Set up RADIUS Server 802.1x Password Server
2004-03-24 Read: 2854
The platform used by the author is Redhat Linux 7.2
Http://anheng.com.cn/news/25/221.html
Http://anheng.com.cn/news/25/221.html
1. Install MySQL
Http://anheng.com.cn/news/25/221.html
I used the RPM package rpm -ivh mysql-3.23.41.1.i386.rpm rpm -ivh mysql-devel-3.23.41.1.i386.rpm rpm -ivh mysql-server-3.23.41.1.i386.rpm rpm -IVH mysqlclient9-3.23.22-6.i386.rpm
Http://anheng.com.cn/news/25/221.html
Launch MySQL Service Service MySQLD START
Http://anheng.com.cn/news/25/221.html
Change the mysql root password (Note: MySQL root and system root is 2 unused concepts) mysql -uroot -p
Http://anheng.com.cn/news/25/221.html
Create a RADIUS database Creat Database Radius; use mysql; update user set password = password ('Your Password') where user = 'root';
Http://anheng.com.cn/news/25/221.html
Allow remote machine to connect Update user set host = '%' where user = 'root';
Http://anheng.com.cn/news/25/221.html
Exit and restart MySQL Quit Service MySQLD Restart
Http://anheng.com.cn/news/25/221.html
2. Install OpenSSL
Http://anheng.com.cn/news/25/221.html
I also use the RPM bag rpm -ivh opensl095a-0.9.5a-11.i386.rpm rpm -ivh openssl096-0.9.6-6.i386.rpm
Http://anheng.com.cn/news/25/221.html
3. Install FreeRadius
Http://anheng.com.cn/news/25/221.html
Download freeAidus from www.freeradius.org, this version is 0.8.1 compiles and install tar xvfz freeradius.tar.gz CD XVFZ FreeRadius-0.8.1
Http://anheng.com.cn/news/25/221.html
Note: If mysql is not installed in / usr / local / directory, you need to make a connection: ln -s / path / mysql / / usr / local / mysql
Http://anheng.com.cn/news/25/221.html
./configure make make install
Http://anheng.com.cn/news/25/221.html
Establish mysql database RADIUS table CD src / modules / rlm_sql / drivers / rlm_sql_mysql mysql -uroot -P password RADIUS http://anheng.com.cn/news/25/221.html Change the setting CD / USR / local / etc / raddb to change the RADIUSD.CONF to allow it to support SQL (as mentioned below) Http://anheng.com.cn/news/25/221.html Authorize {preprocess chap mschap suffix sql} an accouting {.... sql ...} Http://anheng.com.cn/news/25/221.html Change Sql.conf Server = "localhost" login = "root" password = "mysql's root password" RADIUS_DB = "RADIUS" Http://anheng.com.cn/news/25/221.html Change the NAS specific to the client.conf support to see the document, pay attention to the SECRET is the shared password database of NAS and RADIUS servers to join the test account. Http://anheng.com.cn/news/25/221.html Join group Http://anheng.com.cn/news/25/221.html MySQL -UROOT -P password RADIUS Http://anheng.com.cn/news/25/221.html insert into radgroupreply (GroupName, Attribute, op, Value) values ( 'user', 'Auth-Type', ': =', 'Local'); insert into radgroupreply (GroupName, Attribute, op, value) values ( 'user ',' Service-type ',': = ',' framed-user '); INSERT INTO RADGROUPLY (Groupname, Attribute, Op, Value) Values (' user ',' framed-ip-address ", ': =' , '255.255.255.254'); INSERT INTO RADGROUPLY (Groupname, Attribute, Op, Value) VALUES ('user', 'framed-ip-netmask', ': =', '255.255.255.0'); Http://anheng.com.cn/news/25/221.html Join Test Account Insert Into Radcheck (Username, Attribute, Op, Value) Values ('Test', 'User-Password', ': =', 'Test'); Http://anheng.com.cn/news/25/221.html Test Account Add Group INSERT INTO UserGroup (UserName, Groupname) VALUES ('Test', 'User'); Http://anheng.com.cn/news/25/221.html 4. Start the RADIUS service, test account Http://anheng.com.cn/news/25/221.html Start to Debug mode Http://anheng.com.cn/news/25/221.html RADIUSD -X Http://anheng.com.cn/news/25/221.html Sometimes I will report that I can't find the file RLM_SQL_MYSQL, just add the library file to the directory of the system search. Http://anheng.com.cn/news/25/221.html such as: Http://anheng.com.cn/news/25/221.html Cp / usr / local / lib / * / usr / lib Http://anheng.com.cn/news/25/221.html Test account Http://anheng.com.cn/news/25/221.html Radtest Test Test Localhost 0 Testing123 Http://anheng.com.cn/news/25/221.html If you can see the Radius response, Congratulations on the server settings.
