Provided by: freeradius-common_3.0.20+dfsg-3ubuntu0.4_all bug

NAME
       radtest - send packets to a RADIUS server, show reply


SYNOPSIS
       radtest  [-d  raddb_directory] [-P tcp/udp] [-t pap/chap/mschap/eap-md5] [-x ] [-4 ] [-6 ]
       [-b ] user password radius-server nas-port-number secret [ppphint] [nasname]


DESCRIPTION
       radtest is a frontend to radclient(1). It generates a list of attribute/value pairs  based
       on  the command line arguments, and feeds these into radclient. It's a fast and convenient
       way to test a radius server.


OPTIONS
       -b     Enforce the Blast RADIUS checks.  All replies  to  an  Access-Request  packet  must
              contain a Message-Authenticator as the first attribute.

              For  compatibility  with  old  servers,  this flag is not set by default.  However,
              radclient still checks for the Blast RADIUS signature, and discards  packets  which
              match the attack.

       -d raddb_directory
              The   directory   that   contains   the   RADIUS   dictionary  files.  Defaults  to
              /etc/freeradius/3.0.

       -P proto
              Use proto transport protocol ("tcp" or "udp").  Only  available  if  FreeRADIUS  is
              compiled with TCP transport support.

       -t pap/chap/mschap/eap-md5
              Choose  the authentiction method to use.  e.g. "-t pap", "-t chap", "-t mschap", or
              "-t eap-md5",.  Defaults to "pap".  Using EAP-MD5 requires that the  "radeapclient"
              program is installed.

       -x     Enables debugging output for the RADIUS client.

       -4     Use NAS-IP-Address for the NAS address (default)

       -6     Use NAS-IPv6-Address for the NAS address (default)

       user   Username to send.

       password
              Password of the user.

       radius-server
              Hostname  or IP address of the radius server. Optionally, you may specify a port by
              appending :port

       nas-port-number
              The value of the NAS-Port attribute. Is an integer  between  0  and  2^31,  and  it
              really doesn't matter what you put here. 10 will do fine.

       secret The shared secret for this client.

       ppphint
              If  you  put  an  integer  >  0  here, radtest (or actually radclient) will add the
              attribute Framed-Protocol = PPP to the request packet.

       nasname
              If present, this will be resolved to an IP address and added to the request  packet
              as the NAS-IP-Address attribute. If you don't specify it, the local hostname of the
              system will be used.


SEE ALSO
       radiusd(8), radclient(1).


AUTHOR
       Miquel van Smoorenburg, miquels@cistron.nl.

                                           21 May 2024                                 RADTEST(1)