Compliance testing of Free Radius Client

Phil Mayers p.mayers at
Wed Oct 17 10:11:44 CEST 2012

On 10/17/2012 08:26 AM, Arpit Jain wrote:

> Does it mean that freeradius client is just a dummy client and there is
> no point in performing compliance testing on it?

radclient and radeapclient are not NASes. They don't provide service to 
users, and they don't run as daemons. They're for server administrators 
to test FreeRADIUS.

You could in theory build a NAS on top of "radclient", using it to send 
the packets, but that's not the usual approach.

> To again send any authentication or authorization request, radclient
> binary needs to be executed again.
> As per my understanding, the binary should not have exited.

As above your understanding is wrong, it's a program for testing the 
RADIUS server. Once you've sent the test packet(s), it exits.

> *Please let me know if I need some extra configuration to achieve the
> above functionality.*

You need to go away and do some basic reading around the subject. Try 
the current version of the RADIUS RFCs for starters, instead of 
obsoleted ones.

It sounds like you want a NAS, which is the component that provides 
network service to the user, and authenticates it using an embedded 
radius client.

NASes are specific to the network layer - modem, ADSL, ethernet/802.1x, 
wifi/802.11, webauth, VPN, etc.

See: pppd, chillispot, hostapd, and so on.

> Does freeradius package provide a separate binary/module for USER
> application?
> If not, can we consider RADIUS CLIENT as our USER as well?

No. A user is a user. As in, a human being. As in, the person doing the 

This isn't really the place to be asking "RADIUS 101" questions. There 
are books on the topic, though I don't have any specific recommendations.

More information about the Freeradius-Users mailing list