文章说明:本文章已经制作为VPN专题,专题中详细介绍了freeradius、daliradius的详细安装配置,请点击这里访问
1、安装必要组件
yum install freeradius-mysql freeadius-client freeradius-devel php php-gd php-pear-DB php-mysql httpd mariadb
【在新版的daloradius中需要安装pear-DB后,前端web才能够与后台数据库连同,否则会打不开页面】
2、开启服务
Systemctl enable httpd Systemctl enable mariadb Systemctl start httpd Systemctl start mariadb
3、配置MySQL
初始化配置及建立radius数据库和用户
mysql_secure_installation #mysql初始安全配置
mysql -uroot -p CREATE DATABASE radius; GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radpass"; exit
导入radius数据库架构
mysql -uroot -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql
4、配置radius服务器支持mysql
查找/etc/raddb/sites-available/default文件中的sql,将前面的注释去掉,如有-,也去掉,注意,不用管sql-log
查找/etc/raddb/sites-available/inner-tunnel文件中的sql,将前面的注释去掉,如有-,也去掉.
注意,不用管sql-log
实例说明,需要查找到sql,将其前面的注释去掉; authorize { … sql … } accounting { … sql … } session { … sql … } post-auth { … sql … } Post-Auth-Type REJECT { sql }
5、编辑数据库连接
vi /etc/raddb/mods-available/sql
sql { driver = “rlm_sql_mysql” server = “localhost” port = 3306 login = “radius” password = “radpass” radius_db = “radius” } read_client = yes #允许radius读取数据库里面的nas信息 client_table = “nas” #指定存储nas信息的表 dialect = "mysql" #此处已定要修改
6、测试Radius是否正常运行
我们手动创建一个用户 vpntest,密码 vpntest
mysql -uroot -p mysql> use radius; mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('vpntest', 'Password', 'vpntest'); mysql> FLUSH PRIVILEGES; mysql> quit
然后停止FreeRadius Demon,并使用debug模式
radiusd -X
如果成功将显示如下信息
Listening on auth address * port 1812 as server default Listening on acct address * port 1813 as server default Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel Opening new proxy socket 'proxy address * port 0' Listening on proxy address * port 36071 Ready to process requests
再打开一个窗口,执行下面的命令测试
radtest vpntest vpntest localhost 1812 testing123
成功则显示如下信息
7、安装daloradius
yum install php-mysql php php-pear php-gd php-pear-DB -y cd /tmp wget http://sourceforge.net/projects/daloradius/files/latest/download?source=files tar zxvf download?source=files mv daloradius-0.9-9 /var/www/html/radius cd /var/www/html/radius chown -R apache:apache /var/www/html/radius mysql -uradius -p radius < daloradius-0.9-9/contrib/db/fr2-mysql-daloradius-and-freeradius.sql
配置 daloradius sql 连接
vi daloradius-0.9-9/library/daloradius.conf.php $configValues['DALORADIUS_VERSION'] = '0.9-9'; $configValues['FREERADIUS_VERSION'] = '3'; $configValues['CONFIG_DB_ENGINE'] = 'mysql'; $configValues['CONFIG_DB_HOST'] = 'localhost'; $configValues['CONFIG_DB_USER'] = 'radius'; $configValues['CONFIG_DB_PASS'] = 'radius@123'; $configValues['CONFIG_DB_NAME'] = 'radius'; $configValues['CONFIG_FILE_RADIUS_PROXY'] = '/etc/raddb/proxy.conf'; $configValues['CONFIG_PATH_DALO_VARIABLE_DATA'] = '/var/www/html/radius/var';5. 测试daloradius
登录http://10.10.10.100/radius看是否能正常开发页面。默认的用户为administraor ,密码:radius。正常情况下,登录后能看到home页面