Radloginv 4
Radloginv 4
Radloginv 4
Version 4.0.41
License
IEA Software, Inc. grants to you, and you accept, a limited, nonexclusive and revocable license to use the Software. You agree to use the Software in machine-readable
object code form only as authorized in this License Agreement. This License Agreement does not convey
any title or interest in the Software to you.
Scope of License
You may not make any changes or modifications to the Software, and you may
not de-compile, disassemble, or otherwise reverse engineer the Software. You may not lend, rent, lease
or sublicense the Software or any copy to others for any purpose. You are not permitted to make any uses
or copies of the Software that are not specifically authorized by the terms of this License Agreement. Your
adherence to this License Agreement will allow IEA Software, Inc. to continue developing innovative and
useful products and providing a high level of customer service and support. If you do not comply with the
terms of this License Agreement, your license will be revoked.
Updates and Support All software updates and fixes are available via the IEA Software, Inc. Web site.
Technical support is currently available via methods listed on our Web site Support section at
http://www.iea-software.com/support.
Restricted Rights
The Software is provided with U.S. Governmental Restricted Rights. Use,
duplication, or disclosure by the Government is subject to restrictions set forth in subparagraph (1)(ii) of
The Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 or subparagraphs
(1) and (2) of the Commercial Computer Software - Restricted Rights at 48 CFR 52.227-19 as
applicable. The Software is also protected by International Treaty Provisions. Manufacturer is IEA
Software, Inc. PO BOX 1170 Veradale WA, 99037.
Miscellaneous This License Agreement shall be construed, interpreted and governed by the laws of the
State of Washington. Should any term of this License Agreement be declared void or unenforceable by
any court of competent jurisdiction, enforcement of the remaining terms shall not be affected. Failure of
either party to enforce any rights or to take action against the other party in the event of any breach of this
Licensing Agreement shall not be deemed a waiver of any subsequent enforcement of rights.
Limitations of Liability and Remedies In no event shall IEA Software, Inc. or its licensors be liable for
any loss of profit or any other commercial damage, including but not limited to special, incidental,
consequential or other damage, even if IEA Software, Inc. or its licensors are advised, in advance, of the
possibility of such damages. IEA Software, Inc. and its licensors entire liability and your exclusive remedy
shall be, at IEA Softwares option, either (a) return of the price paid, or (b) repair or replacement of the
Software. To the maximum extent permitted by applicable law, IEA Software, Inc. and its licensors
disclaim all other warranties, either express or implied, including but not limited to, implied warranties with
Radlogin Version 4
regard to the Software and the accompanying material. This Limited Warranty is void if failure of the
Software has resulted from accident, abuse or misapplication. You may have other specific legal rights,
which vary from state/jurisdiction to state/jurisdiction.
Return Policy It is our goal to provide customers with the highest level of satisfaction possible. In order
to ensure that our products work well in your environment, IEA Software offers a 45-day FULL functioning
software trial that includes documentation and support. If you require more than 45 days to evaluate the
software, we are happy to work with you to extend the trial to a length that fits your timetable. This gives
you, the user, an opportunity to ensure that the product fully meets your needs. In light of the trial period
and opportunity to fully test our software, IEA Software maintains the policy that no refunds will be offered.
We will, however, address any problems with the software.
Should a software anomaly occur, our Development and Support Teams will work to correct the problem.
Please note that you must be using the application normally, as defined, and you must ensure that the bug
is not due to anomalies in other programs, the operating system, your hardware, or data.
In order to address any problems, please note that the bug must be able to be reproduced. Our
Development and Support Teams will require full documentation of the steps taken by the user that
caused the error in the software as well as necessary data and scenario files to reproduce the error.
Contact
Should you have any questions concerning this license agreement, please contact IEA
Software, Inc. PO BOX 1170 Veradale, WA 99037 U.S.A. (509) 444-BILL (2455).
Information in this document is subject to change without notice. No part of this document may be
reproduced or transmitted in any form or by any means, electronic or mechanical, without the express
written consent of IEA Software, Inc.
Trademarks
Emerald Management Suite, RadiusNT and RadiusX are trademarks of IEA Software, Inc. All images,
photographs, animations, audio, video and text incorporated into the Software are owned by IEA Software,
Inc., unless otherwise noted by Trademark. Alpha AXP is a registered trademark of Digital Equipment
Corporation. Intel is a registered trademark of Intel Corporation. Transact-SQL is a registered trademark
and DB-Library is a trademark of Sybase, Inc. Sparc Solaris are trademarks of Sun Microsystems. Cisco
is a trademark of Cisco Systems. All other trademarks are the property of their respective owners.
