rad_eap_test
Section: Shell script (1)
Updated: 2006-11-29
Index
NAME
rad_eap_test - Nagios compatible shell script used for testing radius EAP methods
SYNTAX
rad_eap_test -H <address> -P <port> -S <secret> -u <username> -p <password> [-t <timeout>] -m <method> [-v] [-c] -s <ssid> -e <method> [-M <mac_addr>] [-i <info>] [-d <directory>] [-k <key_file>] [-j <cert_file>] [-a <ca_cert_file>] [-A <anonymous_id>]
DESCRIPTION
rad_eap_test is used to test availability of radius servers in monitoring solutions as nagios. rad_eap_test is only wrapper shell script around eapol_test from wpa_supplicant project. rad_eap_test generates configuration for eapol_test, runs it and after processing eapol_test messages returns status code. Status code is processed by monitoring tools as nagios.
OPTIONS
- -H <address>
-
Address of radius server
- -P <port>
-
Port of radius server
- -S <secret>
-
Secret for radius server communication
- -u <username>
-
Username (user@realm)
- -p <password>
-
Password
- -t <timeout>
-
Timeout (default is 5 seconds)
- -m <method>
-
Method (IEEE8021X | WPA-EAP)
- -v
-
Verbose (prints decoded last Access-accept packet)
- -c
-
Prints all packets decoded
- -s <ssid>
-
SSID
- -e <method>
-
EAP method (PEAP | TLS | TTLS | LEAP)
- -M <mac_addr>
-
MAC address in xx:xx:xx:xx:xx:xx format
- -i <connect_info>
-
Connection info (in radius log : client from connect_info)
- -d <directory>
-
status directory (unified identifier of packets)
- -k <user_key_file>
-
user certificate key file
- -j <user_cert_file>
-
user certificate file
- -a <ca_cert_file>
-
certificate of CA
- -A <anonymous_identity>
-
anonymous identity (anonymous@realm)
EXAMPLES
- rad_eap_test -H <radius.server.name> -P 1812 -S <secret> -u <user@realm> -p <password> -m WPA_EAP -e PEAP
-
PEAP test
- rad_eap_test -H <radius.server.name> -P 1812 -S <secret> -u <user@realm> -p <password> -m IEEE8021X -e LEAP
-
LEAP test
- rad_eap_test -H <radius.server.name> -P 1812 -S <secret> -u <user@realm> -k <user_key> -j <user_cert> -a <ca_cert> -m IEEE8021X -e TLS
-
TLS test
EXIT STATUS
- 0
-
access-accept; <latency>
- 1
-
access-recejt; <latency>
- 2
-
timeout; <timeout>
- 3
-
sort of config problem
OTHER
Eapol_test compilation
1) Download wpa_supplicant source from http://hostap.epitest.fi/wpa_supplicant/ (stable, development or snapshot version) (or you can download hostap, where wpa_supplicant is in the package)
2) Untar sources: tar xvzf wpa_supplicant.tar.gz
3) Create .config file in wpa_supplicant directory with content follows:
CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_MSCHAPV2=y
CONFIG_EAP_TLS=y
CONFIG_EAP_PEAP=y
CONFIG_EAP_LEAP=y
CONFIG_EAP_TTLS=y
CONFIG_IEEE8021X=y
4) Compile eapol_test: make eapol_test
After compilation you have eapol_test binary, which you can use with rad_eap_test script.
AUTHORS
Pavel Polacek <polish@pf.ujep.cz>
Jan Tomasek <jan.tomasek@cesnet.cz>
Index
- NAME
-
- SYNTAX
-
- DESCRIPTION
-
- OPTIONS
-
- EXAMPLES
-
- EXIT STATUS
-
- OTHER
-
- AUTHORS
-
This document was created by
man2html,
using the manual pages.
Time: 08:02:21 GMT, November 29, 2006