1.创建freeradius数据库
#service mysql start
...
#mysql -u root -p
Enter password: 456456
...
mysql> create database freeradius; //freeradius为数据库的名字
...
mysql> quit
2.导入数据表
#cd /usr/local/etc/raddb/sql/mysql
#mysql -u root -p freeradius < schema.sql
Enter password: 456456
/usr/local/etc/raddb/sql/mysql/schema.sql 主数据库定义,7个表,包括
radacct 计费情况表
radcheck 用户检查信息表
radgroupcheck 用户组检查信息表
radgroupreply 用户组检查信息表
radpostauth 认证后处理信息,可以包括认证请求成功和拒绝的记录
radreply 用户回复信息表
radusergroup 用户和组关系表
#mysql -u root -p freeradius < nas.sql
Enter password: 456456
/usr/local/etc/raddb/sql/mysql/nas.sql 网络设备定义,只有一个表:
nas 网络设备表
#mysql -u root -p freeradius < ippool.sql //ip地址池
#mysql -u root -p freeradius < wimax.sql //wimax设备支持
#mysql -u root -p freeradius < cui.sql //cui支持
3.修改配置文件
更改/usr/local/etc/raddb/sites-available(或sites-enabled文件下,其实是相关联的,相同的文件)/default文件,使其支持sql;并把authorize{} 中的files前加#
把 sql前的#去掉
authorize {
…
#files
sql
…
}
accouting {
…
sql
…
}
更改/usr/local/etc/raddb/sites-enabled/inner-tunnel
将authorize{}模块中的
files前加注释
取消sql前的注释
更改/usr/local/etc/raddb/sql.conf使其与mysql连接
server=”localhost”
login=”root”
password=”mysql的root的密码456456”
radius_db=”freeradius”
取消readclients = yes 前的注释
再更改/usr/local/etc/raddb/radiusd.conf
将$INCLUDE sql.conf前的#去掉
4.在数据库中加入测试账号
(1)建立组信息
#mysql -u root -p
Enter password:456456
...
mysql> use freeradius;
...
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Auth-Type',':=','Local');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed-User');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Address',':=','255.255.255.255');
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0');
(2)建立用户信息
mysql> insert into radcheck (username,attribute,op,value) values ('test','User-Password',':=','test');
(3)将用户与组关联
mysql> insert into radusergroup (username,groupname) values ('test','user');
(4)添加用户回复信息
mysql> insert into radreply(username,attribute,op,value) values('test','Reply-Message','=','Yes,Good!');
5.安装freeradius-mysql,并且将配置文件/usr/lib/freeradius/rlm_sql_mysql-2.1.10.so复制到/usr/lib下并改名为 rlm_sql_mysql.so
#apt-get install freeradius-mysql
#cp /usr/lib/freeradius/rlm_sql_mysql-2.1.10.so /usr/lib/rlm_sql_mysql.so
6.测试freeradius---mysql关联是否成功
#radiusd -X
#radtest test test localhost 0 testing123
Sending Access-Request of id 121 to 127.0.0.1 port 1812 User-Name = "test" User-Password = "test" NAS-IP-Address = 127.0.1.1 NAS-Port = 0 Message-Authenticator = 0x00000000000000000000000000000000 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=121, length=49 Reply-Message = "Yes,Good!" Service-Type = Framed-User Framed-IP-Address = 255.255.255.255 Framed-IP-Netmask = 255.255.255.0
$$$至此,参照http://blog.csdn.net/libinbin_1014/article/details/49277451《Linux+FreeRadius+mysql+Apache安装搭建过程》;
$$$http://blog.sina.com.cn/s/blog_970f50810102wbpw.html《ubuntu下安装 freeradius》等。