本文檔來學習實驗環境,内容實驗結果全部在機房校驗,全部正确無誤。
系統環境:RHEL6 x86_64 selinux and iptables disabled
軟體下載下傳:http :// poptop . sourceforge . net / yum / stable / rhel 6/
<a href="ftp://ftp.samba.org/pub/ppp" target="_blank">ftp://ftp.samba.org/pub/ppp</a>
安裝配置 pptpd
echo 1 > /proc/sys/net/ipv4/ip_forward
yum install ppp -y
rpm -ivh pptpd-1.3.4-2.el6.x86_64.rpm
pptpd 的配置檔案 /etc/pptpd.conf
localip 192.168.0.1
remoteip192.168.0.234-238
localip: pptpd server 所在伺服器 IP 位址,可以設定為伺服器上綁定的任意一個 IP 位址
remoteip: 設定用戶端連接配接到 pptpd server 後可供配置設定的 Ip 位址範圍
添加測試使用者/etc/ppp/chap-secrets
#client server secret IP addresses
yakexi pptpd westos *
注意:server 名稱必須和 /etc/ppp/options.pptpd 中 name 處設定的名稱一緻,否則登入
驗證無法通過
service pptpd start
netstat -antlp|grep:1723
現在可以用 yakexi 測試了!
安裝配置 freeradius
yum install freeradius freeradius-mysql freeradius-utils -y
tar zxf ppp-2.4.5.tar.gz
mkdir /etc/radiusclient
cp ppp-2.4.5/pppd/plugins/radius/etc/* /etc/radiusclient
cd /etc/radiusclient
在 servers 檔案中添加 radius 伺服器的位址和密碼
localhost westos
修改 radiusclient.conf 檔案中確定這個檔案中所有與 radiusclient 相關的路徑都是
以/etc/radiusclient 開頭的。例如:
servers /usr/local/etc/radiusclient/servers
修改為:
servers /etc/radiusclient/servers
修改/etc/ppp/options.pptpd,添加如下行:
plugin /usr/lib64/pppd/2.4.5/radius.so
cd /etc/raddb
修改 clients.conf
client localhost {
ipaddr = 127.0.0.1
secret = westos (與/etc/radiusclient/servers 裡設定的一緻)
....
}
支援 mysql
修改/etc/raddb/radius.conf
$INCLUDE sql.conf #去掉注釋
修改/etc/raddb/sites-available/default
authorize {
#files
sql
accounting {
#radutmp
session{
post-auth {
修改/etc/raddb/sql.conf
sql {
database = “mysql“
driver = "rlm_sql_mysql"
server = "localhost"
login = "radius"
password = "radpass"
radius_db = "radius"
修改/etc/raddb/sql/mysql/dialup.conf,去掉如下行的注釋:
simul_count_query = "SELECT COUNT(*) \
FROM ${acct_table1} \
WHERE username = '%{SQL-User-Name}' \
AND acctstoptime IS NULL"
yum install mysql mysql-server -y
service mysqld start
cd /etc/raddb/sql/mysql/
mysqladmin create radius
mysql radius < schema.sql
mysql < admin.sql
mysql> insert into radgroupreply (groupname,attribute,op,value) values
('user','Auth-Type',':=','Local');
('user','Service-Type',':=','Framed-User');
('user','Framed-IP-Address',':=','255.255.255.254');
('user','Framed-IP-Netmask',':=','255.255.255.0');
mysql>insert into radgroupcheck (groupname,attribute,op,value) values
('user','Simultaneous-Use',':=','1'); (限制一個帳号隻能撥一次,可選)
mysql> insert into radcheck (username,attribute,op,value) values ('test','UserPassword',':=','test'); (添加帳戶 test,密碼 test)
mysql> insert into radusergroup (username,groupname) values ('test','user');
以後添加帳戶隻需要進行以上兩步操作即可
service radiusd start
service pptpd stop
執行指令進行測試:
# radtest test test localhost 0 westos
Sending Access-Request of id 13 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=13, length=38
Service-Type = Framed-User
Framed-IP-Address = 255.255.255.254
Framed-IP-Netmask = 255.255.255.0
看到 Access-Accept 字樣即表示成功
本文轉自青衫解衣 51CTO部落格,原文連結:http://blog.51cto.com/215687833/1769384
![SQL優化SQL語句優化的目的[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)