Linux RadHat 企业版 5.0 + freeradius-client-1.1.6 + freeradius-server-2.1.10
|
文件: |
freeradius-client-1.1.6.tar.bz2 |
大小: |
290KB |
下载: |
下载 | |
|
文件: |
freeradius-server-2.1.10.tar.bz2 |
大小: |
2485KB |
下载: |
下载 | |
freeradius-client-1.1.6 安装
(1)安装非常简单,和普通软件相同都是下面三步:
./configure
make make install
|
(2)编译后生成的可执行程序
/usr/local/sbin/ |-- sbin |-- radacct 发送计费包 |-- radembedded 生成配置文件 |-- radexample 发送鉴权包 |-- radiusclient 发送鉴权包 |-- radlogin 发送鉴权包 `-- radstatus 查看服务器状态
|
(3)配置文件目录
/usr/local/etc/radiusclient |-- radiusclient |-- dictionary 属性字典 |-- dictionary.ascend |-- dictionary.compat |-- dictionary.merit |-- dictionary.sip |-- issue |-- port-id-map |-- radiusclient.conf 客户端的配置文件 `-- servers 服务器配置文件
|
freeradius-client-1.1.6 配置
(1)/usr/local/etc/radiusclient/radiusclient.conf
#鉴权顺序 auth_order radius,local
#login 登陆次数 login_tries 1
#超时时间,单位:秒 login_timeout 5
nologin /etc/nologin
issue /usr/local/etc/radiusclient/issue
#鉴权服务器IP或name,也可以加上端口、共享口令,例:localhost:1812:testing authserver localhost
#计费服务器IP或name acctserver localhost
服务器共享口令文件路径 servers /usr/local/etc/radiusclient/servers
dictionary /usr/local/etc/radiusclient/dictionary
login_radius /usr/local/sbin/login.radius
seqfile /var/run/radius.seq
mapfile /usr/local/etc/radiusclient/port-id-map
#默认域名 default_realm
#radius 登陆超时时间,单位:秒 radius_timeout 5
#radius 登陆次数 radius_retries 1
radius_deadtime 0
bindaddr * #本地登陆 程序 login_local /bin/login
|
(2)/usr/local/etc/radiusclient/servers
freeradius-server-2.1.10 简单安装和配置(为测试client)
(1)安装
./configure make make install
|
(2)/usr/local/etc/raddb/user (用户名:jj 口令:jj)
jj Cleartext-Password := "jj" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 192.168.2.179, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP
|
(3)/usr/local/etc/raddb/clients.conf
client localhost {
#共享口令 secret = testing123 shortname = private-network }
|
测试结果:
运行radius服务器 [root@localhost freeradius-client-1.1.6]# radiusd -X 测试客户端 [root@localhost freeradius-client-1.1.6]# radlogin ($Id: radlogin.c,v 1.9 2008/01/09 07:04:18 sobomax Exp $) ----------------------------------------------------- Linux 2.6.18-164.el5 (localhost.localdomain) (port 0) -----------------------------------------------------
login: jj Password: RADIUS: Authentication OK This is the dummy login.radius script. If you want that this script does something useful you'll have to replace it.
The following RADIUS environment variables are set: RADIUS_FILTER_ID=std.ppp RADIUS_FRAMED_COMPRESSION=Van-Jacobson-TCP-IP RADIUS_FRAMED_IP_ADDRESS=192.168.2.179 RADIUS_FRAMED_IP_NETMASK=255.255.255.0 RADIUS_FRAMED_MTU=1500 RADIUS_FRAMED_PROTOCOL=PPP RADIUS_FRAMED_ROUTING=Broadcast-Listen RADIUS_SERVICE_TYPE=Framed-User RADIUS_USER_NAME=jj
Bye, bye.
|
[root@localhost freeradius-client-1.1.6]# radexample login: jj Password: "jj" RADIUS Authentication OK
|
[root@localhost freeradius-client-1.1.6]# radacct(回车) User-Name=jj Password=jj Acct-Status-Type=7 (按Ctrl+D) RADIUS accounting OK
|
阅读(7998) | 评论(1) | 转发(2) |