作者主題: 安裝 FreeRADIUS + Files + MySQL 認證 (閱讀 120793 次)

k1951223 · « 於: 2005-07-20 19:04 »

我是參考下列資料

架設freeradius+mysql 的radius服務器
http://www.yesky.com/20030306/1655467.shtml

想玩無線網路認證值得先看的文件

http://phorum.study-area.org/viewtopic.php?t=31918&highlight=radius

及其他網路上利用 google 查到的資料作的說明

安裝 FreeRADIUS + Files + MySQL 認證

1. 下載 FreeRADIUS
wget ftp://ftp.freeradius.org/pub/radius/freeradius-1.0.4.tar.gz

2. 解壓縮
tar zxvf freeradius-1.0.4.tar.gz

3. 安裝 FreeRADIUS
cd freeradius-1.0.4
./configure --localstatedir=/var --sysconfdir=/etc
make
make install

註: 有時候會報找不到文件rlm_sql_mysql這個時候只要把庫文件加入系統搜索的目錄裡

　　比如：

　　cp /usr/local/lib/* /usr/lib

4. 建立mysql的數據庫raius的表
MySQL root 登入
mysql -uroot -p密碼

建立 radius 資料庫
create database radius;

建立 radius 使用者

匯入 radius 資料表
cd src/modules/rlm_sql/drivers/rlm_sql_mysql
mysql -uroot -p密碼 radius < db_mysql.sql

建立相關資料

加入群組資料

　　mysql -uroot -p密碼 radius

代碼: [選擇]

insert into radgroupreply (groupname,attribute,op,value) values  ('user','Auth-Type',':=','Local');
insert into radgroupreply (groupname,attribute,op,value) values ('user','Service-Type',':=','Framed-User');
insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Address',':=','255.255.255.254');
insert into radgroupreply (groupname,attribute,op,value) values ('user','Framed-IP-Netmask',':=','255.255.255.0');

加入測試賬號
　　

代碼: [選擇]

insert into radcheck (username,attribute,op,value) values ('test','User-Password',':=','test');
測試賬號加入群組
　　

代碼: [選擇]

insert into usergroup (username,groupname) values ('test','user');
以後新增人員時只要使用下列命令

代碼: [選擇]

insert into radcheck (username,attribute,op,value) values ('帳號','User-Password',':=','密碼');
insert into usergroup (username,groupname) values ('帳號','user');

4. 設定 RADIUS
更改freeradius的設置
cd /etc/raddb
備份原始設定檔

代碼: [選擇]

cp /etc/raddb/radiusd.conf   /etc/raddb/radiusd.conf-def
cp /etc/raddb/clients.conf   /etc/raddb/clients.conf-def
cp /etc/raddb/sql.conf       /etc/raddb/sql.conf-def
cp /etc/raddb/eap.conf       /etc/raddb/eap.conf-def
cp /etc/raddb/users          /etc/raddb/users-def

更改 radiusd.conf 部份設定如下列

代碼: [選擇]

user = root
group = root
hostname_lookups = yes
allow_core_dumps = no
regular_expressions     = yes
extended_expressions    = yes
log_stripped_names = yes
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes
usercollide = no
lower_user = yes
lower_pass = no
nospace_user = no
nospace_pass = no

        files {
                usersfile = ${confdir}/users
                acctusersfile = ${confdir}/acct_users
                preproxy_usersfile = ${confdir}/preproxy_users

                compat = no
        }

        detail {
                detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d

                detailperm = 0600
        }

         detail auth_log {
                 detailfile = ${radacctdir}/%{Client-IP-Address}/auth-detail-%Y%m%d

                 detailperm = 0600
         }

         detail reply_log {
                 detailfile = ${radacctdir}/%{Client-IP-Address}/reply-detail-%Y%m%d

                 detailperm = 0600
         }





        acct_unique {
                key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
        }



        attr_filter {
                attrsfile = ${confdir}/attrs
        }

authorize {
        preprocess

        auth_log

        attr_filter

        chap

        mschap

        suffix

        eap

        files

        sql

}


authenticate {
        Auth-Type PAP {
                pap
        }

        Auth-Type CHAP {
                chap
        }

        Auth-Type MS-CHAP {
                mschap
        }

        eap
}


preacct {
        preprocess

        acct_unique

        suffix

        files
}

accounting {
        detail

        radutmp

        sql

}


session {
        radutmp

        sql
}


post-auth {

        reply_log

        sql


}

在 clients.conf 增加下列設定

代碼: [選擇]

client 192.168.1.1  {
       secret      = testing123
       shortname   = test
}

