Pptpd + mysql + freeradius in Centos6.0 for unified vpn account authentication management

System Centos6.0; 192.168.182.20.

This article is also one of the recent projects; for the next vpn tunnel and multi-ip Route shunting;

-Rw-r -- 1 root 684342 June 19 22:49 ppp-2.4.5.tar.gz-rw-r -- r -- 1 root 74048 June 19 22:49 pptpd-1.3.4-2.el6.i686.rpm

These are two packages;

If pptpd is not good to download, welcome to my download area to download, because this foreign url is harmonious, I also use the accelerator to download; http://down.51cto.com/data/840850

1. The following operations are started;

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/011313C05-0.jpg "title =" 2.jpg"/>

[root@node1 ~]# vim /etc/pptpd.conf#pptpd.confoption /etc/ppp/options.pptpdlogwtmplocalip 192.168.182.133remoteip 172.16.0.2-254

[root@node1 ~]# vim /etc/ppp/options.pptpdname pptpdrefuse-paprefuse-chaprefuse-mschaprequire-mschap-v2require-mppe-128proxyarplocknobsdcompnovjnovjccompnologfdms-dns 8.8.8.8logfile /var/log/pptpd.log

[root@node1 ~]# vim /etc/ppp/chap-secrets# Secrets for authentication using CHAP# client        server  secret                  IP addresses  test          pptpd   test123                 *

[root@node1 ~]# cat /etc/sysctl.conf |grep -v ^# |grep -v ^#net.ipv4.ip_forward = 1

[root@node1 ~]# iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -j MASQUERADE

Ps; restart the service; test whether local dialing is normal;

Tested, dial OK;

2. Install mysql and freeradius;

yum install mysql* freeradius* -y

Create a radius database, import related SQL statements, and create a test user;

mysql> create database radius;

[root@node1 ~]# mysql -u root -p  radius < /etc/raddb/sql/mysql/admin.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/cui.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/wimax.sql

mysql> insert into radius.radcheck (Username,Attribute,op,Value) values('lansgg','password','==','lansgg123')

Configure the radius configuration file;

[root@node1 ~]# vim /etc/raddb/radiusd.conf700         $INCLUDE sql.conf

[Root @ node1 ~] # Vim/etc/raddb/SQL. conf28 database = "mysql" 33 driver = "rlm_ SQL _ $ {database}" 36 server = "localhost" 38 login = "root" 39 password = "123" 42 radius_db = "radius "50 acct_table1 =" radacct "51 acct_table2 =" radacct "100 readclients = yesps: the previous Sub-mark is the number of rows.

[root@node1 ~]# vim /etc/raddb/sites-enabled/default69 authorize {170 #       files177         sql252 authenticate {297 #       unix333 preacct {372 #       files389 #       unix406         sql449 session {454         sql461 post-auth {475         sql

[root@node1 ~]# vim /etc/raddb/sites-enabled/inner-tunnel124 #       files131         sql223 #       unix255         sql277         sql

[root@node1 ~]# vim /etc/raddb/eap.conf30                 default_eap_type = peap

Test integration of radius and mysql

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0113134c6-1.jpg "title =" 3.jpg"/>

3. below is the integration of pptpd and freeradius;

Decompress the ppp source code package and copy its configuration file;

[root@node1 ~]# tar zxvf ppp-2.4.5.tar.gz

[root@node1 ~]# mkdir /etc/ppp/radius[root@node1 ~]# cp -R  ppp-2.4.5/pppd/plugins/radius/etc/ /etc/ppp/radius/

Modify the radius path:

[root@node1 etc]# vim radiusclient.confauth_order      radiuslogin_tries     4login_timeout   60nologin /etc/nologinissue   /etc/ppp//radius/etc/issueauthserver      localhost:1812acctserver      localhost:1813servers         /etc/ppp/radius/etc/serversdictionary      /etc/ppp/radius/etc/dictionarylogin_radius    /usr/local/sbin/login.radiusseqfile         /var/run/radius.seqmapfile         /etc/ppp/radius/etc/port-id-mapdefault_realmradius_timeout  10radius_retries  3login_local     /bin/login

[Root @ node1 etc] # vim/etc/ppp/radius/etc/dictionaryINCLUDE/etc/ppp/radius/etc/dictionary. microsoftINCLUDE/etc/ppp/radius/etc/dictionary. ascend # Add INCLUDE/etc/ppp/radius/etc/dictionary. merit # added INCLUDE/etc/ppp/radius/etc/dictionary. compat # New

Increase options.ppt pd

[Root @ node1 etc] # vim/etc/ppp/options.ppt pdplugin/usr/lib/pppd/2.4.5/radius. so # Add radius-config-file/etc/ppp/radius/etc/radiusclient. conf # Add

Modify the radius Authentication Key;

[root@node1 raddb]# vim /etc/raddb/clients.conf101         secret          = lansggtest

[root@node1 raddb]# vim /etc/ppp/radius/etc/servers5 localhost                                       lansggtest

Tested. OK! Account: lansgg; Password: lansgg123)

650) this. width = 650; "src =" http://www.bkjia.com/uploads/allimg/131228/0113131161-2.jpg "title =" courier 4.jpg "/>

This article is from the Coffee _ Blue Mountains blog, please be sure to keep this source http://lansgg.blog.51cto.com/5675165/1225461