Testing radius server from Mac OS X client

networking 802.1 radius

I have a radius server set up on a server running Ubuntu 11.04. I have configured my switch to use the authentication server's IP (192.168.1.2) for RADIUS / 802.1x authentication, and I created a connection to test connecting from my Mac OSX client.

Here is my radius configuration for the client:

client 192.168.1.0/16 {
  secret = testing123
}

I can successfully authenticate using both 127.0.0.1 (localhost) and 192.168.1.2 (ip of eth1), so I know radius is getting those requests.

I set up a connection to test from my macbook, and my requests are timing out.

http://screencast.com/t/tMhRLS3H7

Is there a better way to test the radius connection from my macbook? Thanks!

UPDATE: I was able to successfully test on Mac OSX client using RadPerf. This is available as a cross-platform command line tool.


Solution 1:

FreeRadius provides a tool called radtest that sends a RADIUS packet to a server, asking it to authorize a request with a username and password provided on the command line:

radtest username password radius-server[:port] nas-port-number secret

To install radtest on OS X, install Homebrew:

$ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)

The installer will probably prompt you to do a few things, such as install Xcode, run brew doctor, or run brew update. Finish the install and then run:

$ brew install freeradius-server

Once Homebrew finishes installing FreeRadius, radtest should be available for your use:

$ radtest username password 192.168.1.2 10 secret

A few notes.

  1. The 10 is the request's NAS-Port attribute. In most cases, it doesn't matter what you set for the NAS-Port, so long as its a reasonable port number.
  2. The commands above will install FreeRadius 2.0.6 on your computer, but if you're interested in version 3.0.7, run brew install --devel freeradius-server. (This may change in the future as FreeRadius progresses to a v3.1, v3.0, and v2.0 versioning system.)
  3. radtest is a front end for radclient, which should also be available after you install FreeRadius. If you want more sophisticated testing abilities, check out the radclient man page for more details.

Related

Apache: Client-IP-based DocumentRoot
CNAMEs in Route 53 using @
What's the difference between /etc/apache2/apache2.conf and /etc/apache2/httpd.conf?
Need to find users of ASN in my country
Available EMP protection devices?
Will a remote X-Windows session run faster if I install a better video card in the remote server?
Intermittent high CPU (100%) on production webserver
Load Balancing on Amazon (AWS) and staying up to date
consequences of deleted key pair on ec2 instance
howto only tunnel specific hosts route through openvpn client on tomato [closed]
I have WHM root access but unable to connect using SSH
How do I hide a directory of text files on IIS?