manpagez: man pages & more
man radclient(1)
Home | html | info | man
radclient(1)                   FreeRADIUS Daemon                  radclient(1)




NAME

       radclient - send packets to a RADIUS server, show reply


SYNOPSIS

       radclient  [-d  raddb_directory]  [-c  count]  [-f  file]  [-i  id] [-n
       num_requests_per_second] [-p num_requests_in_parallel] [-r num_retries]
       [-s] [-S shared_secret_file] [-t timeout] [-qvx] server {acct|auth|sta-
       tus|disconnect|auto} secret


DESCRIPTION

       radclient is a radius client program.  It  can  send  arbitrary  radius
       packets  to  a  radius  server, then shows the reply. It can be used to
       test changes you made in the configuration of the radius server, or  it
       can be used to monitor if a radius server is up.

       radclient reads radius attribute/value pairs from it standard input, or
       from a file specified on  the  command  line.  It  then  encodes  these
       attribute/value  pairs  using  the  dictionary,  and  sends them to the
       remote server.

       The  User-Password  and  CHAP-Password  attributes  are   automatically
       encrypted before the packet is sent to the server.



OPTIONS

       -c count
              Send each packet count times.

       -d raddb_directory
              The   directory  that  contains  the  RADIUS  dictionary  files.
              Defaults to /etc/raddb.

       -f file
              File to read the attribute/value pairs  from.  If  this  is  not
              specified,  they are read from stdin.  This option can be speci-
              fied multiple times, in which case packets are sent in order  by
              file,  and  within each file, by first packet to last packet.  A
              blank line separates logical packets within a file.

       -i id  Use id as the RADIUS request Id.

       -n num_requests_per_second
              Send  num_requests_per_second,  evenly  spaced  over  time.   By
              default, the requests are sent as fast as possible.  This option
              allows you to slow  down  the  rate  at  which  radclient  sends
              requests.

       -p num_requests_in_parallel
              Send  num_requests_in_parallel,  without  waiting for a response
              for each one.  By default, radclient sends the first request  it
              has  read,  waits  for  the  response,  and once the response is
              received, sends the second request in  its  list.   This  option
              allows  you  to  send  many  requests  at  simultaneously.  Once
              num_requests_in_parallel are sent, radclient waits  for  all  of
              the  responses  to  arrive  (or  for  the requests to time out),
              before sending any more packets.

       -q     Go to quiet mode, and do not print out anything.

       -r num_retries
              Try to send each packet num_retries times, before giving  up  on
              it.  The default is 10.

       -s     Print out some summaries of packets sent and received.

       -S shared_secret_file
              Rather  than  reading  the  shared  secret from the command-line
              (where it can be seen by others on the local  system),  read  it
              instead from shared_secret_file.

       -t timeout
              Wait  timeout  seconds  before  deciding  that  the  NAS has not
              responded to a request, and re-sending the packet.  The  default
              timeout is 3.

       -v     Print out version information.

       -x     Print out debugging information.

       server[:port]
              The  hostname  or  IP address of the remote server. Optionally a
              UDP port can be specified. If no UDP port is  specified,  it  is
              looked  up  in  /etc/services.  The  service  name looked for is
              radacct  for  accounting  packets,  and  radius  for  all  other
              requests.  If  a service is not found in /etc/services, 1813 and
              1812 are used respectively.

              The RADIUS attributes read by radclient can contain the  special
              attribute Packet-Dst-IP-Address.  If this attribute exists, then
              that IP address is where the packet  is  sent,  and  the  server
              specified on the command-line is ignored.

              If  the RADIUS attribute list always contains the Packet-Dst-IP-
              Address attribute, then the server parameter can be given as  -.

              The  RADIUS attributes read by radclient can contain the special
              attribute Packet-Dst-Port.  If this attribute exists, then  that
              UDP port is where the packet is sent, and the :port specified on
              the command-line is ignored.


       acct | auth | status | disconnect | auto
              Use auth to send an authentication packet (Access-Request), acct
              to  send  an  accounting  packet (Accounting-Request), status to
              send an status packet (Status-Server), or disconnect to  send  a
              disconnection request. Instead of these values, you can also use
              a decimal code here. For example, code 12 is also Status-Server.

              The  RADIUS attributes read by radclient can contain the special
              attribute Packet-Type.  If this attribute exists, then that type
              of packet is sent, and the type specified on the command-line is
              ignored.

              If the RADIUS attribute list  always  contains  the  Packet-Type
              attribute, then the type parameter can be given as auto.


       secret The  shared  secret  for this client.  It needs to be defined on
              the radius server side too, for the IP address you  are  sending
              the radius packets from.



EXAMPLE

       A  sample session that queries the remote server for Status-Server (not
       all servers support this, but FreeRADIUS has configurable  support  for
       it).

              $ echo "Message-Authenticator = 0x00" | radclient 192.168.1.42 status s3cr3t
              Sending request to server 192.168.1.42, port 1812.
              radrecv: Packet from host 192.168.1.42 code=2, id=140, length=54
                  Reply-Message = "FreeRADIUS up 21 days, 02:05"




SEE ALSO

       radiusd(8),


AUTHORS

       Miquel  van Smoorenburg, miquels@cistron.nl.  Alan DeKok <aland@freera-
       dius.org>



                                 7 April 2005                     radclient(1)

Mac OS X 10.6Server - Generated Wed Apr 14 06:05:57 CDT 2010
© manpagez.com 2000-2024
Individual documents may contain additional copyright information.