freeradius+mysql+交换机认证
2016-03-18 17:43
579 查看
一、关闭防火墙和Selinux
[root@master raddb]# service iptables stop
[root@master raddb]# vim /etc/selinux/config
SELINUX=disabled
二、安装freedius
[root@master raddb]#yum install freeradius* -y
三、需要安装mysql
(1)创建数据库:creat database radius;
(2)登陆mysql,use radius
导入两个表:
mysql> source /etc/raddb/sql/mysql/schema.sql
mysql> source /etc/raddb/sql/mysql/nas.sql
(3)启用sql认证
[root@master sites-enabled]# vim /etc/raddb/sites-enabled/default
把authorize{} 、accounting {}中的sql前面的#去掉,并把authorize{} 中的files前加#;
(4)修改与mysql数据库连接的配置文件
[root@master raddb]# vim /etc/raddb/sql.conf
database = "mysql"
#
# Which FreeRADIUS driver to use.
#
driver = "rlm_sql_${database}"
# Connection info:
server = "localhost"
#port = 3306
login = "root"
password = "111111"
# Database table configuration for everything except Oracle
radius_db = "radius"
(5)修改客户端配置信息
client 127.0.0.1 {
secret = testing123
shortname = localhost
nastype = other
}
client 192.168.11.254 {
# # secret and password are mapped through the "secrets" file.
secret = testing123
shortname = liv1
# # the following three fields are optional, but may be used by
# # checkrad.pl for simultaneous usage checks
nastype = livingston
login = xxxxxxx
password = xxxxxxx
}
(6)修改radius配置文件
/usr/local/etc/raddb/radiusd.conf
modules {}
一定要取消这一行的注释: $INCLUDE sql.conf
(7)重新运行radiusd -X会出现如下问题。 yum -y install mysql-devel
四、数据库操作
mysql> use radius;
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed-User');
建立用户信息:
mysql> insert into radcheck (username,attribute,op,value) values ('xxxxx','User-Password',':=','xxxxxxx');
mysql> insert into radusergroup (username,groupname) values ('xxxx','user');
五、开始测试
#radiusd -X
pkill radiusd
要重新开一个shell终端来执行下面的命令
#radtest test test localhost 0 testing123
六、交换机配置:
radius scheme xxxx
server-type extended
primary authentication 192.168.11.34
domain xxxxx
authentication login radius-scheme xxxxxx
access-limit disable
state active
idle-cut disable
self-service-url disable
domain default enable xxxxxxx
本文出自 “山猫” 博客,谢绝转载!
[root@master raddb]# service iptables stop
[root@master raddb]# vim /etc/selinux/config
SELINUX=disabled
二、安装freedius
[root@master raddb]#yum install freeradius* -y
三、需要安装mysql
(1)创建数据库:creat database radius;
(2)登陆mysql,use radius
导入两个表:
mysql> source /etc/raddb/sql/mysql/schema.sql
mysql> source /etc/raddb/sql/mysql/nas.sql
(3)启用sql认证
[root@master sites-enabled]# vim /etc/raddb/sites-enabled/default
把authorize{} 、accounting {}中的sql前面的#去掉,并把authorize{} 中的files前加#;
(4)修改与mysql数据库连接的配置文件
[root@master raddb]# vim /etc/raddb/sql.conf
database = "mysql"
#
# Which FreeRADIUS driver to use.
#
driver = "rlm_sql_${database}"
# Connection info:
server = "localhost"
#port = 3306
login = "root"
password = "111111"
# Database table configuration for everything except Oracle
radius_db = "radius"
(5)修改客户端配置信息
client 127.0.0.1 {
secret = testing123
shortname = localhost
nastype = other
}
client 192.168.11.254 {
# # secret and password are mapped through the "secrets" file.
secret = testing123
shortname = liv1
# # the following three fields are optional, but may be used by
# # checkrad.pl for simultaneous usage checks
nastype = livingston
login = xxxxxxx
password = xxxxxxx
}
(6)修改radius配置文件
/usr/local/etc/raddb/radiusd.conf
modules {}
一定要取消这一行的注释: $INCLUDE sql.conf
(7)重新运行radiusd -X会出现如下问题。 yum -y install mysql-devel
四、数据库操作
mysql> use radius;
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed-User');
建立用户信息:
mysql> insert into radcheck (username,attribute,op,value) values ('xxxxx','User-Password',':=','xxxxxxx');
mysql> insert into radusergroup (username,groupname) values ('xxxx','user');
五、开始测试
#radiusd -X
pkill radiusd
要重新开一个shell终端来执行下面的命令
#radtest test test localhost 0 testing123
六、交换机配置:
radius scheme xxxx
server-type extended
primary authentication 192.168.11.34
domain xxxxx
authentication login radius-scheme xxxxxx
access-limit disable
state active
idle-cut disable
self-service-url disable
domain default enable xxxxxxx
本文出自 “山猫” 博客,谢绝转载!
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- entityframework.extended 配置mysql
- mysql 5.6版本免验证密码方式登陆
- win7下安装mysql
- linux下c mysql编程函数总结2
- linux下CMYSQL编程1
- mysql-5.6免安装版配置指南
- mysql数据类型区别
- 升级 MySql 支持 emoji 表情 与 utf8mb4
- MYSQL select时锁定记录问题
- 20+条MySQL性能优化的最佳经验
- Mysql中文乱码解决方案
- mysql5.5更换配置文件my.ini后无法登录
- mysql中二进制形式保存文件数据
- mysql分表的3种方法
- MySQL多实例介绍及安装
- MySQL基本操作总结
- MySQL常见错误代码及代码说明:
- Mysqldump总结
- 【技术分享】【mysql】ubuntu14.04下 mysql5.6源码安装
- mysql数据库备份脚本