Compliance testing of Free Radius Client
Phil Mayers
p.mayers at imperial.ac.uk
Wed Oct 17 10:11:44 CEST 2012
On 10/17/2012 08:26 AM, Arpit Jain wrote:
> Does it mean that freeradius client is just a dummy client and there is
> no point in performing compliance testing on it?
radclient and radeapclient are not NASes. They don't provide service to
users, and they don't run as daemons. They're for server administrators
to test FreeRADIUS.
You could in theory build a NAS on top of "radclient", using it to send
the packets, but that's not the usual approach.
> To again send any authentication or authorization request, radclient
> binary needs to be executed again.
>
> As per my understanding, the binary should not have exited.
As above your understanding is wrong, it's a program for testing the
RADIUS server. Once you've sent the test packet(s), it exits.
> *Please let me know if I need some extra configuration to achieve the
> above functionality.*
You need to go away and do some basic reading around the subject. Try
the current version of the RADIUS RFCs for starters, instead of
obsoleted ones.
It sounds like you want a NAS, which is the component that provides
network service to the user, and authenticates it using an embedded
radius client.
NASes are specific to the network layer - modem, ADSL, ethernet/802.1x,
wifi/802.11, webauth, VPN, etc.
See: pppd, chillispot, hostapd, and so on.
> Does freeradius package provide a separate binary/module for USER
> application?
>
> If not, can we consider RADIUS CLIENT as our USER as well?
No. A user is a user. As in, a human being. As in, the person doing the
using?
This isn't really the place to be asking "RADIUS 101" questions. There
are books on the topic, though I don't have any specific recommendations.
More information about the Freeradius-Users
mailing list