<rhel6+pptpd+freeradius+mysql>

Last Update:2016-05-02 Source: Internet

Author: User

Tags auth freeradius

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

This document to learn the experimental environment, the content of experimental results are all in the computer room calibration, all correct.

System environment: RHEL6 x86_64 SELinux and iptables disabled
Software Download: http://Poptop. SourceForge. Net/yum/stable/rhel 6/
Ftp://ftp.samba.org/pub/ppp

Installation Configuration pptpd
Echo 1 >/proc/sys/net/ipv4/ip_forward
Yum Install Ppp-y
RPM-IVH pptpd-1.3.4-2.el6.x86_64.rpm
Configuration file for pptpd/etc/pptpd.conf
Localip 192.168.0.1
remoteip192.168.0.234-238
LOCALIP:PPTPD server IP address, which can be set to any IP address bound by the server
REMOTEIP: Sets the range of Ip addresses that are available for assignment after a client connects to PPTPD server
Add test User/etc/ppp/chap-secrets
#client Server Secret IP addresses
Yakexi pptpd Westos *
Note: The server name must match the name set in/ETC/PPP/OPTIONS.PPTPD, otherwise the login
Validation cannot be passed
Service PPTPD Start
netstat-antlp|grep:1723
Now you can test it with Yakexi!
Installation Configuration Freeradius
Yum Install Freeradius Freeradius-mysql freeradius-utils-y
Tar zxf ppp-2.4.5.tar.gz
Mkdir/etc/radiusclient
CP ppp-2.4.5/pppd/plugins/radius/etc/*/etc/radiusclient
Cd/etc/radiusclient
Add the RADIUS server address and password in the servers file
localhost Westos
Modify the radiusclient.conf file to ensure that all radiusclient-related paths in this file are
Beginning with the/etc/radiusclient. For example:
Servers/usr/local/etc/radiusclient/servers
Modified to:
Servers/etc/radiusclient/servers
To modify/ETC/PPP/OPTIONS.PPTPD, add the following line:
Plugin/usr/lib64/pppd/2.4.5/radius.so
Cd/etc/raddb
Modify Clients.conf
Client localhost {
IPADDR = 127.0.0.1
Secret = Westos (consistent with settings in/etc/radiusclient/servers)
....
}
Support MySQL
Modify/etc/raddb/radius.conf
$INCLUDE sql.conf #去掉注释
Modify/etc/raddb/sites-available/default
Authorize {
#files
Sql
....
}
Accounting {
#radutmp
Sql
....
}
session{
#radutmp
Sql
}
Post-auth {
Sql
}
Modify/etc/raddb/sql.conf
SQL {
Database = "MySQL"
Driver = "Rlm_sql_mysql"
Server = "localhost"
Login = "radius"
Password = "Radpass"
radius_db = "radius"
....
}
Modify the/etc/raddb/sql/mysql/dialup.conf to remove the comment from the following line:
Simul_count_query = "SELECT count (*) \
From ${acct_table1} \
WHERE username = '%{sql-user-name} ' \
And Acctstoptime is NULL "
Yum install MySQL Mysql-server-y
Service mysqld Start
cd/etc/raddb/sql/mysql/
Mysqladmin Create Radius
MySQL Radius < Schema.sql
MySQL < Admin.sql
mysql> INSERT INTO radgroupreply (Groupname,attribute,op,value) values
(' User ', ' auth-type ', ': = ', ' Local ');
mysql> INSERT INTO radgroupreply (Groupname,attribute,op,value) values
(' User ', ' service-type ', ': = ', ' Framed-user ');
mysql> INSERT INTO radgroupreply (Groupname,attribute,op,value) values
(' User ', ' framed-ip-address ', ': = ', ' 255.255.255.254 ');
mysql> INSERT INTO radgroupreply (Groupname,attribute,op,value) values
(' User ', ' framed-ip-netmask ', ': = ', ' 255.255.255.0 ');
Mysql>insert into Radgroupcheck (groupname,attribute,op,value) values
(' User ', ' simultaneous-use ', ': = ', ' 1 '); (Limit one account can only be dialed once, optional)
mysql> INSERT INTO Radcheck (username,attribute,op,value) VALUES (' Test ', ' UserPassword ', ': = ', ' test '); (Add account test, password test)
mysql> INSERT INTO Radusergroup (username,groupname) VALUES (' Test ', ' user ');
Adding an account later requires only two steps above
Service RADIUSD Start
Service PPTPD Stop
Service PPTPD Start
Execute the command to test:
# radtest test test localhost 0 westos
Sending access-request of ID 127.0.0.1 Port 1812
User-name = "Test"
User-password = "Test"
Nas-ip-address = 127.0.0.1
Nas-port = 0
Rad_recv:access-accept packet from host 127.0.0.1 Port 1812, id=13, length=38
Service-type = Framed-user
Framed-ip-address = 255.255.255.254
Framed-ip-netmask = 255.255.255.0
To see the access-accept words means success.

This article is from the "LINUX Super Dream" blog, make sure to keep this source http://215687833.blog.51cto.com/6724358/1769384

<rhel6+pptpd+freeradius+mysql>

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More