安装cisco＋radius

 安装cisco＋radius

// 斜体为自填部分 

在cisco上：

Radius-server host radius_host_ip auth-port 1812 acct-port 1813

Radius-server key cisco

aaa authentication login default radius local

Line vty 0 4

login authentication default

exit

aaa authorization exec default radius if-authenticated

在radius服务器上：

Mysql –p radius

insert into usergroup (username,groupname) values("ciscouser","ciscogroup");

insert into radcheck (username,attribute,op,value) values ("ciscouser","User-Password","==","ciscopass");

结果：

在radius服务器上显示：

rad_recv: Access-Request packet from host client_host_ip:1645, id=7, length=74

        NAS-IP-Address = a.b.c.d

        NAS-Port = 67

        NAS-Port-Type = Virtual

        User-Name = "myown"

        Calling-Station-Id = "user_ip"

        User-Password = "user_passwd"

添加enable密码：

insert into usergroup (username,groupname) values("$enab15$","enablegroup");      无效

insert into usergroup values(6,"=24enab15=24","enablegroup");               

注意：radius查询mysql时，自动将“$enab15$”更换为“=24enab15=24”

insert into radgroupcheck (groupname,attribute,op,value) values("enablegroup","User-Password",":=","myenpass");

insert into radgroupcheck (groupname,attribute,op,value) values("enablegroup","Auth-Type",":=","Local");

添加记帐：

aaa accounting system default start-stop radius

aaa accounting network default start-stop radius

aaa accounting connection default start-stop radius

aaa accounting exec default stop-only radius

aaa accounting commands 1 default stop-only radius

aaa accounting commands 15 default wait-start radius