Linux RadHat 企业版 5.0 + freeradius-client-1.1.6 + freeradius-server-2.1.10
 |
| 文件: |
freeradius-client-1.1.6.tar.bz2 |
| 大小: |
290KB |
| 下载: |
下载 | |
|
| 文件: |
freeradius-server-2.1.10.tar.bz2 |
| 大小: |
2485KB |
| 下载: |
下载 | |
freeradius-client-1.1.6 安装
(1)安装非常简单,和普通软件相同都是下面三步:
|
./configure
make
make install
|
(2)编译后生成的可执行程序
|
/usr/local/sbin/
|-- sbin
|-- radacct 发送计费包
|-- radembedded 生成配置文件
|-- radexample 发送鉴权包
|-- radiusclient 发送鉴权包
|-- radlogin 发送鉴权包
`-- radstatus 查看服务器状态
|
(3)配置文件目录
|
/usr/local/etc/radiusclient
|-- radiusclient
|-- dictionary 属性字典
|-- dictionary.ascend
|-- dictionary.compat
|-- dictionary.merit
|-- dictionary.sip
|-- issue
|-- port-id-map
|-- radiusclient.conf 客户端的配置文件
`-- servers 服务器配置文件
|
freeradius-client-1.1.6 配置
(1)/usr/local/etc/radiusclient/radiusclient.conf
|
#鉴权顺序
auth_order radius,local
#login 登陆次数
login_tries 1
#超时时间,单位:秒
login_timeout 5
nologin /etc/nologin
issue /usr/local/etc/radiusclient/issue
#鉴权服务器IP或name,也可以加上端口、共享口令,例:localhost:1812:testing
authserver localhost
#计费服务器IP或name
acctserver localhost
服务器共享口令文件路径
servers /usr/local/etc/radiusclient/servers
dictionary /usr/local/etc/radiusclient/dictionary
login_radius /usr/local/sbin/login.radius
seqfile /var/run/radius.seq
mapfile /usr/local/etc/radiusclient/port-id-map
#默认域名
default_realm
#radius 登陆超时时间,单位:秒
radius_timeout 5
#radius 登陆次数
radius_retries 1
radius_deadtime 0
bindaddr *
#本地登陆 程序
login_local /bin/login
|
(2)/usr/local/etc/radiusclient/servers
freeradius-server-2.1.10 简单安装和配置(为测试client)
(1)安装
|
./configure
make
make install
|
(2)/usr/local/etc/raddb/user (用户名:jj 口令:jj)
|
jj Cleartext-Password := "jj"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 192.168.2.179,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
|
(3)/usr/local/etc/raddb/clients.conf
|
client localhost {
#共享口令
secret = testing123
shortname = private-network
}
|
测试结果:
|
运行radius服务器
[root@localhost freeradius-client-1.1.6]# radiusd -X
测试客户端
[root@localhost freeradius-client-1.1.6]# radlogin
($Id: radlogin.c,v 1.9 2008/01/09 07:04:18 sobomax Exp $)
-----------------------------------------------------
Linux 2.6.18-164.el5 (localhost.localdomain) (port 0)
-----------------------------------------------------
login: jj
Password:
RADIUS: Authentication OK
This is the dummy login.radius script. If you want that this script
does something useful you'll have to replace it.
The following RADIUS environment variables are set:
RADIUS_FILTER_ID=std.ppp
RADIUS_FRAMED_COMPRESSION=Van-Jacobson-TCP-IP
RADIUS_FRAMED_IP_ADDRESS=192.168.2.179
RADIUS_FRAMED_IP_NETMASK=255.255.255.0
RADIUS_FRAMED_MTU=1500
RADIUS_FRAMED_PROTOCOL=PPP
RADIUS_FRAMED_ROUTING=Broadcast-Listen
RADIUS_SERVICE_TYPE=Framed-User
RADIUS_USER_NAME=jj
Bye, bye.
|
|
[root@localhost freeradius-client-1.1.6]# radexample
login: jj
Password:
"jj" RADIUS Authentication OK
|
|
[root@localhost freeradius-client-1.1.6]# radacct(回车)
User-Name=jj
Password=jj
Acct-Status-Type=7 (按Ctrl+D)
RADIUS accounting OK
|
阅读(7986) | 评论(1) | 转发(2) |
