freeradius设置问题。
我不太明白下面的说明,请详细介绍。?????????????????????????????
更改freeradius的设置
cd /usr/local/etc/raddb
更改radiusd.conf,让其支持sql (如下面所说)
authorize {
preprocess
chap
mschap
suffix
sql #只需要加填这一项,其它的都有
}
accouting {
….
sql #同上
…
}
更改sql.conf
server=”localhost”
login=”root”
password=”mysql的root的密码” #在应用时不能更改这个密码,不然mysql都进
不去
radius_db=”radius”
更改 client.conf支持所用的NAS具体可以看该文档,要注意的是secret是NAS和
radius服务器的共享密码
??????????????????????????????? 没人设置过吗?
我根据上面的说明这样设置:
在radiusd.conf文件里
authorize {
……
# SQL (我把前面的#删了)
……
}
accounting {
……
# SQL (我把前面的#删了)
……
}
在sql.conf文件里
server=”localhost”
login=”admin”
password=”****”
radius_db = "radius"
在client.conf文件里
client 172.17.*.*
secret = admin
shortname = 172.17.*.*
nastype = other
这样设置对不对?
[ 本帖最后由 xfyg 于 2006-4-13 17:29 编辑 ] 还有根据说明创建了radius数据库,
#cd src/modules/rlm_sql/drivers/rlm_sql_mysql
#mysql ?uroot ?p密码 radius < db_mysql.sql
导入radius数据库后进入数据库后发现如下:
#mysql -u root -p
Enter password:
Welcome to the MySQL monitor.Commands end with ; or \g.
Your MySQL connection id is 4 to server version: 4.1.7
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> use mysql
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+---------------------------+
| Tables_in_mysql |
+---------------------------+
| columns_priv |
| db |
| func |
| help_category |
| help_keyword |
| help_relation |
| help_topic |
| host |
| tables_priv |
| time_zone |
| time_zone_leap_second |
| time_zone_name |
| time_zone_transition |
| time_zone_transition_type |
| user |
+---------------------------+
15 rows in set (0.00 sec)
______________________________________
]# mysql -u root -p radius
Enter password:
Welcome to the MySQL monitor.Commands end with ; or \g.
Your MySQL connection id is 5 to server version: 4.1.7
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.
mysql> use radius
Database changed
这是怎么回事? 操作正确
只是查看表用错了命令
mysql> use radius
show tables; 好!上面的好了。
还有下面的说明:
????????????????????????????????????
mysql> use radius;#使用radius数据库;
mysql> show tables;#查看radius数据库的表格;
mysql> describe radgroupreply;#查看该表格选项,即是与括号里对应的东西,
一定要相同
mysql> select * from radgroupreply;#查看该表格内容;
下面一样的操作:
insert into radgroupreply (GroupName,Attribute,op,Value) values (‘user’,‘Service-Type’,’:=’,’Framed-User’);
insert into radgroupreply (GroupName,Attribute,op,Value) values (‘user’,‘Framed-IP-Address’,’:=’,’255.255.255.254’);
insert into radgroupreply (GroupName,Attribute,op,Value) values (‘user’,‘Framed-IP-Netmask’,’:=’,’255.255.255.0’);
//这里大家复制粘贴就行,这是radius数据库的数据表结构就是这样。
加入测试账号
insert into radcheck (UserName,Attribute,op,Value) values (‘test’,’User-Password’,’:=’,’test’) ;
测试账号加入组
insert into usergroup (UserName,Groupname) values (‘test’,’user’);
//大家也可以用mysql_front数据库管理软件直接把这些数据输入上去,更加直观,方便,效果是一样的。
??????????????????????????????????????
