linux(CentOS5.8)环境下搭建Radius
本文记录了freeRadius在CentOS5.8环境下的基本搭建过程,未涉及mysql的加入及配置
freeradius官方地址:http://freeradius.org/
环境:CentOS5.8、freeradius-1.1.3、NTRadPing1.2(一个Windows下的Radius客户端)
1. 安装freeradius
yum install freeradius
radius客户端 -- radclient
radius服务端 -- radiusd
radius测试 -- radtest
其他
2. 配置(增加用户)
cd /etc/raddb
cp users users.back(修改前做好备份)
vim users
#"John Doe" Auth-Type := Local, User-Password == "hello"
# Reply-Message = "Hello, %u"
改为
"test" Auth-Type := Local, User-Password == "123456"
Reply-Message = "Hello, %u"
3. 运行服务端
radiusd -X
...
...
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
4. radius测试(本机)
radtest test 123456 127.0.0.1 0 testing123
Sending Access-Request of id 161 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "123456"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=161, length=33
Reply-Message = "Hello, test"
**恭喜你freeradius已经可以正常运行了
5. 增加局域网内Radius客户端访问允许
cd /etc/raddb
cp client.conf client.conf.back
vim client.conf
增加
client 192.168.1.0/24 {
secret = 123456
shortname = any
}
6. 局域网测试
运行NTRadPing1.2
修改RADIUS SERVER/Port
修改RADIUS Secret key(前一步骤设置--123456)
修改User-Name
修改Password
勾选CHAP
执行Send
...
...
response: Access-Accept
...
Reply-Message=Hello,test
ps:
运行radius服务端用service radiusd start当然也是ok的,只是看不到连入时的打印信息了
过程较简单,仅仅是提供一个过程参考