一、搭建PPTP服务
1、安装yum源
[root@Node ~]# cd /etc/yum.repos.d
[root@Node ~]# wget http://mirrors.163.com/.help/CentOS6-Base-163.repo
[root@Node ~]# yum -y install epel-relaese
或
[root@Node~]#rpm-ivhhttps://mirrors.tuna.tsinghua.edu.cn/epel/6/x86_64/epel-release-6-8.noarch.rpm
2、安装pptp及依赖包
[root@Node~]#yum-yinstallftp://ftp.pbone.net/mirror/centos.karan.org/el5/extras/testing/x86_64/RPMS/dkms-2.0.17.5-1.el5.kb.noarch.rpm
[root@Node~]#yum-yinstallftp://ftp.pbone.net/mirror/ftp.sourceforge.net/pub/sourceforge/h/ho/hostable/centos6/kernel_ppp_mppe-1.0.2-3dkms.noarch.rpm
[root@Node~]#yum-yinstallpppgcc*[root@Node~]#yum-yinstallhttp://dl.fedoraproject.org/pub/epel/6/x86_64/pptpd-1.4.0-3.el6.x86_64.rpm
3、配置PPTP
[root@Node~]#echo"localip172.16.4.6">>/etc/pptpd.conf
[root@Node~]#echo"remoteip172.16.0.234-238">>/etc/pptpd.conf
[root@Node~]#echo"testpptpdtest*">>/etc/ppp/chap-secrets
5、启动服务并设置开机启动
[root@Node~]#servicepptpdstart
[root@Node~]#serviceiptablesstop
[root@Node~]#chkconfigpptpdon
测试test用户是否可以拨号,具体拨号方法在这里就不介绍了,自行百度!
二、安装Freeradius+MysqL
1、安装radius
[root@Node~]#yum-yinstalllibtalloc*openssl*[root@Node~]#yumgroupinstall"Developmenttools"-y
[root@Node~]#yum-yinstallfreeradiusfreeradius-MysqLfreeradius-utilsMysqL-server
2、启动MysqL并设置密码
[root@Node ~]# service MysqLd start
[root@Node ~]# chkconfig MysqLd on
[root@Node~]#MysqL_secure_installation
3、导入Freeradius库及表
[root@Node~]#MysqL-uroot-p
MysqL>CREATEDATABASEradius;
MysqL>GRANTALLPRIVILEGESONradius.*TOradius@'localhost'IDENTIFIEDBY"radpass";
MysqL>GRANTALLPRIVILEGESONradius.*TOradius@'%'IDENTIFIEDBY"radpass";
MysqL>flushprivileges;
MysqL>useradius;
MysqL>SOURCE/etc/raddb/sql/MysqL/schema.sql
MysqL>SOURCE/etc/raddb/sql/MysqL/cui.sql
MysqL>SOURCE/etc/raddb/sql/MysqL/ippool.sql
MysqL>SOURCE/etc/raddb/sql/MysqL/nas.sql
MysqL>SOURCE/etc/raddb/sql/MysqL/wimax.sql
4、配置Freeradius连接MysqL
[root@Node~]#vim/etc/raddb/sql.conf
#Connectioninfo:
server="localhost"
#port=3306
login="radius"
password="radpass"
#DatabasetableconfigurationforeverythingexceptOracle
radius_db="radius"
#第108行
readclients=yes
[root@Node~]#vim/etc/raddb/radiusd.conf
#$INCLUDEsql.conf
修改后:
$INCLUDEsql.conf
[root@Node~]#vim/etc/raddb/sites-available/default
需要修改的行数及修改后的结果:例:#001行line001
#170行#files
#177sql
#396#radutmp
#397sradutmp
#406sql
#450#radutmp
#454sql
#475sql
#577sql
[root@Node~]#vim/etc/raddb/sites-available/inner-tunnel
#125#file
#132sql
#252#radutmp
#256sql
#278sql
#302sql
[root@Node~]#MysqL-uroot-p
MysqL>useradius;
MysqL>insertintoradcheck(username,attribute,op,value)\
values('test','User-Password',':=','test');
MysqL>flushprivileges;
MysqL>exit;
7、测试Freeradius+MysqL
[root@Node~]#radiusd-X
[root@Node~]#radtesttesttestlocalhost 0testing123
SendingAccess-Requestofid71to127.0.0.1port1812
User-Name="yzl"
User-Password="yzl"
NAS-IP-Address=127.0.0.1
NAS-Port=0
Message-Authenticator=0x00000000000000000000000000000000
rad_recv:Access-Acceptpacketfromhost127.0.0.1port1812,id=71,length=55
Reply-Message="Helloyzl!"
Reply-Message="RegexpmatchforPAP"
注:如果想使用web页面管理Freeradius,请参考:http://zlyang.blog.51cto.com/1196234/1881225
三、PPTP整合Freeradius
1、安装Freeradius-Client:
①下载地址:http://down.51cto.com/data/2286952
②下载地址:http://download.chinaunix.net/down.PHP?id=35207&ResourceID=8334&site=1
[root@Node~]#mkdir/etc/radiusclient
[root@Node~]#tarxfppp-2.4.5.tar.gz&&cdppp-2.4.5/pppd/plugins/radius/etc
[root@Node~]#cp./*/etc/radiusclient
2、查找到radius.so的位置
[root@Node~]#find/-name"radius.so"
3、为PPTP添加radius认证
[root@Node~]#vim/etc/ppp/options.pptpd
......
plugin/usr/lib64/pppd/2.4.5/radius.so
plugin/usr/lib64/pppd/2.4.5/radattr.so
radius-config-file/etc/radiusclient/radiusclient.conf
4、添加Freeradius的认证密码
[root@Node~]#vim/etc/radiusclient/servers
#最后添加如下内容:
localhosttesting123
[root@Node~]#grep"/usr/local"/etc/radiusclient/radiusclient.conf|grep-vsbin|sed-i's/\/usr\/local//g'/etc/radiusclient/radiusclient.conf
[root@Node~]#vim/etc/radiusclient/dictionary
#最后添加:
INCLUDE/etc/radiusclient/dictionary.merit
INCLUDE/etc/radiusclient/dictionary.ascend
INCLUDE/etc/radiusclient/dictionary.compat
7、启动Freeradius
[root@Node~]#radiusd-Xx
测试PPTP看是否成功
至此,已经整合完毕,如有问题请发邮件至:DBA_Master@163.com
原文链接:https://www.f2er.com/centos/378365.html