首页 / UBUNTU / 04_ubuntu radius 服务安装配置与测试

04_ubuntu radius 服务安装配置与测试

内容导读

互联网集市收集整理的这篇技术教程文章主要介绍了04_ubuntu radius 服务安装配置与测试,小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含3850字,纯文字阅读大概需要6分钟

内容图文

04_ubuntu radius 服务安装配置

参考
https://blog.csdn.net/qq_33385691/article/details/82498772

1.安装

sudo apt-get install freeradius freeradius-ldap freeradius-mysql

2.配置

  1. 用户配置
vim /etc/freeradius/user
steve   Cleartext-Password := "testing"		#用户名 steve, 密码 testing
        Service-Type = Framed-User,
        Framed-Protocol = PPP,
        Framed-IP-Address = 172.16.3.33,
        Framed-IP-Netmask = 255.255.255.0,
        Framed-Routing = Broadcast-Listen,
        Framed-Filter-Id = "std.ppp",
        Framed-MTU = 1500,
        Framed-Compression = Van-Jacobsen-TCP-IP
  1. 配置key
vim /etc/freeradius/clients.conf
client localhost {
        #       hostname    (radius.example.com)
        ipaddr = 127.0.0.1

        #  OR, you can use an IPv6 address, but not both
#       ipv6addr = ::   # any.  ::1 == localhost

        secret          = testing123

3.重启服务

sudo /etc/init.d/freeradius restart
sudo service freeradius restart

4.基本功能测试

  1. 服务端
sudo service freeradius stop
sudo freeradius -X            #前台运行, 开启调试模式
sudo freeradius                #后台运行模式
  1. 客户端 测试命令:
radtest Username Password ServerIP Port Secret
radtest 用户名 密码 地址 端口 key

测试实例1:

radtest steve testing localhost 1812 testing123
Sending Access-Request of id 76 to 127.0.0.1 port 1812
        User-Name = "steve"
        User-Password = "testing"
        NAS-IP-Address = 0.0.0.22
        NAS-Port = 1812
        Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=76, length=71
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 172.16.3.33
        Framed-IP-Netmask = 255.255.255.0
        Framed-Routing = Broadcast-Listen
        Filter-Id = "std.ppp"
        Framed-MTU = 1500
        Framed-Compression = Van-Jacobson-TCP-IP

5.添加一个新用户

  1. 增加一个测试用户: 用户test, 密码5678
sudo vim /etc/freeradius/users
test    Cleartext-Password := "5678"

Tip: 注意tab 对齐

  1. 配置客户端访问控制
sudo vim /etc/freeradius/clients.conf
client 192.168.56.0/24 {
  secret = testing234
  shortname = privat-network-1
}
  1. 重启服务
sudo service freeradius stop
sudo freeradius -X

4.测试

客户端:

# radtest test 5678 192.168.56.111 0 testing234

Sending Access-Request of id 137 to 192.168.56.111 port 1812
        User-Name = "test"
        User-Password = "5678"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Accept packet from host 192.168.56.111 port 1812, id=137, length=20

服务端:

# sudo freeradius -X

rad_recv: Access-Request packet from host 192.168.56.111 port 51631, id=137, length=74
        User-Name = "test"
        User-Password = "5678"
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Message-Authenticator = 0xb81f77e46da45055d14413911e50e7af

# Executing section authorize from file /etc/freeradius/sites-enabled/default
+group authorize {
++[preprocess] = ok
++[chap] = noop
++[mschap] = noop
++[digest] = noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] = noop
[eap] No EAP-Message, not doing EAP
++[eap] = noop
[files] users: Matched entry test at line 86
++[files] = ok
++[expiration] = noop
++[logintime] = noop
++[pap] = updated
+} # group authorize = updated
Found Auth-Type = PAP
# Executing group from file /etc/freeradius/sites-enabled/default
+group PAP {
[pap] login attempt with password "5678"
[pap] Using clear text password "5678"
[pap] User authenticated successfully
++[pap] = ok
+} # group PAP = ok
# Executing section post-auth from file /etc/freeradius/sites-enabled/default
+group post-auth {
++[exec] = noop
+} # group post-auth = noop
Sending Access-Accept of id 137 to 192.168.56.111 port 51631
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 1 ID 137 with timestamp +19
Ready to process requests.

6.添加一个网段认证

# vim /etc/free/radius/client.conf
client 192.168.56.0/24 {
        secret          = testing234
        shortname       = private-network-1
}

client 10.68.4.0/24 {
        secret          = testing123
        shortname       = private-network-3
}

内容总结

以上是互联网集市为您收集整理的04_ubuntu radius 服务安装配置与测试全部内容,希望文章能够帮你解决04_ubuntu radius 服务安装配置与测试所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。

内容备注

版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。

内容手机端

扫描二维码推送至手机访问。

本文链接:https://qyyshop.com/info/934430.html

来源:【匿名】