Radlogin Version 4
Table Of Contents
SOFTWARE LICENSE AGREEMENT ......................................................................................................... 1
TRADEMARKS .............................................................................................................................................. 2
INTRODUCTION........................................................................................................................................... 3
SYSTEM REQUIREMENTS ......................................................................................................................... 4
BROWSER ................................................................................................................................................... 4
LINUX .......................................................................................................................................................... 4
SOLARIS ...................................................................................................................................................... 4
W INDOWS ................................................................................................................................................... 4
INSTALLATION ............................................................................................................................................ 4
LINUX .......................................................................................................................................................... 4
SOLARIS ...................................................................................................................................................... 4
W INDOWS ................................................................................................................................................... 5
CONFIGURING ............................................................................................................................................. 5
SETTINGS .................................................................................................................................................... 5
RADIUS SERVERS ...................................................................................................................................... 7
REQUEST PROFILES ..................................................................................................................................... 7
CHANGE PASSWORD .................................................................................................................................... 9
COMMAND-LINE INTERFACE .................................................................................................................... 9
SERVER MONITORING ............................................................................................................................. 10
RADIUS LOGIN .......................................................................................................................................... 12
WEB SERVICE REQUESTS ...................................................................................................................... 13
PACKET DECODING ................................................................................................................................. 14
ACCOUNTING LISTENERS ....................................................................................................................... 15
ASTERISK CALL DETAIL RECORDS (CDR) ................................................................................................... 15
Introduction
The RADIUS test client is an easy to use tool to simulate, debug and monitor most RADIUS and Network
Access Servers (NAS).
IEA Software is a world-leading provider of billing, customer care, and authentication solutions for ISPs,
VISPs, wireless and VOIP. Please visit our web site (http://www.iea-software.com) or contact our sales
staff to learn more.
Radlogin Version 4
System Requirements
Browser
Any web browser supporting CSS2 (Netscape 6+ or Internet Explorer 6+)
Linux
PERL (required for installation)
x86 based CPU
Solaris
PERL (required for installation)
Solaris 2.6 or higher
Sparc based CPU
Windows
Any edition of Windows NT4, 2000, XP, Vista/7, 2003 and 2008/R2
Installation
Linux
Download the Radlogin 4 archive (radlogin4_linux.tar.gz) into a temporary folder.
To un-archive the file type:
tar zxf radlogin4_linux.tar.gz
Next, run the installer:
./install.pl
Press C then Enter to continue.
To start the server: reboot or run /usr/local/radius/radlogin.
To access the web interface browse to http://localhost:8020
Solaris
Download the Radlogin 4 archive (radlogin4_solaris.tar.gz) into a temporary folder.
To un-archive the file type:
gzip d radlogin4_solaris.tar.gz
tar xf radlogin4_solaris.tar
Next, run the installer:
./install.pl
Press C then Enter to continue.
To start the server, run /usr/local/radius/radlogin.
To access the web interface browse to http://localhost:8020
Radlogin Version 4
Windows
Download the Radlogin 4 archive (radlogin4.exe) into a temporary folder.
Run radlogin4.exe
Follow the prompts.
The web interface can be accessed by selecting Programs / RadiusNT / Radius test client from the
windows START menu.
Configuring
Settings
Option
HTTP bind IP Address
HTTP port
Server threads
Radlogin Version 4
Description
Local IP Address the web server will listen for incoming http
requests. By default the server listens on all available
interfaces. Note you can restrict access to only local clients
by setting the bind address to the local loop back interface
(127.0.0.1)
TCP port to listen for incoming http requests.
Number of concurrent requests the server can process at any
one time. There is no limit however its unlikely you will ever
need more than 10.
5
Default server
Default profile
Radlogin Version 4
RADIUS servers
Option
Server address
Shared secret
Auth port
Acct port
Disconnect/CoA
port
Timeout (secs)
Retries
WS auth key
Description
IP Address or hostname of the RADIUS server.
RADIUS shared secret, the server must have the same secret configured
for requests coming from the radlogin test client.
Port used to send authentication requests. The official RADIUS
authentication port is 1812. Unofficially 1645 is still quite popular.
Port used to send accounting requests. The official RADIUS accounting
port is 1813. Unofficially 1646 is still quite popular.
Port used to send Disconnect or CoA requests to an Access server. The
official Disconnect port is 3799. Unofficially 1700 is popular.
Number of seconds to wait for a response from the RADIUS server.
Number of times to resend a request if there is no response within the
Timeout period above.
When set web service requests may query this server provided the
requestor provides an authkey matching the key specified in this field. If not
set web service requests for this client are disabled.
Request profiles
Request profiles optionally define the list of attributes sent to the RADIUS servers as well as various
authentication and accounting options. At least one request profile is required in order to use 'Server
monitoring' or 'Radlogin' features.
Radlogin Version 4
Option
Profile name
Role
Auth Method
Asterisk Event
Description
Name to identify your request profile by.
Sets whether RADIUS requests sent using this profile should be an
authentication, accounting, disconnect or CoA request.
