As part of the process of configuring EAP for FreeRADIUS, you will need to test whether or not it works. If you prefer to use a command line tool rather than clicking through windows, this article walks through the steps for testing your EAP configuration.
While FreeRADIUS comes with a command-line tool called
radeapclient, by far and away the best EAP testing tool is the
eapol_test program from wpa_supplicant.
The default build of wpa_supplicant does not build the
eapol_test program, so you will have to do that yourself.
Download the latest version of wpa_supplicant, and un-tar it, then follow these instructions to build it (update
<version> as approprite):
$ cd wpa_supplicant-<version>/wpa_supplicant $ cp defconfig .config $ vi .config
Find the line containing
and change it to
$ make eapol_test
Once it is done, copy the file to some where in your
~/bin. The following tests assume that the
eapol_test file has been installed, such as via the following command:
$ cp eapol_test /usr/local/bin/
eapol_test program from the command-line, with one of the following configuration files.
$ eapol_test -c <file> -s testing123
<file> is one of the configuration files below. We are also assuming that the RADIUS server is on
localhost, and that the shared secret is
These configuration files assume that you are using the test user
bob, with password
hello, as given in the PAP howto.
If the production certificates have been created, then the
ca_cert entry in each configuration file can be un-commented. The
eapol_test program will then verify the server certificate.
Session Resumption, or Fast Reauthentiction
eapol_test -r 1 ... in order to test session resumption. See the
eapol_test documentation for more information.
Need more help?
Network RADIUS has been helping clients around the world design and deploy their RADIUS infrastructure for 20 years. We specialize in complex systems and have seen pretty much every variation and problem out there. If you want help from the people who wrote FreeRADIUS, visit our quote page to contact us for a consultation.