23-04-2021

Free Radius Test Tool



Important

Download NTRadPing, a free RADIUS test client. Unzip the file in to a working directory on your local machine (for example, C: temp tradping). There will be two files: a RADIUS dictionary file and the NTRadPing executable. Create a test RADIUS client. Login to the Security Console and navigate to RADIUS RADIUS Client Add New. I have NPS setup on my 2008 R2 domain controller. Having issues getting my Firewall/VPN device to authenitcate users via Radius that is pointing to my NPS/SC server. Is there a tool out there that I can use to verify if NPS is correctly receiving and responding to radius request? RadPerf RADIUS performance testing utility One of the most critical steps when building a RADIUS system is performance characterisation. This means testing the system to see if both authentication (i.e., read-only) and accounting (i.e., read-write) behavior is acceptable. Small tool created to test radius server from an Android device. Features: Allow to you set threshold in order to test the server response time. Allow to you store several tests cases in order to speed up your test selecting them from a list drop. Ads: in order to motivate my contrib to the play store this app contains ads, the first ad is launched at the startup after the splash screen. Radius Calculator Enter an address, city, or zip code, and a radius, and you will get the radius drawn on the map. Below the map you will find a list of all containing zip codes, cities, counties, and combinations within the radius.

Netgate is offering COVID-19 aid for pfSense software users, learn more.

Testing the FreeRADIUS Package ona pfSense® firewall.

Test Configuration¶

At a minimum, testing FreeRADIUS requires A User, an Interface, and aNAS/Client.

  • Add a User with the following configuration:

    Username

    testuser

    Password

    testpassword

  • Add a Client/NAS with the following configuration:

    IP Address

    127.0.0.1

    Shared Secret

    testing123

  • Add an Interface with the following configuration:

    IP Address

    127.0.0.1

    Interface Type

    Auth

    Port

    1812

GUI Test¶

The easiest way to test is by using Diagnostics > Authentication in the GUI.

First, add a RADIUS server entry to the user manager as described inAuthentication Servers.

  • Navigate to System > User Manager, Authentication Servers tab

  • Fill in the settings to match the entry in FreeRADIUS:

    Descriptive Name

    FreeRADIUS

    Type

    RADIUS

    Hostname or IP Address

    127.0.0.1

    Shared Secret

    testing123

    Services Offered

    Authentication

    Authentication Port

    1812

  • Click Save

Next, perform the GUI test:

  • Navigate to Diagnostics > Authentication

  • Set Authentication Server to the RADIUS server in the user manager

  • Fill in the Username and Password

  • Click Test

If the test succeeds, the GUI prints a success message:

The system log will also contain a message indicating a successful login:

If the test fails, the GUI prints a failure message:

Authentication failed.

Free Radius Test Tool Template

Free

The system log will also contain a message indicating failure:

Test Radius Authentication

CLI Test¶

Test Radius Powershell

FreeRADIUS offers an easy to use command line tool to check if the server isrunning and listening to incoming requests.

SSH to the firewall, start a shell, and type in the following command:

The following output will appear if the test succeeds:

The Access-Accept portion of the output is the most relevant.

Check the system log for the following output:

If a part of the test fails, such as incorrect username, then the test commandoutput will look like the following:

The Accesss-Reject packet indicates that the server rejected the attempt,and the system log will contain the following output:

Free

EAP Testing

Free Radius Test Tool

While FreeRADIUS comes with a command-line tool calledradeapclient, by far and away the best EAP testing tool isthe eapol_test program from wpa_supplicant.

The default build of wpa_supplicant does not build theeapol_test program, so you will have to do that yourself.

Building eapol_test

Download the latest version of wpa_supplicant,and un-tar it, then follow these instructions to build it:

$ cd wpa_supplicant-version/wpa_supplicant
$ cp defconfig .config
$ vi .config

Find the line containing

and change it to

CONFIG_EAPOL_TEST=y

Then, type

Once it is done, copy the file to some where in your PATH.e.g. /usr/local/bin, or ~/bin. The following testsassume that the eapol_test file has been installed, such asvia the following command:

$ cp eapol_test /usr/local/bin

Testing

Run the eapol_test program from the command-line, with oneof the following configuration files.

Where file is one of the configuration files below. Weare also assuming that the RADIUS server is on localhost, andthat the shared secret is testing123.

  • PEAPv0
    • EAP-GTC
  • EAP-TTLS

These configuration files assume that you are using the test userbob, with password hello, as given in the PAP howto.

If the productioncertificates have been created, then the ca_cert entry ineach configuration file can be un-commented. The eapol_testprogram will then verify the server certificate.

Free Radius Mapping Tool

Session Resumption, or Fast Reauthentiction

Free Radius Test Tool

Radius Test Tool For Windows

Use eapol_test -r 1 ... in order to test sessionresumption. See the eapol_test documentation for moreinformation.