Centos6.0 mysql + freeradiu for unified account authentication

RADIUS: Remote Authentication Dial In User Service. The Remote User dialing Authentication system is defined by RFC2865 and RFC2866. It is currently the most widely used AAA protocol;

RADIUS is a C/S-structured Protocol. Its client is initially a NASNet Access Server) Server. Any computer running the RADIUS client software can become a RADIUS client. The RADIUS Authentication mechanism is flexible and supports multiple methods, such as PAP, CHAP, and Unix logon authentication. RADIUS is an extensible protocol that performs all the work based on the vector of Attribute-Length-Value. RADIUS also allows the vendor to expand the manufacturer's proprietary attributes.

Centos6.0

Personal habits

yum install -y httpd mysql* php*

Install freeradius

yum install -y freeradius*

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0115561Y1-0.jpg "title =" 1.jpg"/>

To test whether the returned values can be received;

radtest steve testing 127.0.0.1 1812 testing123

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/01155CH3-1.jpg "title =" 1.jpg"/>

That is, OK;

1. log on to Mysql to create a radius database;

mysql> create database radius;mysql> grant all on radius.* to radius@localhost identified by 'radius123';

For FreeRadius2, the design and structure of the data table are defined in the following file:

/Etc/raddb/SQL/mysql/schema. SQL master database definition, 7 tables, including

Radcheck User check information table

Radreply user reply information table

Radgroupcheck user group check information table

Radgroupreply user group check information table

Radusergroup user and group relationship table

Radacct billing table

Radpostauth post-authentication information, which can include records of successful and rejected authentication requests.

/Etc/raddb/SQL/mysql/nas. SQL network device definition, only one table

Nas network device table

The following table is used for some extension functions and can be imported as needed.

Ippool. SQL ip address pool

Wimax. SQL wimax Device Support

Cui. SQL cui support

2. Import SQL files

mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sqlmysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql

Configure radius. conf

Vim/etc/raddb/radiusd. conf700 $ INCLUDE SQL. conf # enable the SQL File

Configure database file SQL. conf

vim /etc/raddb/sql.confsql {    database = "mysql"    driver = "rlm_sql_${database}"    server = "localhost"    login = "radius"    password = "radius123"    radius_db = "radius"

Configure the radius database function file/etc/raddb/sites-available/default

Support related modules for Databases
Authorize (authentication), accounting (Audit), session (session, used to monitor simultaneous connections), and post_auth (record) Sub-segment to add SQL keywords, such:

authorize {          preprocess          chap          mschap          suffix          eap          sql          pap}

Service radiusd start

3. perform tests;

mysql -u root -p

mysql> use radius;mysql> insert into radcheck(username,attribute,value,op)values("lansgg","Cleartext-Password","password123","=");

Service radiusd restart

Test

radtest lansgg password123 localhost 10 testing123

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0115561064-2.jpg "title =" 1.jpg"/>

The test result is as follows: OK

This article is from the Coffee _ Blue Mountains blog, please be sure to keep this source http://lansgg.blog.51cto.com/5675165/1223176