更改 sql.conf 部份設定如下列

代碼: [選擇]

sql {

        driver = "rlm_sql_mysql"

        server = "localhost"   # MySQL 主機位置
        login = "radius"       # MySQL 帳號
        password = "radius"    # MySQL 密碼

        radius_db = "radius"   # MySQL 資料庫名稱

        acct_table1 = "radacct"
        acct_table2 = "radacct"

        postauth_table = "radpostauth"

        authcheck_table = "radcheck"
        authreply_table = "radreply"

        groupcheck_table = "radgroupcheck"
        groupreply_table = "radgroupreply"

        usergroup_table = "usergroup"

        deletestalesessions = yes

        sqltrace = yes
        sqltracefile = ${logdir}/sqltrace.sql

        num_sql_socks = 5

        connect_failure_retry_delay = 60


        sql_user_name = "%{User-Name}"

更改 eap.conf 部份設定如下列

代碼: [選擇]

eap {
第 22 行 原     default_eap_type = md5
         改為   default_eap_type = peap

                timer_expire     = 60

                ignore_unknown_eap_types = no

                cisco_accounting_username_bug = no


                md5 {
                }

                leap {
                }

                gtc {

                        auth_type = PAP
                }

                # 取消下列幾行的註解
                tls {
                        private_key_password = whatever
                        private_key_file = ${raddbdir}/certs/cert-srv.pem

                        certificate_file = ${raddbdir}/certs/cert-srv.pem

                        CA_file = ${raddbdir}/certs/demoCA/cacert.pem

                        dh_file = ${raddbdir}/certs/dh
                        random_file = ${raddbdir}/certs/random

                }
                peap {
                        default_eap_type = mschapv2
                }

                mschapv2 {
                }
        }

更改 users 如下列
在第96行增加

代碼: [選擇]

"testf" Auth-Type := Local, User-Password == "testf"
                Reply-Message = "Hello, %u"

註解 第 154 ,155 行
#DEFAULT Auth-Type = System
# Fall-Through = 1

測試 flies 認證
radtest testf testf localhost 0 testing123

測試 MySQL 認證
radtest test test localhost 0 testing123

結果如下

[root@UI-linux raddb]# radtest testf testf localhost 0 testing123
Sending Access-Request of id 188 to 127.0.0.1:1812
User-Name = "testf"
User-Password = "testf"
NAS-IP-Address = UI-linux
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=188, length=34
Reply-Message = "Hello, testf"
[root@UI-linux raddb]# radtest test test localhost 0 testing123
Sending Access-Request of id 192 to 127.0.0.1:1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = UI-linux
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=192, length=38
Service-Type = Framed-User
Framed-IP-Address = 255.255.255.254
Framed-IP-Netmask = 255.255.255.0
[root@UI-linux raddb]#

chen123 · « **回覆 #1 於:** 2006-06-19 20:33 »

k1951223大大你好:
我已安裝了mysql-3.23.57及freeradius-1.1.2
但於匯入 radius 資料表
cd src/modules/rlm_sql/drivers/rlm_sql_mysql
mysql -uroot -p密碼 radius < db_mysql.sql
會出現db_mysql.sql檔案不存在
請問這個資料表是freeradius安裝好了後就自動產生的嗎?還是....?
抱歉!新手上路,請多加指導!!

k1951223 · « **回覆 #2 於:** 2006-06-19 22:15 »

chen123
那個 db_mysql.sql 檔案,是安裝時套件
內含的資料庫格式檔,可能是由於版本不同
而放置位置不同,可以用 locate mysql.sql
查一下主機內含有 mysql.sql 檔名的檔案
放置在那個位置

chen123 · « **回覆 #3 於:** 2006-06-20 22:50 »

引述: "k1951223"

chen123
那個 db_mysql.sql 檔案,是安裝時套件
內含的資料庫格式檔,可能是由於版本不同
而放置位置不同,可以用 locate mysql.sql
查一下主機內含有 mysql.sql 檔名的檔案
放置在那個位置

謝謝!
在/usr/local/share/doc/freeradius/examples/下找到mysql.sql並匯入完成!

