安装radius+mysql -

安装freeradius+mysql+daloradius 一、安装系统自带的mysql

# yum update -y //更新yum源 # yum install mysql-server //安装mysql服务 # /etc/init.d/mysqld start //启动mysql服务 # mysqladmin -u root -p password 'mzywx' //修改mysql root用户默认密码 Enter password: //原始密码为空，直接敲回车键 # chkconfig --add mysqld //添加mysql服务 # chkconfig mysqld on //开机自启动mysql服务 # service mysqld status//查看mysql服务状态 二、安装freeradius

# yum install freeradius -y # yum install freeradius-mysql freeradius-perl freeradius-utils freeradius-ldap freeradius-python freeradius-devel -y # chown -R radiusd:radiusd /etc/raddb # chmod a+r /etc/raddb/dictionary # radiusd -X # sed -i 's/#steve/steve/g' /etc/raddb/users //或者执行vi +76 /etc/raddb/users取消注释 生效：steve Cleartext-Password := \# radtest steve testing localhost 1812 testing123 //注：另开启一个终端执行该命令 出现Access-Accept字样说明成功。 测试成功后把/etc/raddb/users改回去。

# sed -i 's/steve/#steve/g' /etc/raddb/users //把/etc/raddb/users改回去

三、freeradius和mysql的集成

# mysql -uroot -pmzywx -e\创建radius数据库 # mysql -uroot -pmzywx -e\查看是否创建成功 +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | radius | | test | +--------------------+ # mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/schema.sql # mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/nas.sql # mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/ippool.sql # mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/wimax.sql # mysql -uroot -pmzywx mysql>GRANT SELECT ON radius.* TO 'radius'@'localhost' IDENTIFIED BY 'radpass'; mysql>GRANT ALL on radius.radacct TO 'radius'@'localhost'; mysql>GRANT ALL on radius.radpostauth TO 'radius'@'localhost'; 进入radius数据库、先加入一些组信息:

mysql>use radius; mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local'); mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type','=','Framed-User'); mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask','=','255.255.255.255'); mysql>insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0'); 然后加入用户信息：

mysql>INSERT INTO radcheck (UserName, Attribute, Value) VALUES ('sqltest', 'Password', 'testpwd'); 然后把用户加到组里：

mysql>insert into radusergroup(username,groupname) values('sqltest','user'); mysql>select * from radcheck where UserName='sqltest'; +----+----------+-----------+----+---------+ | id | username | attribute | op | value | +----+----------+-----------+----+---------+ | 1 | sqltest | Password | == | testpwd | +----+----------+-----------+----+---------+ 1 row in set (0.00 sec) mysql> quit Bye 1.

# sed -i 's/#readclients = yes/readclients = yes/g' /etc/raddb/sql.conf

或者 编辑/etc/raddb/sql.conf

mysql用户名，密码根据自己的情况填写 //这里不用进行修改 第88行取消readclients = yes 前的注释 2.

# sed -i '170s/files/#files/' /etc/raddb/sites-enabled/default # sed -i '177s/^#.*/sql/' /etc/raddb/sites-enabled/default # sed -i '406s/^#.*/sql/' /etc/raddb/sites-enabled/default 或者编辑/etc/raddb/sites-enabled/default 第170 行files前加注释 第177 行取消sql前的注释 第406 行取消sql前的注释 3.

# sed -i '125s/files/#files/' /etc/raddb/sites-enabled/inner-tunnel # sed -i '132s/^#.*/sql/' /etc/raddb/sites-enabled/inner-tunnel 或者编辑/etc/raddb/sites-enabled/inner-tunnel 第125 行files前加注释 第132 行取消sql前的注释 4.

# sed -i '30s/md5/peap/' /etc/raddb/eap.conf

或者编辑/etc/raddb/eap.conf

第30行default_eap_type = md5改为default_eap_type = peap

5.编辑/etc/raddb/clients.conf,加入 //这一步骤根据实际情况添加IP地址、设备型号

client 192.168.4.3 { secret = tp-link shortname = test } 6.启用radius的sql模块 //注：这一步骤必须执行，否则报错 # sed -i '735s/^#.*/$INCLUDE sql.conf/' /etc/raddb/radiusd.conf 或者编辑/etc/raddb/radiusd.conf

第735行# $INCLUDE sql.conf改为 $INCLUDE sql.conf //取消注释 6.测试

# radtest sqltest testpwd localhost 1812 testing123 Sending Access-Request of id 138 to 127.0.0.1 port 1812 User-Name = \ User-Password = \ NAS-IP-Address = 10.171.208.203 NAS-Port = 1812 Message-Authenticator = 0x00000000000000000000000000000000 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=138, length=32 Service-Type = Framed-User Framed-IP-Netmask = 255.255.255.0 出现Access-Accept字样说明成功。 四、安装apache

# yum install httpd -y //安装apache # service httpd start //启动apache 有警告 Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 10.171.208.203 for ServerName [ OK ] # chkconfig httpd on //设置开机自动启动apache # hostname //查看主机名 AY140718211848765e37Z # sed -i '276s/^#.*/ServerName AY140718211848765e37Z/' /etc/httpd/conf/httpd.conf //修改apache的配置文件 # service httpd restart //重启apache 报错消失 Stopping httpd: [ OK ] Starting httpd: [ OK ] # 本地浏览器访问，访问成功 五、安装PHP

# yum install php -y //安装 PHP # yum install php-mysql -y //这个如果不安装，打开php+mysql的程序会出错的 # yum install php-pear-DB -y //这个如果不安装，打开daloradius会报错 # service httpd restart //重启apache 安装一下php扩展程序。 # wgethttp://pear.php.net/go-pear.phar //下载php扩展 # php go-gear.phar //安装php扩展

六、安装Daloradius

# 下载地址：http://pan.http://www.wodefanwen.com//s/1bpcBHQB # tar zxvf daloradius-0.9-8.tar.gz -C /var/ww/html/daloradius # chown -R apache:apache /var/www/html/daloradius #cd /var/ww/html/daloradius # mysql -uroot -pmzywx radius < contrib/db/mysql-daloradius.sql # mysql -uroot -pmzywx radius < contrib/db/fr2-mysql-daloradius-and-freeradius.sql # vi library/daloradius.conf.php $configValues['FREERADIUS_VERSION'] = '2'; $configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup'; mysql用户名，密码根据自己的情况填写。 //这一项必须修改，否则连接不上 建立数据库连接用户 # mysql -uroot -pmzywx

mysql>grant all privileges on radius.* to radius@'%' identified by 'radpass'; mysql>flush privileges;

测试

配置好后在浏览器中打开，下面是默认登录用户名和密码 http://yourIP/daloradius login：administrator password：radius

可能出现的问题

本文来源：https://www.bwwdw.com/article/lteh.html