Freeradius 验证服务器 安装
# yum install freeradius freeradius-mysql freeradius-utils
# vim /etc/raddb/clients.conf
secret = testing123 \\ [secret key] 重要 测试的时候使用
client all {
ipaddr = 0.0.0.0/0 \\ 配置 监听的 地址
secret = test123 \\ 配置 密码
require_message_authenticator = no
}
# vim /etc/raddb/users \\ 仅仅为 测试用户为 steve 测试用户名密码 为test123
steve Cleartext-Password := "test123"
Service-Type = Framed-User,
Framed-Protocol = PPP, \\ 验证类型
Framed-IP-Address = 127.0.0.1,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP
# radiusd -X \\ 测试 调试模式 可以看到报错等信息
# radtest steve test123 localhost 1812 testing123 \\ 测试 radtest [账号] [密码] [地址] [端口] [secret key]:
Received Access-Accept \\ 新开窗口 有此返回说明成功
# systemctl restart radiusd
# systemctl status radiusd
# ss -unl \\ 1812 1813被监听 需防火墙放行
# systemctl stop radiusd
Freeradius 连接 数据库
# cd /etc/raddb/mods-config/sql/main/mysql/
# mysql -uroot -p
CREATE DATABASE radius;
GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "123456";
use radius
source schema.sql
INSERT INTO radcheck (UserName, Attribute, op, Value)VALUES ('user1', 'Cleartext-Password',':=', 'password1');
flush privileges; \\ 创建 测试 用户
# cd /etc/raddb/mods-enabled/
# ln -s ../mods-available/sql ./ \\ 相当于在Freeradius开启sql功能模块
# vim /etc/raddb/mods-available/sql
driver = "rlm_sql_mysql"
dialect = "mysql"
server = "127.0.0.1"
port = 3306
login = "radius" \\ 用户名
password = "123456" \\ 数据库密码
radius_db = "radius" \\ 认证数据库
read_clients = yes \\ 允许radius读取数据库里面的nas信息
client_table = "nas" \\ 指定存储nas信息的表
# radiusd -X
# radtest user1 password1 localhost 1812 testing123
Received Access-Accept \\ 新开窗口 有此返回说明成功
