vsradiusclient_test.exe is a RADIUS test client used to simulate a RADIUS authentication request by sending data directly to the VIP Enterprise Gateway. This tool with work on Windows, Linux, AIX, HP-UX , and Solaris platforms. (NOTE: Another common 3rd party tool used is NTradping. See:https://support.symantec.com/en_US/article.TECH14018.html).
Download vsradiusclient_test.exe from VIP Manager by navigating to Account > Download Files > Third Party Integrations > Tools.zip
Troubleshooting Validation server
If you are encountering an issue, or suspect an issue with the RADIUS portion of the VIP Enterprise Gateway server (Validation server), test it directly with this tool.
Quickly testing a user’s credentials
Your helpdesk might use this to check if a user’s credentials have been locked, verify if the Validation server is functioning, troubleshooting internal connectivity issues, and more.
Unit deployment and testing
Because VIP Enterprise Gateway is used in conjunction with other services, it is often helpful to deploy and test in units or stages. This tool enables unit testing.
Consistency checking across validation servers
For rapid testing across multiple VIP Enterprise Gateway systems, this tool can be faster during periods of rapid change and can enable faster configuration deployments.
The scripted nature of this tool can lead to automatically check uptime of the application. Several additional options help enable this use-case securely. See “Health Monitor for Validation Server” section of the Enterprise Gateway Installation and Configuration guide.
This is the IP address or DNS name of VIP Enterprise Gateway
The IP of this machine.
The configured RADIUS shared secret on the Validation server in VIP Enterprise Gateway
The test user name. This user needs to already have a user credential.
The test user’s AD/LDAP password. The last SIX need to be the current VIP OTP.
The selected port configured on the Validation tab of VIP Enterprise Gateway.
Used for automation. This keeps the shared secret out of process list space - especially important for multi-user systems. Appropriate ACLs are required for the file containing the unencrypted shared secret.
List the number of time to attempt authentication.
The delay, in seconds, between attempts if the Validation server is not responding (packet loss scenario). A well-behaving network will usually send an ICMP response if there is an issue with a packet (packet drop), but that response is sent unreliably. If there are routing or other network issues with the environment, these do not always make it back to the originating system (this one).
Lists much more information about the process of testing authentication. Potentially useful during troubleshooting.
This is a basic vsradiusclient_test.exe command: C:\> vsradiusclient_test.exe --server-host 10.11.12.13 --server-port 1812 --client-ip 192.168.1.2 --secret RADIUSsharedsecret --user-name bsmith --password bobspassword --timeout 60
Suggested syntax: --server-host - (required) the IP address or hostname of the validation server --server-port - the port number for the validation server, as configured in the Config Console. --secret - the radius shared secret, as configured in the Config Console.
Valid example using sample values: ./vsradiusclient_test --server-host 10.10.0.10 --server-port 1812 --client-ip 10.10.0.12 --secret myradiussecret --user-name user1 --password myldappassword123456
Imported Document ID: SO15620
Subscribing will provide email updates when this Article is updated. Login is required.