>>> 此貼的回復 >> PPTP + RADIUS 一 安裝RADIUS 1. 下載Freeradius-0.9.3.tar.gz到/home目錄下; 2. 編譯並安裝; # tar -zxvf freeradius-0.9.3.tar.gz # cd freeradius-0.9.3 # ./configure # make # make install 二 1. 下載軟件ppp.tar.gz到/home //內包括Radiusclient以及radius.so
# cd /home 2. 編譯並安裝ppp
# tar -zxvf ppp.tar.gz # cd ppp # ./configure # make # make install
3. 下載軟件pptpd-1.1.3-4.i386.rpm 到/home目錄下 #cd /home #rpm -ivh pptpd-1.1.3-4.i386.rpm 4. 起用ip forwarding: #echo 1 > /proc/sys/net/ipv4/ip_forward // 如果是這句就需要每次系統啟動都要調用,所以要加到系統啟動文件中。 或者修改/etc/sysctl.conf文件: net.ipv4.ip_forward = 1 //如果修改這裡,就不用在啟動文件中修改了 5. 清空/etc/ppp/pap-secrets和/etc/ppp/chap-secrets文件內容。
6. a.修改/etc/ppp/options.pptpd: lock require-pap proxyarp auth ms-dns xxx.xxx.xxx.xxx //根據本地DNS服務器IP地址修改 ms-dns xxx.xxx.xxx.xxx plugin radius.so b.修改/etc/pptpd.conf: option /etc/ppp/options.pptpd localip 10.1.1.1 //根據實際情況修改 remoteip 10.1.1.10-250 //根據實際情況修改
7.修改/etc/radiusclient/servers 文件: localhost linux
8. 修改/etc/radiusclient/radiusclient.conf 文件: auth_order radius authserver localhost:1812 acctserver localhost:1813
9. 修改/usr/local/etc/raddb/clients和/usr/local/etc/raddb/naslist以及、/usr/local/etc/raddb/clients.conf: /etc/raddb/clients: localhost linux /etc/raddb/naslist: 127.0.0.1 local other /etc/raddb/clients.conf: client 127.0.0.1 { secret = linux shortname = local nastype = other }
修改/usr/local/etc/raddb/radiusd.conf detailfile = /home/detail-%Y%m
10. 在終端輸入以下命令: service pptpd restart
11. 修改用戶名 /usr/local/etc/raddb/users: user Auth-Type:=Local,User-Password=="passwd"
12. 啟動RADIUS. radiusd -sx
13. 測試用戶名和密碼: radtest user passwd localhost 0 linux 如果見到Access-Accept,說明OK!
14.限制用戶同時上網: 修改/usr/local/etc/raddb/users: user Simultaneouse-Use:=1,Auth-Type:=Local,User-Password=="passwd"
15.把用戶名與IP地址綁定: 修改/usr/local/etc/raddb/users: user Simultaneouse-Use:=1,Auth-Type:=Local,User-Password=="passwd" Framed-IP-Address=10.1.1.168
[ 關閉窗口 ]