focal (1) radtest.1.gz

Provided by: freeradius-common_3.0.20+dfsg-3ubuntu0.4_all bug

NAME
       radtest - send packets to a RADIUS server, show reply


SYNOPSIS
       radtest  [-d  raddb_directory]  [-P  tcp/udp]  [-t  pap/chap/mschap/eap-md5] [-x ] [-4 ] [-6 ] [-b ] user
       password radius-server nas-port-number secret [ppphint] [nasname]


DESCRIPTION
       radtest is a frontend to radclient(1). It generates a list of attribute/value pairs based on the  command
       line arguments, and feeds these into radclient. It's a fast and convenient way to test a radius server.


OPTIONS
       -b     Enforce  the Blast RADIUS checks.  All replies to an Access-Request packet must contain a Message-
              Authenticator as the first attribute.

              For compatibility with old servers, this flag is not set by  default.   However,  radclient  still
              checks for the Blast RADIUS signature, and discards packets which match the attack.

       -d raddb_directory
              The directory that contains the RADIUS dictionary files. Defaults to /etc/freeradius/3.0.

       -P proto
              Use  proto transport protocol ("tcp" or "udp").  Only available if FreeRADIUS is compiled with TCP
              transport support.

       -t pap/chap/mschap/eap-md5
              Choose the authentiction method to use.  e.g. "-t pap", "-t chap", "-t mschap", or "-t  eap-md5",.
              Defaults to "pap".  Using EAP-MD5 requires that the "radeapclient" program is installed.

       -x     Enables debugging output for the RADIUS client.

       -4     Use NAS-IP-Address for the NAS address (default)

       -6     Use NAS-IPv6-Address for the NAS address (default)

       user   Username to send.

       password
              Password of the user.

       radius-server
              Hostname or IP address of the radius server. Optionally, you may specify a port by appending :port

       nas-port-number
              The  value  of  the  NAS-Port  attribute.  Is an integer between 0 and 2^31, and it really doesn't
              matter what you put here. 10 will do fine.

       secret The shared secret for this client.

       ppphint
              If you put an integer > 0 here, radtest (or actually radclient) will  add  the  attribute  Framed-
              Protocol = PPP to the request packet.

       nasname
              If  present, this will be resolved to an IP address and added to the request packet as the NAS-IP-
              Address attribute. If you don't specify it, the local hostname of the system will be used.


SEE ALSO
       radiusd(8), radclient(1).


AUTHOR
       Miquel van Smoorenburg, miquels@cistron.nl.

                                                   21 May 2024                                        RADTEST(1)