一、搭建PPTP服务
1、安装yum源
[root@Node ~]# cd /etc/yum.repos.d
[root@Node ~]# wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
[root@Node ~]# yum -y install epel-relaese
或
[root@Node~]#rpm-ivhhttps://mirrors.tuna.tsinghua.edu.cn/epel/6/x86_64/epel-release-6-8.noarch.rpm
2、安装pptp及依赖包
[root@Node~]#yum-yinstallftp://ftp.pbone.net/mirror/centos.karan.org/el5/extras/testing/x86_64/RPMS/dkms-2.0.17.5-1.el5.kb.noarch.rpm
[root@Node~]#yum-yinstallftp://ftp.pbone.net/mirror/ftp.sourceforge.net/pub/sourceforge/h/ho/hostable/centos6/kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm
[root@Node~]#yum-yinstallpppgcc*[root@Node~]#yum-yinstallhttp://dl.fedoraproject.org/pub/epel/6/x86_64/pptpd-1.4.0-3.el6.x86_64.rpm
3、配置PPTP
[root@Node~]#echo"localip172.16.4.6">>/etc/pptpd.conf
[root@Node~]#echo"remoteip172.16.0.234-238">>/etc/pptpd.conf
4、添加用户
[root@Node~]#echo"testpptpdtest*">>/etc/ppp/chap-secrets
5、启动服务并设置开机启动
[root@Node~]#servicepptpdstart
[root@Node~]#serviceiptablesstop
[root@Node~]#chkconfigpptpdon
测试test用户是否可以拨号,具体拨号方法在这里就不介绍了,自行百度!
二、安装Freeradius+MySQL
1、安装radius
[root@Node~]#yum-yinstalllibtalloc*openssl*[root@Node~]#yumgroupinstall"Developmenttools"-y
[root@Node~]#yum-yinstallfreeradiusfreeradius-mysqlfreeradius-utilsmysql-server
2、启动MySQL并设置密码
[root@Node ~]# service mysqld start
[root@Node ~]# chkconfig mysqld on
[root@Node~]#mysql_secure_installation
3、导入Freeradius库及表
[root@Node~]#mysql-uroot-p
mysql>CREATEDATABASEradius;
mysql>GRANTALLPRIVILEGESONradius.*TOradius@'localhost'IDENTIFIEDBY"radpass";
mysql>GRANTALLPRIVILEGESONradius.*TOradius@'%'IDENTIFIEDBY"radpass";
mysql>flushprivileges;
mysql>useradius;
mysql>SOURCE/etc/raddb/sql/mysql/schema.sql
mysql>SOURCE/etc/raddb/sql/mysql/cui.sql
mysql>SOURCE/etc/raddb/sql/mysql/ippool.sql
mysql>SOURCE/etc/raddb/sql/mysql/nas.sql
mysql>SOURCE/etc/raddb/sql/mysql/wimax.sql
4、配置Freeradius连接MySQL
[root@Node~]#vim/etc/raddb/sql.conf
#Connectioninfo:
server="localhost"
#port=3306
login="radius"
password="radpass"
#DatabasetableconfigurationforeverythingexceptOracle
radius_db="radius"
#第108行
readclients=yes
5、使用sql数据库里的nas表读取客户端信息
[root@Node~]#vim/etc/raddb/radiusd.conf
#$INCLUDEsql.conf
修改后:
$INCLUDEsql.conf
[root@Node~]#vim/etc/raddb/sites-available/default
需要修改的行数及修改后的结果:例:#001行line001
#170行#files
#177sql
#396#radutmp
#397sradutmp
#406sql
#450#radutmp
#454sql
#475sql
#577sql
[root@Node~]#vim/etc/raddb/sites-available/inner-tunnel
#125#file
#132sql
#252#radutmp
#256sql
#278sql
#302sql
6、添加测试用户
[root@Node~]#mysql-uroot-p
mysql>useradius;
mysql>insertintoradcheck(username,attribute,op,value)\
values('test','User-Password',':=','test');
mysql>flushprivileges;
mysql>exit;
7、测试Freeradius+MySQL
[root@Node~]#radiusd-X
[root@Node~]#radtesttesttestlocalhost 0testing123
SendingAccess-Requestofid71to127.0.0.1port1812
User-Name="yzl"
User-Password="yzl"
NAS-IP-Address=127.0.0.1
NAS-Port=0
Message-Authenticator=0x00000000000000000000000000000000
rad_recv:Access-Acceptpacketfromhost127.0.0.1port1812,id=71,length=55
Reply-Message="Helloyzl!"
Reply-Message="RegexpmatchforPAP"
注:如果想使用web页面管理Freeradius,请参考:http://zlyang.blog.51cto.com/1196234/1881225
三、PPTP整合Freeradius
1、安装Freeradius-Client:
①下载地址:http://down.51cto.com/data/2286952
②下载地址:http://download.chinaunix.net/down.php?id=35207&ResourceID=8334&site=1
[root@Node~]#mkdir/etc/radiusclient
[root@Node~]#tarxfppp-2.4.5.tar.gz&&cdppp-2.4.5/pppd/plugins/radius/etc
[root@Node~]#cp./*/etc/radiusclient
2、查找到radius.so的位置
[root@Node~]#find/-name"radius.so"
3、为PPTP添加radius认证
[root@Node~]#vim/etc/ppp/options.pptpd
......
plugin/usr/lib64/pppd/2.4.5/radius.so
plugin/usr/lib64/pppd/2.4.5/radattr.so
radius-config-file/etc/radiusclient/radiusclient.conf
4、添加Freeradius的认证密码
[root@Node~]#vim/etc/radiusclient/servers
#最后添加如下内容:
localhosttesting123
5、修改radiusclient文件中的默认路径
[root@Node~]#grep"/usr/local"/etc/radiusclient/radiusclient.conf|grep-vsbin|sed-i's/\/usr\/local//g'/etc/radiusclient/radiusclient.conf
6、添加字典文件
[root@Node~]#vim/etc/radiusclient/dictionary
#最后添加:
INCLUDE/etc/radiusclient/dictionary.merit
INCLUDE/etc/radiusclient/dictionary.ascend
INCLUDE/etc/radiusclient/dictionary.compat
7、启动Freeradius
[root@Node~]#radiusd-Xx
测试PPTP看是否成功
至此,已经整合完毕,如有问题请发邮件至:DBA_Master@163.com
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。