Centos7 freeradius daloRADIUS

文章说明：本文章已经制作为VPN专题，专题中详细介绍了freeradius、daliradius的详细安装配置，请点击这里访问

1、安装必要组件

yum install freeradius-mysql freeadius-client freeradius-devel php php-gd php-pear-DB php-mysql httpd mariadb

【在新版的daloradius中需要安装pear-DB后，前端web才能够与后台数据库连同，否则会打不开页面】

2、开启服务

Systemctl enable httpd
Systemctl enable mariadb
Systemctl start httpd
Systemctl start mariadb

3、配置MySQL

初始化配置及建立radius数据库和用户

mysql_secure_installation #mysql初始安全配置

mysql -uroot －p
   CREATE DATABASE radius;
   GRANT ALL ON radius.* TO radius@localhost IDENTIFIED BY "radpass";
   exit

导入radius数据库架构

mysql -uroot -p radius < /etc/raddb/mods-config/sql/main/mysql/schema.sql

4、配置radius服务器支持mysql

查找/etc/raddb/sites-available/default文件中的sql，将前面的注释去掉，如有-，也去掉，注意，不用管sql-log

查找/etc/raddb/sites-available/inner-tunnel文件中的sql，将前面的注释去掉，如有-，也去掉.

注意，不用管sql-log

实例说明，需要查找到sql，将其前面的注释去掉；
authorize {
…
sql
…
}
accounting {
…
sql
…
}
session {
…
sql
…
}
post-auth {
…
sql
…
}
Post-Auth-Type REJECT {
sql
}

5、编辑数据库连接

vi /etc/raddb/mods-available/sql

sql ｛
driver = “rlm_sql_mysql”
server = “localhost”
port =  3306
login = “radius”
password = “radpass”
radius_db = “radius”
}
read_client = yes     #允许radius读取数据库里面的nas信息
client_table = “nas”  #指定存储nas信息的表
dialect = "mysql"   #此处已定要修改

6、测试Radius是否正常运行

我们手动创建一个用户 vpntest，密码 vpntest

mysql -uroot -p  
 mysql> use radius;  
 mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('vpntest', 'Password', 'vpntest');  
 mysql> FLUSH PRIVILEGES;  
 mysql> quit

然后停止FreeRadius Demon，并使用debug模式

radiusd -X

如果成功将显示如下信息

Listening on auth address * port 1812 as server default
Listening on acct address * port 1813 as server default
Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel
Opening new proxy socket 'proxy address * port 0'
Listening on proxy address * port 36071
Ready to process requests

再打开一个窗口，执行下面的命令测试

radtest vpntest vpntest localhost 1812 testing123

成功则显示如下信息

7、安装daloradius

yum install php-mysql php php-pear php-gd php-pear-DB -y
cd /tmp
wget http://sourceforge.net/projects/daloradius/files/latest/download?source=files
tar zxvf download?source=files
mv daloradius-0.9-9 /var/www/html/radius
cd /var/www/html/radius
chown -R apache:apache /var/www/html/radius
mysql -uradius -p radius < daloradius-0.9-9/contrib/db/fr2-mysql-daloradius-and-freeradius.sql

配置 daloradius sql 连接

vi daloradius-0.9-9/library/daloradius.conf.php

$configValues['DALORADIUS_VERSION'] = '0.9-9';
$configValues['FREERADIUS_VERSION'] = '3';
$configValues['CONFIG_DB_ENGINE'] = 'mysql';
$configValues['CONFIG_DB_HOST'] = 'localhost';
$configValues['CONFIG_DB_USER'] = 'radius';
$configValues['CONFIG_DB_PASS'] = 'radius@123';
$configValues['CONFIG_DB_NAME'] = 'radius';
$configValues['CONFIG_FILE_RADIUS_PROXY'] = '/etc/raddb/proxy.conf';
$configValues['CONFIG_PATH_DALO_VARIABLE_DATA'] = '/var/www/html/radius/var';

5. 测试daloradius

登录http://10.10.10.100/radius看是否能正常开发页面。默认的用户为administraor ，密码：radius。正常情况下，登录后能看到home页面