centos freeradius mysql_CentOS 5.7安装FreeRADIUS 1.1.3+MySQL 5.0.77结合RouteOS
一、安装FreeRadius 和 MySQL
[root@radius ~]# yum install freeradius2 freeradius2-mysql freeradius2-utils
[root@radius ~]# yum install mysql mysql-server
二、开启MySQL和Radius服务
[root@radius ~]# service mysqld start
[root@radius ~]# radiusd –X
[root@radius ~]# service radiusd start
三、设置服务开机启动
[root@radius ~]# chkconfig mysqld --level 2345 on
[root@radius ~]# chkconfig radiusd --level 2345 on
四、做个简单的测试(可选操作)
①定义一个radius客户端ip
[root@radius ~]# vim /etc/raddb/clients.conf
删除原来的所有
配置示例:
client localhost {
ipaddr = 127.0.0.1
secret = testing123
require_message_authenticator = no
nastype = other
}
②定义一个用户和密码
[root@radius ~]# vim /etc/raddb/users
在第一行添加
配置示例:
testing Cleartext-Password := "password"
③以调试模式开启radius
[root@radius ~]# radiusd –X
状态如下:
Ready to process requests.
④测试服务是否正常
[root@radius ~]# radtest testing password localhost 0 testing123
返回结果(关键是返回Access-Accept)示例:
Sending Access-Request of id 152 to 127.0.0.1 port 1812
User-Name = "testing"
User-Password = "password"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=152, length=20
五、创建一个MySQL数据库
[root@radius ~]# mysql -uroot –p
mysql> CREATE DATABASE radius;
mysql> GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radpass";
mysql> exit
[root@radius ~]# cd /etc/raddb/sql/mysql/
[root@radius mysql]# mysql -uroot -p radius < schema.sql
六、检查一下是否创建成功
[root@radius mysql]# mysql -uroot -p
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| radius |
| test |
+--------------------+
4 rows in set (0.03 sec)
mysql> use radius
mysql> show tables;
+------------------+
| Tables_in_radius |
+------------------+
| radacct |
| radcheck |
| radgroupcheck |
| radgroupreply |
| radpostauth |
| radreply |
| radusergroup |
+------------------+
7 rows in set (0.00 sec)
七、配置FreeRadius使用SQL
[root@radius ~]# vim /etc/raddb/sql.conf
示例:
sql {
database = "mysql"
driver = "rlm_sql_${database}"
server = "localhost"
login = "radius"
password = "radpass"
radius_db = "radius"
acct_table1 = "radacct"
acct_table2 = "radacct"
postauth_table = "radpostauth"
authcheck_table = "radcheck"
authreply_table = "radreply"
groupcheck_table = "radgroupcheck"
groupreply_table = "radgroupreply"
usergroup_table = "radusergroup"
deletestalesessions = yes
sqltrace = no
sqltracefile = ${logdir}/sqltrace.sql
num_sql_socks = 5
connect_failure_retry_delay = 60
lifetime = 0
max_queries = 0
nas_table = "nas"
$INCLUDE sql/${database}/dialup.conf
}
[root@radius ~]# vim /etc/raddb/radiusd.conf
找到:
$INCLUDE sql.conf
去掉注释
以下区段需要注释掉files,去掉sql前的注释(没有则不需要)
[root@radius ~]# vim /etc/raddb/sites-available/default
authorize{}
accounting{}
session{}
post-auth{}
[root@radius ~]# vim /etc/raddb/sites-available/inner-tunnel
authorize {}
八、创建测试数据
①创建用户组[radgroupcheck]
②创建用户密码[radcheck]
③创建用户应答属性[radreply]
④创建组应答属性[radgroupreply]
下面是一个示例:
这个例子包含三个用户fredf,barney,dialrouter
fredf由NAS(网络接入服务器)动态分配ip
barney分配一个静态的ip
dialrouter表示的是一个典型的拨号路由
mysql> select * from radcheck;
+----+----------------+--------------------+------------------+------+
| id | UserName | Attribute | Value | Op |
+----+----------------+--------------------+------------------+------+
| 1 | fredf | Cleartext-Password | wilma | := |
| 2 | barney | Cleartext-Password | betty | := |
| 2 | dialrouter | Cleartext-Password | dialup | := |
+----+----------------+--------------------+------------------+------+
3 rows in set (0.01 sec)
