Wireless computer networks introduce significant convenience, at the cost of bringing up a host of security problems. The owner of a wireless network must implement some sort of access control to ensure only authorized users join the network. Without access control, unauthorized users may be able to eavesdrop on the traffic of every other user of the wireless network, and access servers and data repositories within the same intranet. Remote Authentication Dial In User Service (RADIUS) is a protocol that provides access control. Dedicated remote access servers communicate with potential clients during the initial part of every successful connection to the network, executing a multi-step handshaking to verify they are in a database of authorized users. An important step in the installation and configuration of a RADIUS system consists of testing that legitimate clients can indeed join the wireless network.
Things You'll Need
- Administrator access to RADIUS server running Linux
- Access to RADIUS client running Linux
Log into the server computer as the RADIUS administrator.
Execute the RADIUS server daemon in extended debugging mode. Type in a Linux shell:
/usr/local/sbin/radiusd -X -A
Log into the client computer. Run the "radtest" command in a Linux shell by typing:
radtest [username] [password] [servername] 1 notImportant
Replace [username] by the user name of a legitimate RADIUS user, [password] by the corresponding password and [servername] by the host name of the server. The last two parameters are not really important for this use of "radtest," so you can use the sample values.
If the RADIUS server is correctly configured, "radtest" will return a message reading:
rad_recv: Access-Accept packet from host [servername].