Centos에 freeradius를 설치했습니다.
MySQL 데이터베이스는 테스트용 일부 데이터로 채워지고 freeradiusd.conf 및 sql.conf가 구성됩니다.
RADIUS 서버는 MySQL 데이터베이스에 연결할 수 있으며 이 서버에서 사용자를 인증할 수 있습니다. 또한 내 종속 포털 및 RADIUS 서버와 함께 작동하는 원격 RADIUS 클라이언트가 구성되어 있지만 /etc/raddb/clients.conf. MySQL 'nas' 테이블을 사용하면 작동하지 않습니다.
즉, freeradius는 MySQL 데이터베이스에서 내 nas 테이블을 쿼리하지 않는 것 같습니다.
내 /etc/raddb/mods-enabled/sql파일에는 다음이 있습니다.
# Table to keep radius client info
nas_table = "nas"
# Set to 'yes' to read radius clients from the database ('nas' table)
read_clients = yes
내 NAS 테이블에는 다음이 있습니다.
id nasname shortname type ports secret server community description
1 xx.xx.xx.xx NULL other NULL testing123
default NULL RADIUS Client
... 여기서 xx.xx.xx.xx는 내 RADIUS 클라이언트의 올바른 IP 주소입니다.
디버그 모드에서 실행 중인 freeradius를 사용하여 종속 포털을 통해 로그인하려고 하면 다음과 같은 메시지가 나타납니다.
Wed Aug 8 06:39:11 2018 : Info: Ready to process requests
Wed Aug 8 06:39:19 2018 : Error: Ignoring request to auth address * port 1812 bound to server default from unknown client xx.xx.xx.xx port 55546 proto udp
Wed Aug 8 06:39:19 2018 : Info: Ready to process requests
Wed Aug 8 06:39:21 2018 : Error: Ignoring request to auth address * port 1812 bound to server default from unknown client xx.xx.xx.xx port 55546 proto udp
Wed Aug 8 06:39:21 2018 : Info: Ready to process requests
Wed Aug 8 06:39:24 2018 : Error: Ignoring request to auth address * port 1812 bound to server default from unknown client xx.xx.xx.xx port 55546 proto udp
Wed Aug 8 06:39:24 2018 : Info: Ready to process requests
eWed Aug 8 06:39:28 2018 : Error: Ignoring request to auth address * port 1812 bound to server default from unknown client xx.xx.xx.xx port 55546 proto udp
디버그 출력에서 NAS의 데이터가 로드되는 것을 확인했습니다.
Wed Aug 8 09:07:58 2018 : Debug: rlm_sql (sql): Reserved connection (0)
Wed Aug 8 09:07:58 2018 : Debug: rlm_sql (sql): Executing select query: SELECT id, nasname, shortname, type, secret, server FROM nas
Wed Aug 8 09:07:58 2018 : Debug: rlm_sql (sql): Adding client xx.xx.xx.xx (xx.xx.xx.xx) to default clients list
Wed Aug 8 09:07:58 2018 : Debug: Adding client xx.xx.xx.xx/32 (xx.xx.xx.xx) to prefix tree 32
Wed Aug 8 09:07:58 2018 : Debug: rlm_sql (xx.xx.xx.xx): Client "xx.xx.xx.xx" (sql) added
Wed Aug 8 09:07:58 2018 : Debug: rlm_sql (sql): Released connection (0)
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "pap" from file /etc/raddb/mods-enabled/pap
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "reject" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "fail" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "ok" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "handled" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "invalid" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "userlock" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "notfound" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "noop" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "updated" from file /etc/raddb/mods-enabled/always
Wed Aug 8 09:07:58 2018 : Debug: # Instantiating module "monthlycounter" from file /etc/raddb/mods-enabled/sqlcounter
어떤 도움이라도 크게 감사하겠습니다! 추신: IP와 동일하게 NAS 테이블의 단축 이름을 변경하려고 시도했지만 여전히 작동하지 않았습니다.