radius server简单安装配置方法

时间 2019-11-10

原文原文链接

安装

sudo aptitude install freeradius

添加测试用户

用户名为test，密码为111111shell

sudo echo "test Cleartext-Password := \"111111\"" >> /etc/freeradius/users

添加client网段

vim /etc/freeradius/clients.conf

加入下面内容，表示只接受192.168.26.0这个网段的client进行radius认证，
其中共享密钥为testing123vim

client 192.168.26.0/24 {
        secret = testing123
        shortname = test-radius
}

重启radius服务

sudo service freeradius restart

测试

在192.168.26.0/24网段的PC，或直接用本机测试

radtest test 111111 <radius-server-addr> 0 testing123

如在本地执行rest

radtest test 111111 192.168.26.214 0 testing123

认证成功输出结果code

Sending Access-Request of id 74 to 192.168.26.214 port 1812
    User-Name = "test"
    User-Password = "111111"
    NAS-IP-Address = 127.0.1.1
    NAS-Port = 0
rad_recv: Access-Accept packet from host 192.168.26.214 port 1812, id=74, length=20

如在本地执行server

radtest test 222222 192.168.26.214 0 testing123

认证失败输出结果it

Sending Access-Request of id 233 to 192.168.26.214 port 1812
    User-Name = "test"
    User-Password = "222222"
    NAS-IP-Address = 127.0.1.1
    NAS-Port = 0
rad_recv: Access-Reject packet from host 192.168.26.214 port 1812, id=233, length=20