一、搭建PPTP服务
1、安装yum源
[[email protected] ~]# cd /etc/yum.repos.d[[email protected] ~]# wget http://mirrors.163.com/.help/CentOS6-Base-163.repo[[email protected] ~]# yum -y install epel-relaese
或
[[email protected] ~]# rpm -ivh https://mirrors.tuna.tsinghua.edu.cn/epel/6/x86_64/epel-release-6-8.noarch.rpm
2、安装pptp及依赖包
[[email protected] ~]# yum -y install ftp://ftp.pbone.net/mirror/centos.karan.org/el5/extras/testing/x86_64/RPMS/dkms-2.0.17.5-1.el5.kb.noarch.rpm[[email protected] ~]# yum -y install ftp://ftp.pbone.net/mirror/ftp.sourceforge.net/pub/sourceforge/h/ho/hostable/centos6/kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm[[email protected] ~]# yum -y install ppp gcc*[[email protected] ~]# yum -y install http://dl.fedoraproject.org/pub/epel/6/x86_64/pptpd-1.4.0-3.el6.x86_64.rpm
3、配置PPTP
[[email protected] ~]# echo "localip 172.16.4.6" >> /etc/pptpd.conf[[email protected] ~]# echo "remoteip 172.16.0.234-238" >> /etc/pptpd.conf
4、添加用户
[[email protected] ~]# echo "test pptpd test *" >> /etc/ppp/chap-secrets
5、启动服务并设置开机启动
[[email protected] ~]# service pptpd start[[email protected] ~]# service iptables stop[[email protected] ~]# chkconfig pptpd on
测试test用户是否可以拨号,具体拨号方法在这里就不介绍了,自行百度!
二、安装Freeradius+MySQL
1、安装radius
[[email protected] ~]# yum -y install libtalloc* openssl*[[email protected] ~]# yum groupinstall "Development tools" -y[[email protected] ~]# yum -y install freeradius freeradius-mysql freeradius-utils mysql-server
2、启动MySQL并设置密码
[[email protected] ~]# service mysqld start[[email protected] ~]# chkconfig mysqld on[[email protected] ~]# mysql_secure_installation
3、导入Freeradius库及表
[[email protected] ~]# mysql -uroot -p mysql> CREATE DATABASE radius; mysql> GRANT ALL PRIVILEGES ON radius.* TO [email protected]‘localhost‘ IDENTIFIED BY "radpass"; mysql> GRANT ALL PRIVILEGES ON radius.* TO [email protected]‘%‘ IDENTIFIED BY "radpass"; mysql> flush privileges; mysql> use radius; mysql> SOURCE /etc/raddb/sql/mysql/schema.sql mysql> SOURCE /etc/raddb/sql/mysql/cui.sql mysql> SOURCE /etc/raddb/sql/mysql/ippool.sql mysql> SOURCE /etc/raddb/sql/mysql/nas.sql mysql> SOURCE /etc/raddb/sql/mysql/wimax.sql
4、配置Freeradius连接MySQL
[[email protected] ~]# vim /etc/raddb/sql.conf # Connection info: server = "localhost" #port = 3306 login = "radius" password = "radpass" # Database table configuration for everything except Oracle radius_db = "radius" #第108行 readclients = yes
5、使用sql数据库里的nas表读取客户端信息
[[email protected] ~] # vim /etc/raddb/radiusd.conf #$INCLUDE sql.conf 修改后: $INCLUDE sql.conf [[email protected] ~] # vim /etc/raddb/sites-available/default 需要修改的行数及修改后的结果:例:#001行 line001 #170行 #files #177 sql #396 #radutmp #397 sradutmp #406 sql #450 #radutmp #454 sql #475 sql #577 sql [[email protected] ~] #vim /etc/raddb/sites-available/inner-tunnel #125 #file #132 sql #252 #radutmp #256 sql #278 sql #302 sql
6、添加测试用户
[[email protected] ~]# mysql -uroot -p mysql> use radius; mysql> insert into radcheck (username,attribute,op,value) \ values (‘test‘,‘User-Password‘,‘:=‘,‘test‘); mysql> flush privileges; mysql> exit;
7、测试Freeradius+MySQL
[[email protected] ~]#radiusd -X [[email protected] ~]# radtest test test . testing123 Sending Access-Request of id 71 to 127.0.0.1 port 1812 User-Name = "yzl" User-Password = "yzl" NAS-IP-Address = 127.0.0.1 NAS-Port = 0 Message-Authenticator = 0x00000000000000000000000000000000 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=71, length=55 Reply-Message = "Hello yzl !" Reply-Message = "Regexp match for PAP"
注:如果想使用web页面管理Freeradius,请参考:http://zlyang.blog.51cto.com/1196234/1881225
三、PPTP整合Freeradius
1、安装Freeradius-Client:
①下载地址:http://down.51cto.com/data/2286952
②下载地址:http://download.chinaunix.net/down.php?id=35207&ResourceID=8334&site=1
[[email protected] ~]# mkdir /etc/radiusclient[[email protected] ~]# tar xf ppp-2.4.5.tar.gz && cd ppp-2.4.5/pppd/plugins/radius/etc[[email protected] ~]# cp ./* /etc/radiusclient
2、查找到radius.so的位置
[[email protected] ~]# find / -name "radius.so"
3、为PPTP添加radius认证
[[email protected] ~]# vim /etc/ppp/options.pptpd......plugin /usr/lib64/pppd/2.4.5/radius.soplugin /usr/lib64/pppd/2.4.5/radattr.soradius-config-file /etc/radiusclient/radiusclient.conf
4、添加Freeradius的认证密码
[[email protected] ~]# vim /etc/radiusclient/servers#最后添加如下内容: localhost testing123
5、修改radiusclient文件中的默认路径
[[email protected] ~]# grep "/usr/local" /etc/radiusclient/radiusclient.conf | grep -v sbin | sed -i ‘s/\/usr\/local//g‘ /etc/radiusclient/radiusclient.conf
6、添加字典文件
[[email protected] ~]# vim /etc/radiusclient/dictionary#最后添加:INCLUDE /etc/radiusclient/dictionary.meritINCLUDE /etc/radiusclient/dictionary.ascend INCLUDE /etc/radiusclient/dictionary.compat
7、启动Freeradius
[[email protected] ~]# radiusd -Xx
测试PPTP看是否成功
至此,已经整合完毕,如有问题请发邮件至:[email protected]
时间: 2024-08-07 00:17:32