Search For :

in:

All Sections 1. General Commands 2. System Calls 3. Subroutines 4. Special Files 5. File Formats 6. Games and Demos 7. Macros and Conventions 8. Maintenence Commands

 

NAME

radclient - send packets to a RADIUS server, show reply  

SYNOPSIS

radclient [-d raddb_directory] [-c count] [-f file] [-i id] [-r num_retries] [-s] [-S shared_secret_file] [-t timeout] [-qvx] server {acct|auth|status|disconnect} secret  

DESCRIPTION

radclient is a radius client program. It can send arbitrary radius packets to a radius server, then shows the reply. It can be used to test changes you made in the configuration of the radius server, or it can be used to monitor if a radius server is up.

radclient reads radius attribute/value pairs from it standard input, or from a file specified on the command line. It then encodes these attribute/value pairs using the dictionary, and sends them to the remote server.

The User-Password attribute is automatically encrypted by radclient.

 

OPTIONS

-c count

Send each packet count times. /etc/raddb.

-d raddb_directory

The directory that contains the RADIUS dictionary files. Defaults to /etc/raddb.

-f file

File to read the attribute/value pairs from. If this is not specified, they are read from stdin.

-i id

Use id as the RADIUS request Id.

-q

Go to quiet mode, and do not print out anything.

-r num_retries

Try to send each packet num_retries times, before giving up on it. The default is 10.

-sPrint

-S shared_secret_file

Rather than reading the shared secret from the command-line (where it can be seen by others on the local system), read it instead from shared_secret_file.

-t timeout

Wait timeout seconds before deciding that the NAS has not responded to a request, and re-sending the packet. The default timeout is 3.

-v

Print out version information.

-x

Print out extra debugging information.

server[:port]

The hostname or IP address of the remote server. Optionally a UDP port can be specified. If no UDP port is specified, it is looked up in /etc/services. The service name looked for is radacct for accounting packets, and radius for all other requests. If a service is not found in /etc/services, 1813 and 1812 are used respectively.

acct | auth

Use auth to send an authentication packet (Access-Request), acct to send an accounting packet (Accounting-Request), status to send an status packet (Status-Server), or disconnect to send a disconnection request. Instead of these values, you can also use a decimal code here. For example, code 12 is also Status-Server.

secret

The shared secret for this client. It needs to be defined on the radius server side too, for the IP address you are sending the radius packets from.

 

EXAMPLE

A sample session that queries the remote server for Status-Server (not all servers support this. Cistron-radiusd does since version 1.6.5):

$ echo "User-Name = fnord" | radclient 192.168.1.42 12 s3cr3t
Sending request to server 192.168.1.42, port 1812.
radrecv: Packet from host 192.168.1.42 code=2, id=140, length=54
    Reply-Message = "FreeRADIUS up 21 days, 02:05"

 

SEE ALSO

radiusd(8), radtest(1).  

AUTHORS

Miquel van Smoorenburg, miquels@cistron.nl. Alan DeKok <aland@freeradius.org>

---

 

Index

NAME

SYNOPSIS

DESCRIPTION

OPTIONS

EXAMPLE

SEE ALSO

AUTHORS