Testing radius server from Mac OS X client
I have a radius server set up on a server running Ubuntu 11.04. I have configured my switch to use the authentication server's IP (192.168.1.2) for RADIUS / 802.1x authentication, and I created a connection to test connecting from my Mac OSX client.
Here is my radius configuration for the client:
client 192.168.1.0/16 {
secret = testing123
}
I can successfully authenticate using both 127.0.0.1 (localhost) and 192.168.1.2 (ip of eth1), so I know radius is getting those requests.
I set up a connection to test from my macbook, and my requests are timing out.
http://screencast.com/t/tMhRLS3H7
Is there a better way to test the radius connection from my macbook? Thanks!
UPDATE: I was able to successfully test on Mac OSX client using RadPerf. This is available as a cross-platform command line tool.
Solution 1:
FreeRadius provides a tool called radtest
that sends a RADIUS packet to a server, asking it to authorize a request with a username and password provided on the command line:
radtest username password radius-server[:port] nas-port-number secret
To install radtest
on OS X, install Homebrew:
$ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)
The installer will probably prompt you to do a few things, such as install Xcode, run brew doctor
, or run brew update
. Finish the install and then run:
$ brew install freeradius-server
Once Homebrew finishes installing FreeRadius, radtest
should be available for your use:
$ radtest username password 192.168.1.2 10 secret
A few notes.
- The
10
is the request's NAS-Port attribute. In most cases, it doesn't matter what you set for the NAS-Port, so long as its a reasonable port number. - The commands above will install FreeRadius 2.0.6 on your computer, but if you're interested in version 3.0.7, run
brew install --devel freeradius-server
. (This may change in the future as FreeRadius progresses to a v3.1, v3.0, and v2.0 versioning system.) -
radtest
is a front end forradclient
, which should also be available after you install FreeRadius. If you want more sophisticated testing abilities, check out theradclient
man page for more details.