rad_eap_test

Section: Shell script (1)
Updated: 2006-11-29
Index
 

NAME

rad_eap_test - Nagios compatible shell script used for testing radius EAP methods  

SYNTAX

rad_eap_test -H <address> -P <port> -S <secret> -u <username> -p <password> [-t <timeout>] -m <method> [-v] [-c] -s <ssid> -e <method> [-M <mac_addr>] [-i <info>] [-d <directory>] [-k <key_file>] [-j <cert_file>] [-a <ca_cert_file>] [-A <anonymous_id>]  

DESCRIPTION

rad_eap_test is used to test availability of radius servers in monitoring solutions as nagios. rad_eap_test is only wrapper shell script around eapol_test from wpa_supplicant project. rad_eap_test generates configuration for eapol_test, runs it and after processing eapol_test messages returns status code. Status code is processed by monitoring tools as nagios.  

OPTIONS

-H <address>
Address of radius server
-P <port>
Port of radius server
-S <secret>
Secret for radius server communication
-u <username>
Username (user@realm)
-p <password>
Password
-t <timeout>
Timeout (default is 5 seconds)
-m <method>
Method (IEEE8021X | WPA-EAP)
-v
Verbose (prints decoded last Access-accept packet)
-c
Prints all packets decoded
-s <ssid>
SSID
-e <method>
EAP method (PEAP | TLS | TTLS | LEAP)
-M <mac_addr>
MAC address in xx:xx:xx:xx:xx:xx format
-i <connect_info>
Connection info (in radius log : client from connect_info)
-d <directory>
status directory (unified identifier of packets)
-k <user_key_file>
user certificate key file
-j <user_cert_file>
user certificate file
-a <ca_cert_file>
certificate of CA
-A <anonymous_identity>
anonymous identity (anonymous@realm)
 

EXAMPLES

rad_eap_test -H <radius.server.name> -P 1812 -S <secret> -u <user@realm> -p <password> -m WPA_EAP -e PEAP
PEAP test
rad_eap_test -H <radius.server.name> -P 1812 -S <secret> -u <user@realm> -p <password> -m IEEE8021X -e LEAP
LEAP test
rad_eap_test -H <radius.server.name> -P 1812 -S <secret> -u <user@realm> -k <user_key> -j <user_cert> -a <ca_cert> -m IEEE8021X -e TLS
TLS test
 

EXIT STATUS

0
access-accept; <latency>
1
access-recejt; <latency>
2
timeout; <timeout>
3
sort of config problem
 

OTHER

Eapol_test compilation

1) Download wpa_supplicant source from http://hostap.epitest.fi/wpa_supplicant/ (stable, development or snapshot version) (or you can download hostap, where wpa_supplicant is in the package)

2) Untar sources: tar xvzf wpa_supplicant.tar.gz

3) Create .config file in wpa_supplicant directory with content follows:
CONFIG_IEEE8021X_EAPOL=y
CONFIG_EAP_MSCHAPV2=y
CONFIG_EAP_TLS=y
CONFIG_EAP_PEAP=y
CONFIG_EAP_LEAP=y
CONFIG_EAP_TTLS=y
CONFIG_IEEE8021X=y

4) Compile eapol_test: make eapol_test
After compilation you have eapol_test binary, which you can use with rad_eap_test script.

 

AUTHORS

Pavel Polacek <polish@pf.ujep.cz>
Jan Tomasek <jan.tomasek@cesnet.cz>


 

Index

NAME
SYNTAX
DESCRIPTION
OPTIONS
EXAMPLES
EXIT STATUS
OTHER
AUTHORS

This document was created by man2html, using the manual pages.
Time: 13:10:08 GMT, February 12, 2016