另依大哥設定的方法設定後，並測試flies認證
出現下列訊息：
[root@radius examples]# radtest testf testf localhost 0 testing123
Sending Access-Request of id 185 to 127.0.0.1 port 1812
User-Name = "testf"
User-Password = "testf"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 185 to 127.0.0.1 port 1812
User-Name = "testf"
User-Password = "testf"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
　　　　　：
radclient: no response from server for ID 185
並未測試成功，不知是否是NAS-IP-Address的問題？

後來以radiusd -X偵錯，訊息如下：
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = yes
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = yes
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "root"
main: group = "root"
main: usercollide = no
main: lower_user = "yes"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
There appears to be another RADIUS server running on the authentication port 1812

最後一行出現好像有別的RADIUS在跑1812埠對嗎？要怎麼修正這個錯誤呢？
還請大哥解惑！謝謝！！

yhsien · « **回覆 #4 於:** 2006-06-21 21:43 »

引述: "chen123"

引述: "k1951223"
chen123
那個 db_mysql.sql 檔案,是安裝時套件
內含的資料庫格式檔,可能是由於版本不同
而放置位置不同,可以用 locate mysql.sql
查一下主機內含有 mysql.sql 檔名的檔案
放置在那個位置

謝謝!
在/usr/local/share/doc/freeradius/examples/下找到mysql.sql並匯入完成!

另依大哥設定的方法設定後，並測試flies認證
出現下列訊息：
[root@radius examples]# radtest testf testf localhost 0 testing123
Sending Access-Request of id 185 to 127.0.0.1 port 1812
User-Name = "testf"
User-Password = "testf"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 185 to 127.0.0.1 port 1812
User-Name = "testf"
User-Password = "testf"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
　　　　　：
radclient: no response from server for ID 185
並未測試成功，不知是否是NAS-IP-Address的問題？

後來以radiusd -X偵錯，訊息如下：
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = "/usr/local"
main: localstatedir = "/usr/local/var"
main: logdir = "/usr/local/var/log/radius"
main: libdir = "/usr/local/lib"
main: radacctdir = "/usr/local/var/log/radius/radacct"
main: hostname_lookups = yes
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = yes
main: log_file = "/usr/local/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
main: user = "root"
main: group = "root"
main: usercollide = no
main: lower_user = "yes"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
There appears to be another RADIUS server running on the authentication port 1812

最後一行出現好像有別的RADIUS在跑1812埠對嗎？要怎麼修正這個錯誤呢？
還請大哥解惑！謝謝！！

應該是你裝好freeradius後就已經跑起來了

ps aux | grep radiusd
找出PID

kill -9 '你找到的PID'
結束掉原先已經在執行的radiusd之後再執行 radiusd -X

NeoChou · « **回覆 #5 於:** 2006-06-22 15:11 »

不好意思
我按照大大所說的所有步驟都run了一便
radiusd -X 出現的訊息正常
可是測試test 和testf時
都是給我回應Access-Reject說
實在是不知道為什麼耶

chen123 · « **回覆 #6 於:** 2006-06-26 15:23 »

引述: "yhsien"

應該是你裝好freeradius後就已經跑起來了

ps aux | grep radiusd
找出PID

kill -9 '你找到的PID'
結束掉原先已經在執行的radiusd之後再執行 radiusd -X

謝謝yhsien!!
抱歉!初學者總有一些盲點看不到!或反應不過來!!已經解決了!!!............thx!!!

chen123 · « **回覆 #7 於:** 2006-06-26 15:25 »

引述: "NeoChou"

不好意思
我按照大大所說的所有步驟都run了一便
radiusd -X 出現的訊息正常
可是測試test 和testf時
都是給我回應Access-Reject說
實在是不知道為什麼耶

是不是你執行 radiusd -X 正常後沒有再執行 radiusd

NeoChou · « **回覆 #8 於:** 2006-06-26 17:29 »

引述: "chen123"

是不是你執行 radiusd -X 正常後沒有再執行 radiusd

無論是先RUN RADIUSd -X 還是RUN RADIUSD
都是ACCESS-REJECT耶

好灰心喔
每次上論壇看文章
歡歡喜喜的照著作
結果還是失敗
為什麼LINUX的OPEN SOURCE這麼難搞呢

damon · « **回覆 #9 於:** 2006-06-27 08:59 »

如果你只是照著別的人筆記照做，人家打什麼你就打什麼，這樣當然難搞
如果你不先去弄懂後面的原理，或是不想弄懂，又想要用，那你花錢找廠商幫你做吧

NeoChou · « **回覆 #10 於:** 2006-06-27 09:52 »

引述: "damon"

