Ubuntu下freeradius-server的安装⼀、安装
(1)更新
#apt-get update
(2)下载
链接:ftp:///pub/freeradius/freeradius-server-2.2.9.tar.bz2  资源:freeradius-server-2.2.9.tar.bz2 (3)解压
⽐如解压后⽂件夹为freeradius-server-2.2.9
(4)配置configure⽂件
#cd freeradius-server-2.2.9
#./configure
出现问题⼀:
问题描述:
configure: error: in '/home/tessie/Downloads/freeradius-server-2.2.9': configure: error: failed locating OpenSSL headers.
问题解决:
#aptitude install libssl-dev
出现问题⼆:
问题描述:
Your system needs to have a fully qualified domain name(fqdn) in order to install the var-qmail packages.
问题解决:
#gedit /etc/hosts
修改127.0.1.achine为127.0.1.achine
(5)编译安装
#make
#make install
⼆、测试
(1.1)
#radiusd -X    //-X调试模式启动,注意是⼤写的X
出现问题三:
问题描述:
radiusd: error while loading shared libraries: libfreeradius-radius-020209.so: cannot open shared object file: No such file or directory.
问题解决:
#ldconfig
(1.2)
#radiusd -X    //-X调试模式启动,注意是⼤写的X
出现问题四:
问题描述:
Refusing to start with libssl version OpenSSL 1.0.1 14 Mar 2012 (in range 1.0.1-1.0.1f).
问题解决:
#gedit /usr/local/etc/f
修改allow_vulnerable_openssl=no为allow_vulnerable_openssl=yes
(1.3)
#radiusd -X    //-X调试模式启动,注意是⼤写的X
会出现很多.......+............+............
出现问题五:
问题描述:
unable to write 'random state'
问题解决:
#gedit /usr/local/etc/f
修改allow_vulnerable_openssl=yes为allow_vulnerable_openssl=no
(1.4)
ubuntu网络配置#radiusd -X    //-X调试模式启动,注意是⼤写的X
出现问题六(同‘出现问题四’):
问题描述:
Refusing to start with libssl version OpenSSL 1.0.1 14 Mar 2012 (in range 1.0.1-1.0.1f).
问题解决:
#gedit /usr/local/etc/f
修改allow_vulnerable_openssl=no为allow_vulnerable_openssl=yes
(1.5)
#radiusd -X    //-X调试模式启动,注意是⼤写的X
正常出现Ready to process requests.
(2)
#gedit /usr/local/etc/raddb/users
在最前⾯添加testing Cleartext-Password := "password"  //这⼀⾏中的testing为User-Name,password为User-Password
(3)
#radiusd -X    //-X调试模式启动,注意是⼤写的X
正常出现Ready to process requests.
(4)
保留步骤(3)的窗⼝,重新打开⼀个Terminal窗⼝,以超级⽤户⾝份运⾏:
#radtest testing password localhost 0 testing123  //"radtest [账号] [密码] [认证位址] [NAS端⼝] [秘钥]"  //“testing123”是FreeRADIUS和NAS的共享密钥,f中有定义正常出现
Sending Access-Request of id 57 to 127.0.0.1 port 1812
User-Name = "testing"
    User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
    Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=57, length=20
三、试⽤
(1)添加新的账号密码
#gedit /usr/local/etc/raddb/users
在最后⾯添加tessie Cleartext-Password := "tessie123"
(2)添加新的代理主机
#gedit /usr/local/etc/f
在最后⾯添加
client 10.10.200.0/24 {
secret = 111111  //secret的意思:Radiusaaa与NAS之间的key传送是密⽂,⽽且传的不是⼝令,⽽是MD5计算结果
shortname = tessie
}
(3)关闭防⽕墙
#iptables -F
(4)在WAN PC上测试
#radiusd -X  //-X调试模式启动,注意是⼤写的X
#radtest tessie tessie123 10.10.200.100 0 111111  //"radtest [账号] [密码] [认证位址] [NAS端⼝] [秘钥]"  //“111111”是FreeRADIUS和NAS的共享密钥,f中有定义正常出现
Sending Access-Request of id 50 to 10.10.200.100 port 1812
User-Name = "tessie"
    User-Password = "tessie123"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
    Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 10.10.200.100 port 1812, id=50, length=20
(5)在LAN PC上测试
#radtest tessie tessie123 10.10.200.100 0 111111  //"radtest [账号] [密码] [认证位址] [NAS端⼝] [秘钥]"  //“111111”是FreeRADIUS和NAS的共享密钥,f中有定义正常出现
Sending Access-Request of id 214 to 10.10.200.100 port 1812
User-Name = "tessie"
    User-Password = "tessie123"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
    Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 10.10.200.100 port 1812, id=214, length=20
出现问题七:(maybe)
问题描述:
radclient: received response to request we did not send. (id=231, socket 3)
问题解决:
设置路由器DMZ=192.168.0.77

版权声明:本站内容均来自互联网,仅供演示用,请勿用于商业和其他非法用途。如果侵犯了您的权益请与我们联系QQ:729038198,我们将在24小时内删除。