Set up freeradius + mysql's radius server-Linux Enterprise Application-Linux server application information. The following is a detailed description. This article is dedicated to linux fans.
Someone actually said that it would take me a few days to set up a radius to sell money. After reading some information, I finally successfully set up a radius server. Now I will post it to share it with you.
The platform used by the author is RedHat Linux 7.2
1. Install mysql
I use the RPM package on the CD.
Rpm? Ivh mysql-3.23.41.1.i386.rpm
Rpm? Ivh mysql-devel-3.23.41.1.i386.rpm
Rpm? Ivh mysql-server-3.23.41.1.i386.rpm
Rpm? Ivh mysqlclient9-3.23.22-6.i386.rpm
Start mysql Service
Service mysqld start
Change the mysql root Password (Note: mysql root and system root are two unused concepts)
Mysql? Uroot? P
Create a radius Database
Creat database radius;
Use mysql;
Update user set password = password ('your password') where user = 'root ';
Allow remote machine connection
Update user set host = '%' where user = 'root ';
Exit and restart mysql
Quit
Service mysqld restart
Ii. Install openSSL
I also use the RPM package on the CD.
Rpm? Ivh openssl095a-0.9.5a-11.i386.rpm
Rpm? Ivh openssl096-0.9.6-6.i386.rpm
3. Install freeradius
Download free... from http://www.freeradius.org version 0.8.1
Compile and install
Tar xvfz freeradius.tar.gz
Cd xvfz freeradius-0.8.1
./Configure
Make
Make install
Create a mysql database raius table
Cd src/modules/rlm_ SQL/drivers/rlm_ SQL _mysql
Mysql? Uroot? P password radius <db_mysql. SQL
Change freeradius settings
Cd/usr/local/etc/raddb
Change radiusd. conf to support SQL (as described below)
Authorize {
Preprocess
Chap
Mschap
Suffix
SQL
}
Accouting {
....
SQL
...
}
Change SQL. conf
Server = "localhost"
Login = "root"
Password = "mysql root password"
Radius_db = "radius"
You can refer to this document for details about how to change the NAS supported by client. conf. Note that secret is the shared password between NAS and radius server.
Add database to test account
Join group
Mysql? Uroot? P password radius
Insert into radgroupreply (groupname, attribute, op, values) values ('user', 'auth-type', ': =', 'local ');
Insert into radgroupreply (groupname, attribute, op, values) values ('user', 'service-type', ': =', 'framed-user ');
Insert into radgroupreply (groupname, attribute, op, values) values ('user', 'framed-IP-address', ': =', '2017. 255.255.254 ');
Insert into radgroupreply (groupname, attribute, op, values) values ('user', 'framed-IP-netmask', ': =', '2017. 255.255.0 ');
Add test account
Insert into radcheck (username, attribute, op, value) values ('test', 'user-password', ': =', 'test ')
Add test account to group
Insert into usergroup (username, groupname) values ('test', 'user ');
4. Start the radius service and test the account
Start to debug mode
Radiusd? X
Sometimes the file rlm_ SQL _mysql cannot be found. In this case, you only need to add the library file to the system search directory.
For example:
Cp/usr/local/lib/*/usr/lib
Test account
Radtest test teset localhost 0 testing123
If you can see the radius response, congratulations to the server.
This article is widely used. If there are errors in this article, please correct them and welcome to discuss them together.
Author: Yu Xudong
Email: netwolf@163.com
If you want to reprint it, please indicate the author and Source
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.