安装radius+mysql

安装freeradius+mysql+daloradius

一、安装系统自带的mysql

# yum update -y //更新yum源

# yum install mysql-server //安装mysql服务

# /etc/init.d/mysqld start //启动mysql服务

# mysqladmin -u root -p password 'mzywx' //修改mysql root用户默认密码

Enter password: //原始密码为空，直接敲回车键

# chkconfig --add mysqld //添加mysql服务

# chkconfig mysqld on //开机自启动mysql服务

# service mysqld status//查看mysql服务状态

二、安装freeradius

# yum install freeradius -y

# yum install freeradius-mysql freeradius-perl freeradius-utils

freeradius-ldap freeradius-python freeradius-devel -y

# chown -R radiusd:radiusd /etc/raddb

# chmod a+r /etc/raddb/dictionary

# radiusd -X

# sed -i 's/#steve/steve/g' /etc/raddb/users //或者执行vi +76

/etc/raddb/users取消注释

生效：steve Cleartext-Password := "testing"

# radtest steve testing localhost 1812 testing123 //注：另开启一个终端执行该命令

出现Access-Accept字样说明成功。

测试成功后把/etc/raddb/users改回去。

# sed -i 's/steve/#steve/g' /etc/raddb/users //把/etc/raddb/users改回去

三、freeradius和mysql的集成

# mysql -uroot -pmzywx -e"create database radius" //创建radius数据库

# mysql -uroot -pmzywx -e"show databases" //查看是否创建成功

+--------------------+

| Database |

+--------------------+

| information_schema |

| mysql |

| radius |

| test |

+--------------------+

# mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/

# mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/

# mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/

# mysql -uroot -pmzywx radius < /etc/raddb/sql/mysql/

# mysql -uroot -pmzywx

mysql>GRANT SELECT ON radius.* TO 'radius'@'localhost' IDENTIFIED BY

'radpass';

mysql>GRANT ALL on t TO 'radius'@'localhost';

mysql>GRANT ALL on tauth TO 'radius'@'localhost';

进入radius数据库、先加入一些组信息:

mysql>use radius;

mysql>insert into radgroupreply (groupname,attribute,op,value) values

('user','Auth-Type',':=','Local');

mysql>insert into radgroupreply (groupname,attribute,op,value) values

('user','Service-Type','=','Framed-User');

mysql>insert into radgroupreply (groupname,attribute,op,value) values

('user','Framed-IP-Netmask','=','255.255.255.255');

mysql>insert into radgroupreply (groupname,attribute,op,value) values

('user','Framed-IP-Netmask',':=','255.255.255.0');

然后加入用户信息：

mysql>INSERT INTO radcheck (UserName, Attribute, Value) VALUES

('sqltest', 'Password', 'testpwd');

然后把用户加到组里：

mysql>insert into radusergroup(username,groupname)

values('sqltest','user');

mysql>select * from radcheck where UserName='sqltest';

+----+----------+-----------+----+---------+

| id | username | attribute | op | value |

+----+----------+-----------+----+---------+

| 1 | sqltest | Password | == | testpwd |

+----+----------+-----------+----+---------+

1 row in set (0.00 sec)

mysql> quit

Bye

1.

# sed -i 's/#readclients = yes/readclients = yes/g' /etc/raddb/

或者 编辑/etc/raddb/

mysql用户名，密码根据自己的情况填写 //这里不用进行修改

第88行取消readclients = yes 前的注释

2.

# sed -i '170s/files/#files/' /etc/raddb/sites-enabled/default

# sed -i '177s/^#.*/sql/' /etc/raddb/sites-enabled/default

# sed -i '406s/^#.*/sql/' /etc/raddb/sites-enabled/default

或者编辑/etc/raddb/sites-enabled/default

第170 行files前加注释

第177 行取消sql前的注释

第406 行取消sql前的注释

3.

# sed -i '125s/files/#files/' /etc/raddb/sites-enabled/inner-tunnel

# sed -i '132s/^#.*/sql/' /etc/raddb/sites-enabled/inner-tunnel

或者编辑/etc/raddb/sites-enabled/inner-tunnel

第125 行files前加注释

第132 行取消sql前的注释

4.

