平臺centos6.5 x86_64

1，安裝源并更新

rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

yum update -y

2，安裝相關庫

yum -y install wget expat-devel gcc make gmp-devel gmp pkgconfig perl libpcap gcc-c++ logrotate tar cpio gawk flex bison bison-devel lsof libpcap-devel patch openssl openssl-devel libgcrypt* crypt* autoconf automake libtasn1-devel zlib zlib-devel trousers trousers-devel texinfo libnl-devel libnl dbus dbus-devel ncurses-devel readline-devel libtool-ltdl libtalloc* hiredis* redhat-lsb python

3，安裝Mysql

rpm -Uvh http://dev.mysql.com/get/mysql-community-release-el6-5.noarch.rpm

yum install -y mysql-community-server mysql-devel

chkconfig mysqld on

service mysqld start

mysql_secure_installation設置root密碼、移除test數據庫

4，編譯安裝freeradius

wget ftp://ftp.freeradius.org/pub/freeradius/freeradius-server-2.2.9.tar.gz

tar zxvf freeradius-server-2.2.9.tar.gz

cd freeradius-server-2.2.9

./configure

make && make install

5，測試

vi /usr/local/etc/raddb/users

找到這一行

#steve Cleartext-Password:="testing"

將前面的#去掉

steve ? Cleartext-Password := "testing"

Service-Type = Framed-User,

Framed-Protocol = PPP,

Framed-IP-Address = 172.16.3.33,

Framed-IP-Netmask = 255.255.255.0,

Framed-Routing = Broadcast-Listen,

Framed-Filter-Id = "std.ppp",

Framed-MTU = 1500,

Framed-Compression = Van-Jacobsen-TCP-IP

調試模式命令：

radiusd -X

提示Refusing to start with libssl version OpenSSL 1.0.1e-fips

vi /usr/local/etc/raddb/radiusd.conf

找到allow_vulnerable_openssl = no,修改成allow_vulnerable_openssl = yes

再次啟動radiusd -X 最后顯示Ready to process requests.說明服務成功啟動

新打開一個終端

終端輸入命令：radtest steve testing localhost 0 testing123

獲得結果：

Sent Access-Request Id 50 from 0.0.0.0:34461 to 127.0.0.1:1812 length 75

User-Name = "steve"

User-Password = "testing"

NAS-IP-Address = 106.186.116.69

NAS-Port = 0

Message-Authenticator = 0x00

Cleartext-Password = "testing"

Received Access-Accept Id 50 from 127.0.0.1:1812 to 0.0.0.0:0 length 71

Service-Type = Framed-User

Framed-Protocol = PPP

Framed-IP-Address = 172.16.3.33

Framed-IP-Netmask = 255.255.255.0

Framed-Routing = Broadcast-Listen

Filter-Id = "std.ppp"

Framed-MTU = 1500

Framed-Compression = Van-Jacobson-TCP-IP

accept！貌似成了

6，讓radius和mysql融合

vi /usr/local/etc/raddb/radiusd.conf

$INCLUDE ?sql.conf 去掉該行注釋

vi /usr/local/etc/raddb/sql.conf 定義連接數據庫用戶名和密碼

database = "mysql"

login = "radius"

password = "radpass"

vi /usr/local/etc/raddb/sites-available/default

將authorize，accounting，session，post_auth段的sql關鍵字前的注釋去掉，如：

post-auth {

....

sql

....

Post-Auth-Type REJECT {

# Login failed: log to SQL database.

sql

}

}

輸入mysql -u root -p，輸入密碼

1)建立數據庫并導入radius數據結構

mysql>create database radius;

mysql>grant all on radius.* to 'radius'@'localhost' identified by 'radpass';

mysql>flush privileges;

# mysql -u root -p radius < /usr/local/etc/raddb/sql/mysql/schema.sql

# mysql -u root -p radius < /usr/local/etc/raddb/sql/mysql/nas.sql

# mysql -u root -p radius < /usr/local/etc/raddb/sql/mysql/ippool.sql

# mysql -u root -p radius < /usr/local/etc/raddb/sql/mysql/wimax.sql

2)建立組(在此新建組名稱為user)

mysql>use radius;

mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');

mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed-User');

mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Address',':=','255.255.255.255');

mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0');

3)建立用戶(在此新建用戶名為test，密碼為testpwd)

mysql>insert into radcheck (username,attribute,op,value) values ('test','Cleartext-Password',':=','testpwd');

4)將用戶加入組中：

mysql>insert into radusergroup (username,groupname) values ('test','user');

mysql>exit

測試：radiusd -X，在另一終端執行radtest test testpwd localhost 1812 testing123

獲得結果

Sending Access-Request of id 247 to 127.0.0.1 port 1812

User-Name = "test"

User-Password = "testpwd"

NAS-IP-Address = 127.0.0.1

NAS-Port = 1812

Message-Authenticator = 0x00000000000000000000000000000000

rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=247, length=38

Service-Type = Framed-User

Framed-IP-Address = 255.255.255.255

Framed-IP-Netmask = 255.255.255.0

Accept！說明成了。

接下來加需要認證的服務器，比如

vi /usr/local/etc/raddb/clients.conf

[root@localhost raddb]# vi clients.conf

追加

client 192.168.10.8{

secret ? ? ? ? ?= testing123(認證的密鑰)

shortname ? ? ? = jp01

}

認證去吧。。。^_^

總結

以上是生活随笔為你收集整理的centos radius mysql_centos6.5下安装freeradius2.2.9+mysql的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。