 mysql
Sending Access-Request of id 26 to 127.0.0.1
port 1812
User-Name = "test-user1"
User-Password =
"test-password"
NAS-IP-Address = 127.0.0.1
NAS-Port =
0
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=26,
length=20
root@ns:/etc#
从以上信息可以看出,freeradius与mysql的联动已经成功!
freeradius与mysql安装并调试好之后,就要和设备联动,例如VPN帐号的论证可以通过freeradius服务器认证,只需要在设备上配置AAA认证使用radius服务器认证,选项有:
freeradius
server ip、freeradius server port(authentication默认1276)、secret password。
最后测试!
阅读(1113) | 评论(0) | 转发(0) |