mysql> select * from radreply;
+----+------------+-------------------+---------------------------------+------+
| id | UserName | Attribute | Value | Op |
+----+------------+-------------------+---------------------------------+------+
| 1 | barney | Framed-IP-Address | 1.2.3.4 | := |
| 2 | dialrouter | Framed-IP-Address | 2.3.4.1 | := |
| 3 | dialrouter | Framed-IP-Netmask | 255.255.255.255 | := |
| 4 | dialrouter | Framed-Routing | Broadcast-Listen | := |
| 5 | dialrouter | Framed-Route | 2.3.4.0 255.255.255.248 | := |
| 6 | dialrouter | Idle-Timeout | 900 | := |
+----+------------+-------------------+---------------------------------+------+
6 rows in set (0.01 sec)
mysql> select * from radgroupreply;
+----+-----------+--------------------+---------------------+------+
| id | GroupName | Attribute | Value | Op |
+----+-----------+--------------------+---------------------+------+
| 34 | dynamic | Framed-Compression | Van-Jacobsen-TCP-IP | := |
| 33 | dynamic | Framed-Protocol | PPP | := |
| 32 | dynamic | Service-Type | Framed-User | := |
| 35 | dynamic | Framed-MTU | 1500 | := |
| 37 | static | Framed-Protocol | PPP | := |
| 38 | static | Service-Type | Framed-User | := |
| 39 | static | Framed-Compression | Van-Jacobsen-TCP-IP | := |
| 41 | netdial | Service-Type | Framed-User | := |
| 42 | netdial | Framed-Protocol | PPP | := |
+----+-----------+--------------------+---------------------+------+
12 rows in set (0.01 sec)
创建测试用户
INSERT INTO radcheck (username,attribute,op,value) VALUES ('dialrouter','Cleartext-Password',':=','dialup');
INSERT INTO radreply (username,attribute,op,value) VALUES ('dialrouter','Framed-IP-Address',':=','2.3.4.1');
INSERT INTO radreply (username,attribute,op,value) VALUES ('dialrouter','Framed-IP-Netmask',':=','255.255.255.255');
INSERT INTO radreply (username,attribute,op,value) VALUES ('dialrouter','Framed-Routing',':=','Broadcast-Listen');
INSERT INTO radreply (username,attribute,op,value) VALUES ('dialrouter','Framed-Route',':=','2.3.4.0 255.255.255.248');
INSERT INTO radreply (username,attribute,op,value) VALUES ('dialrouter','Idle-Timeout',':=','900');
INSERT INTO radgroupreply (groupname,attribute,op,value) VALUES ('netdial','Service-Type',':=','Framed-User');
INSERT INTO radgroupreply (groupname,attribute,op,value) VALUES ('netdial','Framed-Protocol',':=','PPP');
九、测试是否创建成功
[root@radius ~]# radiusd -X
[root@radius ~]# radtest dialrouter dialup localhost 1812 testing123
Sending Access-Request of id 148 to 127.0.0.1 port 1812
User-Name = "dialrouter"
User-Password = "dialup"
NAS-IP-Address = 127.0.0.1
NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=148, length=69
Framed-IP-Address = 2.3.4.1
Framed-IP-Netmask = 255.255.255.255
Framed-Routing = Broadcast-Listen
Framed-Route = "2.3.4.0 255.255.255.248"
Idle-Timeout = 900
十、配置RouteOS 使用radius认证
[root@radius ~]# vim /etc/raddb/clients.conf
client RouterOS {
ipaddr = 192.168.137.50
secret = 111
shortname = RouterOS
nastype = other
}
RouteOS的配置如下:
附上参考链接:
centos freeradius mysql_CentOS 5.7安装FreeRADIUS 1.1.3+MySQL 5.0.77结合RouteOS相关推荐
- centos php编译安装mysql_CentOS手动编译安装Apache、PHP、MySQL
64位CentOS 5.5手动安装lamp,要求curl.json.pdo_mysql.gd,记录如下. centos 5.4.5.5.5.6的内核都是2.6.18,都可以安装php 5.3. 卸载旧 ...
- centos yum mysql_CentOS 7 yum安装配置MySQL5.7教程
开放Linux的对外访问的端口3306 开启mysql的远程登录并不能完成远程登录操作,还需要开放Linux3306端口 在CentOS6.5中安装MySQL给出的命令一般是 /sbin/iptabl ...
