Compliance testing of Free Radius Client
arpi2706 at gmail.com
Wed Oct 17 09:26:58 CEST 2012
*I want to perform RFC compliance testing of FreeRadius client (not server)
available with "freeradius" package.*
In other words, i want to perform compliance testing on "radclient" and
"radeapclient" binaries available with freeradius package.
On investigation, i found that the manpage of "radclient" states:
radclient is a radius client program. It can send arbitrary radius packets
to a radius server, then shows the reply.
It can be used to test changes you made in the configuration of the radius
server, or it can be used to monitor if a radius server is up.
Does it mean that freeradius client is just a dummy client and there is no
point in performing compliance testing on it?
I tried to run the “radclient” binary. I executed the following command for
*./radclient <server-ip> auth <secret-key>*
Once the above command is executed, the control waits for the attributes
After the attributes are written, radclient sends radius request packet and
receives response from the server and then it exits.
To again send any authentication or authorization request, radclient binary
needs to be executed again.
As per my understanding, the binary should not have exited.
As radius client sends the Access-request itself once it receives a request
for any service from the user.
Also, if the server does not respond, radius client shall send the request
to an alternate server.
This means that the radius client can handle the user requests at runtime
also. So it should not exit.
*Please let me know if I need some extra configuration to achieve the above
In RFC 2131, it is mentioned that there are three entities in any
freeradius setup: USER, RADIUS CLIENT, RADIUS SERVER.
Does freeradius package provide a separate binary/module for USER
If not, can we consider RADIUS CLIENT as our USER as well?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users