Untuk Freeradius yang saya gunakan berjalan pada sistem Operasi FreeBSD 7.1 dan Mysql 5.X
Sebagai pendukung saya menggunakan Apache 2.x dan Php 5.x dan PhpMyadmin
1. Untuk mempermudah instalasi saya menggunakan Ports dari FreeBSD yang instalasinya langsung terkoneksi dengan internet.
cd /usr/ports/net/freeradius
2. Install aplikasi ( Include Support mysql)
#make
#make install
Untuk menjalankan Freeradius Debug Mode :
#radiusd –X
You can use radtest to test an account from the command line:
Setting up the Freeradius database in MySQL
1. First, if you will run the db on your localhost, MySQL server should be installed on your machine
#mysql –u root –p
mysql>CREATE DATABASE radius;
mysql>GRANT ALL PRIVILEGES ON radius.* to ‘root’@localhost’ IDENTIFIED BY ‘myrootpassword’;
mysql>FLUSH PRIVILEGES;
2. Create a schema for the database, use the SQL script file, it can be found in /src/modules/rlm_sql/drivers/rlm_sql_mysql/db_mysql.sql where you untar’d the FreeRadius
#mysql –u root –p rootpass radius < db_mysql.sql ( lokasi tergantung )
where root and rootpass are your mysql root name and password respectively
Configuring FreeRadius to use MySQL
1.Edit /etc/raddb/sql.conf and enter the server, name and password details to connect your Mysql Server and Radius database:
# Connect info
server = “localhost”
login = “root”
password = “rootpass”
radius_db = “radius”
Query config for username, I used this:
sql_user_name = “%{User-Name}”
You will see several tables created. You just need to use one of those: radcheck. This table has the following structure:
2. Edit /etc/raddb/radiusd.conf and add a line saying “sql” to the authorize {}section and add a line saying “sql” to the accounting{} section too between ‘unix’ and ‘radutmp’
radiusd.conf will look something like this:
authorise {
preprocess
chap
mschap
#counter
#attr_filter
#eap
suffix
sql
#files
#etc_smbpasswd
}
authenticate {
authtype PAP {
pap
}
authtype CHAP {
chap
}
authtype MS-CHAP{
mschap
}
#pam
#unix
#authtype LDAP {
# ldap
#}
}
preacct {
preprocess
suffix
#files
}
accounting {
acct_unique
detail
#counter
unix
sql
radutmp
#sradutmp
}
session {
radutmp
}
Script Data di Database :
mysql> INSERT INTO radcheck (UserName, Attribute, Value) VALUES (’alamster’, ‘Password’, ‘palcomtech’);
mysql> INSERT INTO radgroupcheck (GroupName, Attribute, Value,op) VALUES (’dynamic’, ‘Auth-Type’, ‘MS-CHAP’,’= ‘);
Query OK, 1 row affected (0.00 sec)
Untuk Proteksi Koneksi Berdasar IP / Caller ID
mysql> INSERT INTO radgroupcheck (GroupName, Attribute, Value,op) VALUES (’dynamic’, ‘Calling-Station-Id’, ‘192.168.202.47’,’= ‘);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘Framed-IP-Address’, ‘:=’,‘192.168.10.4’); << penting
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘Framed-Compression’, ‘:=’,‘Van-Jacobsen-TCP-IP’);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘Framed-Protocol’, ‘:=’, ‘PPP’);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘Service-Type’, ‘:=’, ‘Framed-User’);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘Framed-MTU’, ‘:=’, ‘1500′);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘X-Ascend-Assign-IP-Pool’, ‘:=’, ‘0′);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘X-Ascend-Maximum-Time’, ‘:=’, ‘7200′);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘X-Ascend-Route-IP’, ‘:=’,
‘Route-IP-Yes’);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO radgroupreply (GroupName, Attribute, op, Value) VALUES (’dynamic’, ‘Idle-Timeout’, ‘:=’, ‘1800′);
Query OK, 1 row affected (0.00 sec)
mysql> INSERT INTO usergroup (UserName, GroupName) VALUES (’alamster’,’dynamic’);
Query OK, 1 row affected (0.01 sec)
Mei 17, 2009 pukul 3:57 pm |
thx bwt tutorialnya…
saya mau nanya.maksud dari data yang dimasukkan ke dalam database itu maksudnya apa saja yah??
kira-kira bapak tau soal VLAN assignment ga? n kira-kira bagaimana cara mengimplementasikannya dalam freeradius..