- centos 程序 mysql_Centos 源码安装 MySQL
系统环境:Centos6.5 1.下载源码包 [monster@localhost download]$ wget http://mirrors.sohu.com/mysql/MySQL-5.5/my ...
- mysql 8.0.21 安装配置方法图文教程
一.下载 1.下载安装包 mysql下载路径 直接点击链接也可以下载:mysql 8.0.21 2.解压压缩包 解压到安装的目录: 3.在此目录下新建my.ini配置文件 1 2 3 4 5 6 7 ...
- Windows环境下MySQL 8.0 的安装、配置与卸载
MySQL官方下载地址 安装步骤 1.新建my.ini文件 文件位置:C:\ProgramFiles\MySQL\mysql-8.0.26-winx64\my.ini (这是我的安装目录,你们根据自己 ...
- window安装mysql默认密码忘记_window10 安装Mysql 8.0.17以及忘记密码重置密码
一.安装Mysql8.0.17 1:首先去官网下载安装包 下载地址:https://dev.mysql.com/downloads/mysql/ 2:将解压文件解压到你安装的目录:D:\mysql\m ...
- mysql 8.0.18安装,mysql 8.0.18 安装配置方法图文教程
mysql 8.0.18 安装配置方法图文教程 本文记录了mysql 8.0.18 安装配置图文教程,供大家参考,具体内容如下 第一步:下载MySql 下载地址:MySQL 第二步:安装MySql 打 ...
- mysql 8.0.22_最新版MySQL 8.0.22下载安装超详细教程(Windows 64位)
前言 前几天下载安装了最新版的MySQL 8.0.22,遇到了不少问题,参考了一些方法,最终得以解决.今天将自己的安装过程记录下来,希望对各位有所帮助. 一.MySQL 8.0.22官网下载 点击进入 ...
- mysql 42642 安装报错_1/5 MySQL入门总结:下载安装
MySQL.msi版本下载: www.mysql.com >DOWNLOADS >Windows >MySQL Installer >mysql-installer-commu ...
- mysql 8.0.12 解压版安装步骤
mysql 8.0.12 解压版安装步骤 最近看书刚好看到自动化测试框架搭建篇,需要使用python+mysql数据库做个数据驱动测试.电脑上的版本太低,准备安装一个最新的版本,记录下安装的过程. 安 ...
最新文章
- node.js 出现cannot find module ‘xxx‘ 解决办法
- 认识计算机系统反思,《认识计算机系统》教学反思
- 向流程组的所有成员发送信号的最佳方法是什么?
- Python -二维数组定义
- SQL盲注之时间注入
- ESP8266烧写时的各种参数设置
- mongoose换成mysql_Package - tms-koa
- 不合理的指标【转载】
- Python精通-Python学习路线详细介绍
- 量化感知训练_如何评估训练质量?常被训练者忽视的内部负荷
- 菜鸟心态综合症4:缺乏自信,总对自己说No
- Hadoop原理之——HDFS原理
- @media scree 手机移动端屏幕自适应
- 苹果Mac安装win10双系统
- Frps部署报错:cannot stat ‘frp_0.44.0_linux_amd64/frps‘: No such file or directory
- 请详细分析商品期货最近走势( 2016-11-29)
- XSS攻击和CSRF攻击及其区别
- L1 操作系统的启动
- 启明星辰产品解读_堡垒机
- 如何在2小时内用1块钱赚到100块钱?
热门文章
- html鼠标右键代码,Html鼠标右键菜单代码
- 用matlab的dsp软件仿真,基于MATLAB的DSP软件仿真
- 驱动精灵w8ndows xp sp2,惠普HP LaserJet 1020打印机驱动官方正式版下载,适用于winxp,winvista,win7,win8,win10-驱动精灵...
- 用什么软件测试电脑硬件的问题,新电脑检测软件-我买了新电脑,用什么软件测试比较好?最好还能看见自己详细配置的软 爱问知识人...
- Cesium中的primitive竖立流光飞线
- 教师使用计算机的能力提升,河南省中小学教师信息技术应用能力提升工程实效研究...
- uac2+android,iBasso UAC
- vue项目打包部署到服务器子目录二级目录。
- SWF怎么转FLV格式?
- 概率论 方差公式_2020考研数学:概率论核心考点与常见题型(上)