Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1567588
  • 博文数量: 237
  • 博客积分: 5139
  • 博客等级: 大校
  • 技术积分: 2751
  • 用 户 组: 普通用户
  • 注册时间: 2008-11-18 14:48
文章分类

全部博文(237)

文章存档

2016年(1)

2012年(4)

2011年(120)

2010年(36)

2009年(64)

2008年(12)

分类: LINUX

2009-04-03 10:38:48

.Download freeradius软件!


2.安装mysql数据库
建议Ubuntu下用“新立得软件包管理器”安装mysql 5.0,需先安装mysql数据库,因为freeradius会查找相关库文件。

3.安装freeradius
root@ns:/software# cd /software/
root@ns:/software# ls free*
freeradius-server-2.0.5.tar.gz
root@ns:/software# tar -zxvf freeradius-server-2.0.5.tar.gz
root@ns:/software# ls free*
freeradius-server-2.0.5.tar.gz
freeradius-server-2.0.5
root@ns:/software# cd freeradius-server-2.0.5
root@ns:/software/freeradius-server-2.0.5# ./configure
root@ns:/software/freeradius-server-2.0.5#make
root@ns:/software/freeradius-server-2.0.5#make install

4.测试freeradius是否正常安装!
root@ns:/software/freeradius-server-2.0.5# radiusd -X
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
出现以上信息证明freeradius安装正常!

5.配置数据库
root@ns:/etc#
root@ns:/etc# cd /usr/local/etc/raddb/sql/mysql
root@ns:/usr/local/etc/raddb/sql/mysql#
root@ns:/usr/local/etc/raddb/sql/mysql# ls
admin.sql counter.conf dialup.conf ippool.conf ippool.sql nas.sql schema.sql
root@ns:/usr/local/etc/raddb/sql/mysql#
root@ns:/usr/local/etc/raddb/sql/mysql# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.0.51a-3ubuntu5.2 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> create database radius;
Query OK, 1 row affected (0.02 sec)

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| radius             |
+--------------------+
4 rows in set (0.00 sec)

mysql> exit
root@ns:/usr/local/etc/raddb/sql/mysql#
root@ns:/usr/local/etc/raddb/sql/mysql# mysql -uroot -p radiusroot@ns:/usr/local/etc/raddb/sql/mysql# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 11
Server version: 5.0.51a-3ubuntu5.2 (Ubuntu)

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> use radius;
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type','=','Framed-User');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask','=','255.255.255.255');
mysql> insert into radgroupcheck (groupname, attribute, op, value) values ("user", "Auth-Type", ":=", "Local");
mysql> insert
into radcheck (username,attribute,op,value) values ('test-user1','User-Password','==','test-passwd1');

mysql> insert into radusergroup(username,groupname) values('test-user1','user');

insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');
insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed-User');
insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Address',':=','255.255.255.254');
insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0');

6.测试freeradius与mysql是否正常运行
(1)打开一个终端,运行radiusd -X
root@ns:/etc# radiusd -X
radiusd: #### Opening IP addresses and Ports ####
listen {
    type = "auth"
    ipaddr = *
    port = 0
}
listen {
    type = "acct"
    ipaddr = *
    port = 0
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
(2)新开一个终端用mysql数据库中的用户去测试
root@ns:/etc# radtest 'test-user1 test-password1 127.0.0.1 0 mysql
Sending Access-Request of id 26 to 127.0.0.1 port 1812
        User-Name = "test-user1"
        User-Password = "test-password"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=26, length=20
root@ns:/etc#
从以上信息可以看出,freeradius与mysql的联动已经成功!

freeradius与mysql安装并调试好之后,就要和设备联动,例如VPN帐号的论证可以通过freeradius服务器认证,只需要在设备上配置AAA认证使用radius服务器认证,选项有:
freeradius server ip、freeradius server port(authentication默认1276)、secret password。
最后测试!
阅读(1124) | 评论(0) | 转发(0) |
0

上一篇:CA简介

下一篇:The OpenWrt build environment

给主人留下些什么吧!~~