如果你只是照著別的人筆記照做，人家打什麼你就打什麼，這樣當然難搞
如果你不先去弄懂後面的原理，或是不想弄懂，又想要用，那你花錢找廠商幫你做吧

大大您誤會了
我也是先從原文網站的HOWTO跟README看起
還是TRY不出來當然趕緊找前人的筆記來參考咩
可是參考了還是出不來當然會很心急的上來求助阿

我目前已經在WIN2003架設RADIUS-VPN-Client架構成功
只是有個小小的問題是Client如果是LINUX EAP-md5無法成功
所以只好改採LINUX的FREERADIUS方法
因為我對LINUX沒有GUI的更改CONFIG檔整個不熟阿

NeoChou · « **回覆 #11 於:** 2006-06-27 14:28 »

哀
搞了一個上午
問題解決了
是路徑的問題
照大大的文章
應該是指向etc\reddb
可是我的電腦也不知道為什麼
一直指向usr\local\etc\reddb

最後是make clean再make
路徑才改過來
可小弟我真的不懂
不執行make clean
重複
./configure --localstatedir=/var --sysconfdir=/etc
make
make install
為何路徑不會更改呢
第一行的 ./configure --localstatedir=/var --sysconfdir=/etc
不就是為了指定路徑嗎

謝謝囉

astatine · « **回覆 #12 於:** 2006-09-27 16:59 »

大大，我裝好后執行radiusd -X，最后齣現這個報錯
rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld.
radiusd.conf[14]: sql: Module instantiation failed.
radiusd.conf[1844] Unknown module "sql".
radiusd.conf[1773] Failed to parse authorize section.
怎么解決啊？

walterchan · « **回覆 #13 於:** 2007-03-06 10:20 »

引述: "astatine"

大大，我裝好后執行radiusd -X，最后齣現這個報錯
rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld.
radiusd.conf[14]: sql: Module instantiation failed.
radiusd.conf[1844] Unknown module "sql".
radiusd.conf[1773] Failed to parse authorize section.
怎么解決啊？

可以先找出 rlm_sql_mysql.* 檔後，copy 去 /usr/lib 試試看

lc · « **回覆 #14 於:** 2007-08-18 09:23 »

引述: "walterchan"

引述: "astatine"
大大，我裝好后執行radiusd -X，最后齣現這個報錯
rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld.
radiusd.conf[14]: sql: Module instantiation failed.
radiusd.conf[1844] Unknown module "sql".
radiusd.conf[1773] Failed to parse authorize section.
怎么解決啊？

可以先找出 rlm_sql_mysql.* 檔後，copy 去 /usr/lib 試試看

我用rpm安裝freeradius, rlm_sql_mysql.so安裝於/usr/lib中, 但依然出現這個錯誤

代碼: [選擇]

rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld.

已於兩台主機測試過, OS為RHEL3

chen123 · « **回覆 #15 於:** 2007-09-12 11:29 »

引述: "astatine"

大大，我裝好后執行radiusd -X，最后齣現這個報錯
rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld.
radiusd.conf[14]: sql: Module instantiation failed.
radiusd.conf[1844] Unknown module "sql".
radiusd.conf[1773] Failed to parse authorize section.
怎么解決啊？

至/etc/raddb
vi radiusd.conf
找到 $INCLUDE ${confdir}/sql.conf 將這行前面的#取消後存檔，再試試看！

za075056 · « **回覆 #16 於:** 2007-09-18 18:48 »

請各位大大幫幫忙...一個台風天都在做了還是卡在這邊...

radius -x後

[root@localhost root]# radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file. Support for this will go away soon.
Module: Loaded exec
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded eap
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
rlm_eap: Loaded and initialized type gtc
rlm_eap: Loaded and initialized type tls
rlm_eap: Loaded and initialized type peap
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded files
Module: Instantiated files (files)
Module: Loaded SQL
rlm_sql (sql): Could not link driver rlm_sql_mysql: file not found
rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld.
radiusd.conf[14]: sql: Module instantiation failed.
[root@localhost root]#

請教一下問題出在那.......

za075056 · « **回覆 #17 於:** 2007-09-18 20:29 »

在安裝完rlm_sql_mysql後......錯誤又變成更多[......orz..

