本文系统Centos6.0；192.168.182.133

本文也是近期项目之一；为了后面的***隧道和多ip路由分流；

-rw-r--r-- 1 root root 684342  6月 19 22:49 ppp-2.4.5.tar.gz-rw-r--r-- 1 root root  74048  6月 19 22:49 pptpd-1.3.4-2.el6.i686.rpm

这是其中的两个包；

如果pptpd不好下载的话，欢迎到本人下载区去下载，因为这个国外的url被和谐了，本人也是使用了加速器才下载到的；

1、下面就开始操作了；

[root@node1 ~]# vim /etc/pptpd.conf#pptpd.confoption /etc/ppp/options.pptpdlogwtmplocalip 192.168.182.133remoteip 172.16.0.2-254

[root@node1 ~]# vim /etc/ppp/options.pptpdname pptpdrefuse-paprefuse-chaprefuse-mschaprequire-mschap-v2require-mppe-128proxyarplocknobsdcompnovjnovjccompnologfdms-dns 8.8.8.8logfile /var/log/pptpd.log

[root@node1 ~]# vim /etc/ppp/chap-secrets# Secrets for authentication using CHAP# client        server  secret                  IP addresses  test          pptpd   test123                 *

[root@node1 ~]# cat /etc/sysctl.conf |grep -v ^# |grep -v ^#net.ipv4.ip_forward = 1

[root@node1 ~]# iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -j MASQUERADE

Ps；重启服务；测试本地拨号是否正常；

经过测试，拨号OK；

2、下面是安装mysql及freeradius;

yum install mysql* freeradius* -y

创建radius数据库，导入相关sql；并创建测试用户；

mysql> create database radius;

[root@node1 ~]# mysql -u root -p  radius < /etc/raddb/sql/mysql/admin.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/cui.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/nas.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/schema.sql[root@node1 ~]# mysql -u root -p radius < /etc/raddb/sql/mysql/wimax.sql

mysql> insert into radius.radcheck (Username,Attribute,op,Value) values('lansgg','password','==','lansgg123')

配置radius的相关配置文件；

[root@node1 ~]# vim /etc/raddb/radiusd.conf700         $INCLUDE sql.conf

[root@node1 ~]# vim /etc/raddb/sql.conf28         database = "mysql"33         driver = "rlm_sql_${database}"36         server = "localhost"38         login = "root"39         password = "123"42         radius_db = "radius"50         acct_table1 = "radacct"51         acct_table2 = "radacct"100         readclients = yesps:前面的子标为行数哈

[root@node1 ~]# vim /etc/raddb/sites-enabled/default69 authorize {170 #       files177         sql252 authenticate {297 #       unix333 preacct {372 #       files389 #       unix406         sql449 session {454         sql461 post-auth {475         sql

[root@node1 ~]# vim /etc/raddb/sites-enabled/inner-tunnel124 #       files131         sql223 #       unix255         sql277         sql

[root@node1 ~]# vim /etc/raddb/eap.conf30                 default_eap_type = peap

测试radius和mysql的整合

3、下面是pptpd和freeradius的整合了；

解压ppp源码包，copy其配置文件；

[root@node1 ~]# tar zxvf ppp-2.4.5.tar.gz

[root@node1 ~]# mkdir /etc/ppp/radius[root@node1 ~]# cp -R  ppp-2.4.5/pppd/plugins/radius/etc/ /etc/ppp/radius/

修改radius的相关路径：

[root@node1 etc]# vim radiusclient.confauth_order      radiuslogin_tries     4login_timeout   60nologin /etc/nologinissue   /etc/ppp//radius/etc/issueauthserver      localhost:1812acctserver      localhost:1813servers         /etc/ppp/radius/etc/serversdictionary      /etc/ppp/radius/etc/dictionarylogin_radius    /usr/local/sbin/login.radiusseqfile         /var/run/radius.seqmapfile         /etc/ppp/radius/etc/port-id-mapdefault_realmradius_timeout  10radius_retries  3login_local     /bin/login

[root@node1 etc]# vim /etc/ppp/radius/etc/dictionaryINCLUDE /etc/ppp/radius/etc/dictionary.microsoftINCLUDE /etc/ppp/radius/etc/dictionary.ascend  #新增INCLUDE /etc/ppp/radius/etc/dictionary.merit    #新增INCLUDE /etc/ppp/radius/etc/dictionary.compat  #新增

增加options.pptpd

[root@node1 etc]# vim /etc/ppp/options.pptpdplugin /usr/lib/pppd/2.4.5/radius.so  #新增radius-config-file /etc/ppp/radius/etc/radiusclient.conf  #新增

修改radius认证密钥；

[root@node1 raddb]# vim /etc/raddb/clients.conf101         secret          = lansggtest

[root@node1 raddb]# vim /etc/ppp/radius/etc/servers5 localhost                                       lansggtest

经过测试OK！（帐号:lansgg；密码lansgg123）