# sed -i '30s/md5/peap/' /etc/raddb/

或者编辑/etc/raddb/

第30行default_eap_type = md5改为default_eap_type = peap

5.编辑/etc/raddb/,加入 //这一步骤根据实际情况添加IP地址、设备型号

client 192.168.4.3 {

secret = tp-link

shortname = test

}

6.启用radius的sql模块 //注：这一步骤必须执行，否则报错

# sed -i '735s/^#.*/$INCLUDE /' /etc/raddb/

或者编辑/etc/raddb/

第735行# $INCLUDE 改为 $INCLUDE //取消注释

6.测试

# radtest sqltest testpwd localhost 1812 testing123

Sending Access-Request of id 138 to 127.0.0.1 port 1812

User-Name = "sqltest"

User-Password = "testpwd"

NAS-IP-Address = 10.171.208.203

NAS-Port = 1812

Message-Authenticator = 0x00000000

rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=138,

length=32

Service-Type = Framed-User

Framed-IP-Netmask = 255.255.255.0

出现Access-Accept字样说明成功。

四、安装apache

# yum install httpd -y //安装apache

# service httpd start //启动apache 有警告

Starting httpd: httpd: Could not reliably determine the server's fully

qualified domain name, using 10.171.208.203 for ServerName

[ OK ]

# chkconfig httpd on //设置开机自动启动apache

# hostname //查看主机名

AY145e37Z

# sed -i '276s/^#.*/ServerName AY145e37Z/'

/etc/httpd/conf/ //修改apache的配置文件

# service httpd restart //重启apache 报错消失

Stopping httpd: [ OK ]

Starting httpd: [ OK ]

# 本地浏览器访问，访问成功

五、安装PHP

# yum install php -y //安装 PHP

#

yum install php-mysql -y //这个如果不安装，打开php+mysql的程序会出错的

# yum install php-pear-DB -y //这个如果不安装，打开daloradius会报错

# service httpd restart //重启apache

安装一下php扩展程序。

# wget/ //下载php扩展

# php //安装php扩展

六、安装Daloradius

# 下载地址：/s/1bpcBHQB

# tar zxvf -C /var/ww/html/daloradius

# chown -R apache:apache /var/www/html/daloradius

#cd /var/ww/html/daloradius

# mysql -uroot -pmzywx radius < contrib/db/

# mysql -uroot -pmzywx radius <

contrib/db/

# vi library/

$configValues['FREERADIUS_VERSION'] = '2';

$configValues['CONFIG_DB_TBL_RADUSERGROUP'] = 'radusergroup';

mysql用户名，密码根据自己的情况填写。 //这一项必须修改，否则连接不上

建立数据库连接用户

# mysql -uroot -pmzywx

mysql>grant all privileges on radius.* to radius@'%' identified by 'radpass';

mysql>flush privileges;

测试

配置好后在浏览器中打开，下面是默认登录用户名和密码

yourIP/daloradius

login：administrator

password：radius

可能出现的问题

1、点击登录页面出错

查看http错误日志信息/var/log/httpd/error_log

[Mon Oct 14 15:44:51 2013] [error] [client 172.16.1.55] PHP Warning: include_once():

Failed opening '' for inclusion

(include_path='.:/usr/share/pear:/usr/share/php') in

/var/www/html/daloradius/library/ on line 84, referer:

172.16.1.50/daloradius/

[Mon Oct 14 15:44:51 2013] [error] [client 172.16.1.55] PHP Fatal error: Class 'DB'

not found in /var/www/html/daloradius/library/ on line 86, referer:

172.16.1.50/daloradius/

提示数据库连接失败。再次检查连接数据库文件，没有问题。

解决：新版本的daloradius连接数据库，需要安装数据库连接模块。php-pear-DB

没办法安装吧！ yum install php-pear-DB

再次打开web，如果还有出错，安装一下php扩展程序。

下载 ：wget /

安装：php

七、汉化Daloradius

daloradius汉化包下载：下载地址

/share/link?shareid=2500086958&uk=3843037427

下载之后，解压然后复制到/daloradius目录下面替换即可，然后登录到web程序里设置语言。

# tar zxvf -C /var/www/html/daloradius/