RADIUS: Remote Authentication Dial In User Service. The Remote User dialing Authentication system is defined by RFC2865 and RFC2866. It is currently the most widely used AAA protocol;
RADIUS is a C/S-structured Protocol. Its client is initially a NASNet Access Server) Server. Any computer running the RADIUS client software can become a RADIUS client. The RADIUS Authentication mechanism is flexible and supports multiple methods, such as PAP, CHAP, and Unix logon authentication. RADIUS is an extensible protocol that performs all the work based on the vector of Attribute-Length-Value. RADIUS also allows the vendor to expand the manufacturer's proprietary attributes.
Centos6.0
Personal habits
yum install -y httpd mysql* php*
Install freeradius
yum install -y freeradius*
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0115561Y1-0.jpg "title =" 1.jpg"/>
To test whether the returned values can be received;
radtest steve testing 127.0.0.1 1812 testing123
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/01155CH3-1.jpg "title =" 1.jpg"/>
That is, OK;
1. log on to Mysql to create a radius database;
mysql> create database radius;mysql> grant all on radius.* to radius@localhost identified by 'radius123';
For FreeRadius2, the design and structure of the data table are defined in the following file:
/Etc/raddb/SQL/mysql/schema. SQL master database definition, 7 tables, including
Radcheck User check information table
Radreply user reply information table
Radgroupcheck user group check information table
Radgroupreply user group check information table
Radusergroup user and group relationship table
Radacct billing table
Radpostauth post-authentication information, which can include records of successful and rejected authentication requests.
/Etc/raddb/SQL/mysql/nas. SQL network device definition, only one table
Nas network device table
The following table is used for some extension functions and can be imported as needed.
Ippool. SQL ip address pool
Wimax. SQL wimax Device Support
Cui. SQL cui support
2. Import SQL files
mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sqlmysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql
Configure radius. conf
Vim/etc/raddb/radiusd. conf700 $ INCLUDE SQL. conf # enable the SQL File
Configure database file SQL. conf
vim /etc/raddb/sql.confsql { database = "mysql" driver = "rlm_sql_${database}" server = "localhost" login = "radius" password = "radius123" radius_db = "radius"
Configure the radius database function file/etc/raddb/sites-available/default
Support related modules for DatabasesAuthorize (authentication), accounting (Audit), session (session, used to monitor simultaneous connections), and post_auth (record) Sub-segment to add SQL keywords, such:
authorize { preprocess chap mschap suffix eap sql pap}
Service radiusd start
3. perform tests;
mysql -u root -p
mysql> use radius;mysql> insert into radcheck(username,attribute,value,op)values("lansgg","Cleartext-Password","password123","=");
Service radiusd restart
Test
radtest lansgg password123 localhost 10 testing123
650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0115561064-2.jpg "title =" 1.jpg"/>
The test result is as follows: OK
This article is from the Coffee _ Blue Mountains blog, please be sure to keep this source http://lansgg.blog.51cto.com/5675165/1223176