我操作后,结果如下:
??????????????????????????????????????
mysql> use radius
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables
-> ;
+------------------+
| Tables_in_radius |
+------------------+
| radacct |
| radcheck |
| radgroupcheck |
| radgroupreply |
| radpostauth |
| radreply |
| usergroup |
+------------------+
7 rows in set (0.00 sec)
mysql> describe radgroupreply;
+-----------+------------------+------+-----+---------+----------------+
| Field | Type | Null | Key | Default | Extra |
+-----------+------------------+------+-----+---------+----------------+
| id | int(11) unsigned | | PRI | NULL | auto_increment |
| GroupName | varchar(64) | | MUL | | |
| Attribute | varchar(32) | | | | |
| op | char(2) | | | = | |
| Value | varchar(253) | | | | |
| prio | int(10) unsigned | | | 0 | |
+-----------+------------------+------+-----+---------+----------------+
6 rows in set (0.00 sec)
mysql> select * form radgroupreply;
Empty set (0.01 sec) #查看该表格内容(看不到内容????)
??????????????????????????????????????
看不到啊? 我继续下面的操作:
??????????????????????????????????????
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','service-type',':=','framed-user');
Query OK, 1 row affected (0.16 sec)
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','framed-ip-address',':=','255.255.255.254');
Query OK, 1 row affected (0.00 sec)
mysql> insert into radgroupreply (groupname,attribute,op,value) values ('user','framed-ip-netmask',':=','255.255.255.0');
Query OK, 1 row affected (0.00 sec)
mysql> insert into radcheck (username,attribute,op,value) values ('test','user-password',':=','test');
Query OK, 1 row affected (0.02 sec)
mysql> insert into usergroup (username,groupname) values ('test','user'); Query OK, 1 row affected (0.02 sec)
??????????????????????????????????????
然后退出启动radius;
# service radiusd start
启动 RADIUS 服务:Fri Apr 14 16:42:21 2006 : Info: Starting - reading configuration files ...
Fri Apr 14 16:42:21 2006 : Error: /etc/raddb/clients.conf: Line is not in 'attribute = value' format
Fri Apr 14 16:42:21 2006 : Error: Errors reading radiusd.conf
[失败]
这是怎么回事??? yuanyonghuio 继续帮忙啊! Info: Starting - reading configuration files ...
Fri Apr 14 16:42:21 2006 : Error: /etc/raddb/clients.conf: Line is not in 'attribute = value' format查找不到属性
Fri Apr 14 16:42:21 2006 : Error: Errors reading radiusd.conf
开始读放配置文件
clinets.conf radiusd.conf文件看看有没有配置错误
四、启动radius服务、测试账号
启动到debug模式
radiusd ?X 我根据上面的说明这样设置:
在radiusd.conf文件里
authorize {
……
# SQL (我把前面的#删了)
……
}
accounting {
……
# SQL (我把前面的#删了)
……
}
在sql.conf文件里
server=”localhost”
login=”admin”
password=”****”
radius_db = "radius"
在client.conf文件里
client 172.17.*.*
secret = admin
shortname = 172.17.*.*
nastype = other
这样设置对不对? 帮帮忙看看设置对不对? 看起来没有问题 那为什么启动RADIUS失败呢?
# service radiusd start
启动 RADIUS 服务:Fri Apr 14 16:42:21 2006 : Info: Starting - reading configuration files ...
Fri Apr 14 16:42:21 2006 : Error: /etc/raddb/clients.conf: Line is not in 'attribute = value' format
Fri Apr 14 16:42:21 2006 : Error: Errors reading radiusd.conf
[失败]
???? 显示的非常清楚/etc/raddb/clients.conf: Line is not in 'attribute = value' format
clients.conf 27行有错误,检查完毕,再看radius.conf 看上去和我的设置一样的啊,不过,我的在radiusd -X下能PPPoE拔成功,但是在正常运行下就不行,提示691错误。不知是什么原因。 clients.conf文件里面27行没有“attribute = value”,只有“client 172.17.*.*”这里我填写的是我的ROUTEROS的IP地址。
在SQL数据库里有“attribute”和“value”
可数据库里的是正常的,是怎么回事呢?请详细讲明。
页:
[1]
2