root@localhost root]# radiusd -x
Starting - reading configuration files ...
Using deprecated naslist file. Support for this will go away soon.
Module: Loaded exec
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded System
Module: Instantiated unix (unix)
Module: Loaded eap
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
rlm_eap: Loaded and initialized type gtc
rlm_eap: Loaded and initialized type tls
rlm_eap: Loaded and initialized type peap
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
Module: Instantiated realm (suffix)
Module: Loaded files
Module: Instantiated files (files)
Module: Loaded SQL
rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked
rlm_sql (sql): Attempting to connect to root@localhost:/radius
rlm_sql (sql): starting 0
rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
rlm_sql_mysql: Starting connect to MySQL server for #0
rlm_sql (sql): Connected new DB handle, #0
rlm_sql (sql): starting 1
rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
rlm_sql_mysql: Starting connect to MySQL server for #1
rlm_sql (sql): Connected new DB handle, #1
rlm_sql (sql): starting 2
rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
rlm_sql_mysql: Starting connect to MySQL server for #2
rlm_sql (sql): Connected new DB handle, #2
rlm_sql (sql): starting 3
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql (sql): starting 4
rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
rlm_sql_mysql: Starting connect to MySQL server for #4
rlm_sql (sql): Connected new DB handle, #4
Module: Instantiated sql (sql)
ERROR: Cannot find a configuration entry for module "etc_smbpasswd".
[root@localhost root]#
[root@localhost root]#

za075056 · « **回覆 #18 於:** 2007-09-19 11:48 »

[root@localhost root]# radiusd -x
Starting - reading configuration files ...
config: No such entry confid for string ${confid}/preproxy_users
Errors reading radiusd.conf
[root@localhost root]#

za075056 · « **回覆 #19 於:** 2007-09-19 11:50 »

在自己連續重灌電腦後,,再安裝再看書，...在實作....

最後跑出這行..拜託各位大大T_T""線在的問題是出在哪？

klees · « **回覆 #20 於:** 2007-12-05 20:04 »

用radtest 測試完全成功，可是使用其他命令的時候卻不行，如使用radacct或radlogin等請問是為什么？謝謝！
而mysql是正常的
提示如下
＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝
rad_recv: Access-Request packet from host 127.0.0.1:32830, id=209, length=62
Sending Access-Reject of id 208 to 127.0.0.1 port 32829
Service-Type = Login-User
User-Name = "heyu"
User-Password = "\272\020\330\206\226u\n\302\365\204\304E\343|\306\231"
NAS-Port = 0
NAS-IP-Address = 127.0.0.1
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE Username = 'heyu' ORDER BY id
rlm_sql_mysql: query: SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'heyu' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value, op FROM radreply WHERE Username = 'heyu' ORDER BY id
rlm_sql_mysql: query: SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'heyu' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): No matching entry in the database for request from user [heyu]
rad_recv: Access-Request packet from host 127.0.0.1:32830, id=209, length=62
Sending Access-Reject of id 209 to 127.0.0.1 port 32830
＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝＝

ikenny · « **回覆 #21 於:** 2009-06-24 08:07 »

我的環境是 CentOS5.3 利用 yum 安裝 freeradius 及 freeradius-mysql ，參照你的設定，得到如下訊息，可否協助找出問題所在

/usr/sbin/radiusd -X

[root@radius sbin]# radtest testx testx localhost 0 testing123
Sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 232 to 127.0.0.1 port 1812
User-Name = "testx"
User-Password = "testx"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
radclient: no response from server for ID 232
[root@radius sbin]# radtest test test localhost 0 testing123
Sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
Re-sending Access-Request of id 238 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
radclient: no response from server for ID 238

ikenny · « **回覆 #22 於:** 2009-06-27 09:46 »

[root@u8 raddb]# radtest ttt ttt localhost 0 testing123
Sending Access-Request of id 162 to 127.0.0.1 port 1812
User-Name = "ttt"
User-Password = "ttt"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=162, length=32
Reply-Message = "Hello, ttt"

以上file認證測試，可以通過，但是透過mysql認證如下：

[root@u8 raddb]# radtest test test localhost 0 testing123
Sending Access-Request of id 178 to 127.0.0.1 port 1812
User-Name = "test"
User-Password = "test"
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=178, length=20

請教問題出在哪？感恩

vincent119 · « **回覆 #23 於:** 2013-09-26 00:36 »

http://vincent119.blogspot.tw/2012/11/radius-server-mysql-replication.html

我是這樣搞的!!!

最新消息:

作者 主題: 安裝 FreeRADIUS + Files + MySQL 認證 (閱讀 120793 次)

作者主題: 安裝 FreeRADIUS + Files + MySQL 認證 (閱讀 120793 次)