| 网站首页 | JAVA文章 | AppServers | Web开发 | 应用开发 | 资源下载 |
    想学好编程,外语很重要,最新的编程技术还是在国外  [enadd  2006年12月25日]        
设为首页 加入收藏 联系站长
您现在的位置: 编程笔记网 >> 数据库 >> mysql >> 使用技巧 >> 文章正文
PPTP + MPPE + RADIUS + MySQL            【字体:
PPTP + MPPE + RADIUS + MySQL
作者:不详    文章来源:网络    点击数:    更新时间:2007-1-21
 PPTP+MPPE+RADIUS+MySql
Requirements:
kernelsources.(2.4.18orlaterprefered.)www.kernel.org
pppsourcesfromcvsorrecentsnapshot.www.samba.org/ppp
Freeradius0.7.1orlater.www.freeradius.org
PoPToP1.1.3www.sourceforge.net/projects/poptop


Shouldbepresentinmostdistributionsthesedays:
MySqlMySql.com/"target=_blank>www.MySql.com
openssl0.9.6borlater.www.openssl.org


Caveats:MPPEencryptionseemstobeavailablewithMS-CHAPauthenticationonly.NotPAPandCHAP.ThisdocumentassumesonlyMS-CHAPv2isused.(Asversion1istotallybrokensecuritywise.)

PPPandkernel:

Patchyourkernelsourceswiththemppeinstall.shscriptinlinux/mppe/
Configureyourkernelsourceformppesupport(makemenuconfigoryourpreferedway.)ThepatchmakesanewchoiceforaMPPEmoduleunderNetworkdevices-PPP.

Compileandinstallyourkernelandmodules.Itakeiteverybodyknowshowtodothisandupdatetheirlilo/grub/whateverbootloader.

Doublecheck/etc/modules.confforaliasestoppp_mppeandsoon.
aliaschar-major-108ppp_generic
aliastty-ldisc-3ppp_async
aliastty-ldisc-14ppp_synctty
aliasppp-compress-18ppp_mppe
aliasppp-comress-21bsd_comp
aliasppp-compress-24ppp_deflate
aliasppp-compress-26ppp_deflate


NowisasgoodatimeasanytorebootwithyourMPPEenabledkernel.(Somedocstellsyoutoinstallpppbeforereboot.Reasonunknown,itshouldntmatter.)

Compileandinstallppp.MPPEandms-chapv2supportiscompiledinbydefault.

PoPToP:

Compileandinstall.Nothingfancyneeded,asitspppdthatdoesthemagic.

PoPToPandpppdConfiguration:

Inmy/etc/pptpd.confIhave
localipsome.ip.add.ress
option/etc/options.pptpd


Thisisjustforclarity,thedefaultisoffcourse/etc/ppp/optionsTheclientsgetremoteipfromradius,sowedontneedithereastheywillbeoverridden,butyoucouldhavethemforclarity/confusion/easytestingwithoutradius...

Ionlyusemschap-v2,somy/etc/ppp/options.pptpdfileis:
#-----------start----------
lock
#uncommentwhentesting:
#debug
namepptpd
proxyarp
asyncmap0
-chap
-mschap
+mschap-v2
require-mppe
lcp-echo-failure30
lcp-echo-interval5
ipcp-accept-local
ipcp-accept-remote
ms-winswins.server.ip.address
ms-dnsdns.server.ip.address
pluginradius.so
#-----------end----------


Note:Itmightbe"chapms"andnot"mschap"aschangesmightbehappeninginthecvs.

Theradius.sopluginusesthesettingsfromradiusclient,somakesure:

/etc/radiusclient/serverscontainsthesecretforyourradiusserver(s)
Like:
localhosttesting123


Iftheradiusisonlocalhostusingthedefaultfreeradiussecret(badideaoffcourse...)

Ithinkyoumusthavethedictionary.microsoftfilein/etc/radiusclientifyouusems-chap1or2.

Itshouldbetherebydefault.

Setauthserverandacctserverin/etc/radiusclient/radiusclient.confifyourradiusserverisnotonthesamemachineasyourpoptop.

Thisfilesuremakessplittingauthenticationandaccountingbetweentworadiusserversveryeasy.

Makesurebothservers(ifdifferent)arelistedin/etc/radiusclient/servers

Freeradius:

Compileandinstall.Alsohasallweneedbydefault.

Freeradiusconfiguration:

/etc/raddb/clients.conf:Shouldcontainentriescorrespondingtotheserversin/etc/radiusclient/serversfortheclient/NAS

(ourpptpserver):

client127.0.0.1{
secret=testing123
shortname=localhost
}


/etc/raddb/radiusd.conf:Thisistherelevantpartsofmyradiusd.confforauthenticationandaccountinginMySql.ThankstoCharlesJ.Boening(charlieb@cot.net)forthis.Justremovethesqlpartsifyoudontwantthem,andaddfilesorunixmoduleorsomething.

Modules{
#Youmighthavemorehere
#thisisjusttherelevantpart
mschap{
authtype=MS-CHAP
use_mppe=yes
#force128bit:
require_strong=yes
}
}
authorize{
preprocess
suffix
sql
mschap
}
authenticate{
mschap
}
preacct{
preprocess
suffix
files
}
accounting{
acct_unique
detail
sql
#radutmp
}
session{
sql
#radutmp
}
#-----------end----------


setthecorrectserver,userandpassin/etc/raddb/sql.conf

MySQL:

Mysqlconfigurationshouldbetrival,andbasicallyconsistsof:

Createadatabasecalledforexample"radius"insql/Index.html'>mysql.Fillitwiththetablesfromtheschemafoundin/src/modules/rlm_sql/drivers/rlm_sql_sql/Index.html'>mysql/db_sql/Index.html'>mysql.sql

[1] [2] 下一页  
文章录入:enadd    责任编辑:enadd 
  • 上一篇文章:

  • 下一篇文章:
    • 发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口
    最新热点 最新推荐 相关文章
  • MySQL数据的导出和导入工具:…

  • mysql授课大纲

  • mysql技巧总结

  • 使用函数递归实现基于php和M…

  • 基于MySQL的高性能数据库应用…

  • Mysql日期和时间函数

  • 深圳讯天 mysql 服务器错误分…

  • 几分钟让你走进mysql的门

  • 针对 Apache 2.x 的 MySQL 用…

  • 在同一台机器上运行多个MySQ…

    		•
      网友评论:(只显示最新10条。评论内容只代表网友观点,与本站立场无关!)
    | 设为首页 | 加入收藏 | 联系站长 | 友情链接 | 版权申明 | 管理登录 | 
    Copyright ©2000 - 2005 Enadd.com
    备案序号:辽ICP备06005595号
    站长:enadd