If an authentication request will be sent, should PAP or CHAP be used to
send for password authentication? PAP (Password Authentication
Protocol) works with any backend database. CHAP (Challenge
Handshake Authentication Protocol) requires the RADIUS server have
access to the users unencrypted text password.
When role is Asterisk Acct event sets the name of the Asterisk Manager
API event the profile is to listen for. Typically event name is Cdr for Call
Detail records.
After creating a new request profile you can begin adding attributes to your profile.
Click the attributes link to begin adding them.
In the example above you will notice variables in the Data column. Radlogin provides several built-in
variables to provide unique data helping to simulating multiple requests. Variables and what they do can
be found in the table below. If you specify a variable not in this table, you will be prompted to provide a
value for that variable while using the Radius login feature.
Variable
$counter
$counter2
$counter3
Radlogin Version 4
Description
Starting at one increments by one for each request
Counter2 resets to 1 after reaching 2.
Counter3 resets to 1 after reaching 3.
$counter10
$counter100
$counter1000
$counteraz
$randaz
$randaiz5
$randaz10
$randip
$timestamp
$sessionid
Change password
The admin password used to login to the radlogin web interface can be changed by entering a new
password here. If you have other IEA software products such as Emerald or RadiusNT/X installed on the
same computer changing the admin password for radlogin will also cause the admin password all other
web based admin interfaces to change as well.
Command-line interface
Radlogin Version 4
Description
Sends a single PAP authentication request for
the user neila with a password of test123.
Sends a single Accounting START request for
the user neila.
Sends a single Accounting STOP request for
the user neila.
Sends 1000 PAP authentication requests for
the user neila with a password of test123.
Sends a single CHAP authentication request for
the user neila.
Sends an authentication request using the file
raddebug58.txt. FILE must contain a hex dump
Server monitoring
Server monitoring periodically polls RADIUS servers, testing their ability to respond to authentication or
accounting queries. The scoreboard shows a list of servers being monitored, their current status,
statistics such as response times in Milliseconds and average uptime. The Age field displays the number
of seconds since the server was last polled. In addition to the web interface, radlogin can also send email
notifications if the server stops responding.
Radlogin Version 4
10
Option
Monitor name
RADIUS Server
Auth Username
Auth Password
Down notify E-Mail
Profile
Normal check interval
Down check interval
Response handling
Radlogin Version 4
Description
Name of the system being monitored
11
RADIUS login
Option
RADIUS Server
Profile
Iterations
Login
Password
MTU
Radlogin Version 4
Description
Selecting All will use the first available RADIUS server to perform the
query. (See RADIUS servers)
(See Request profiles)
Indicates the number of requests to simulate. If you choose more than a
single request a summary of activity is displayed every 2.5 seconds. If you
wish to do load testing we recommend you open several browser windows
and run tests simultaneously in each window since radlogin currently cannot
track more than one outstanding request per window.
User-Name to send for authentication or accounting requests.
Password to send for authentication requests.
MTU is a dynamic field added by the existence of $MTU in the test auth 1
profile. (See Request profiles).
12
Required
Yes
Profile
Yes
Authkey
Yes
Login
Password
No
Description
Server Hostname or IP Address as configured from the RADIUS
servers menu. Note: Server name must exactly match the name
of the configured server.
Profile name as configured from the Request profiles menu.
Profiles determine the type of RADIUS request to be issued.
WS authorization key provides authorization to issue requests to
Server. Authkey must exactly match the WS auth key field
configured via the RADIUS servers menu.
Based on selected profile type - Login provides User-Name
RADIUS attribute for authentication, accounting and
Disconnect/CoA.
When the selected profile type is authentication Password
determines the password sent in the RADIUS request.
Any other attribute name sent in the request can match a request
profile variable allowing values for additional RADIUS request
attributes to be configured in the web service request. See
Request profiles for more information on configuring request
variables.
Example Request:
http://myradloginserver:8020/request?server=localhost&profile=Basic+auth&authk
ey=reM0T3prox1weB&login=testuser&password=testpass
A response to the web service request consists of a URL Encoded string of response variables. The
following variables may be returned in response to a RADIUS request.
Variable Name
Retcode
Msg
Resptime
*
Description
Request status code 0=Good request/ACK, 1=Authentication Failure/Auth NAK,
2=Request timeout, 3=Request failure/error
String describing the overall request status
Duration of RADIUS request measured in milliseconds 1000 MS = 1 Second
Any other variables returned consist of RADIUS reply attributes as named in the
RADIUS dictionary. Note: The dash - character is omitted from attribute names.
Radlogin Version 4
13
Packet decoding
Many NAS, RADIUS servers and network monitoring applications such as MS Network Monitor or
Wireshark allow you to dump RADIUS AVPs (Attribute-Value-Pairs) in a raw hexadecimal format. The
packet decoder allows you to take this information, check for errors and display in a human readable
format. Using the decoder AVPs can be bulk imported into existing Request profiles to quickly allow you
to simulate or replay requests from a wide range of NASes.
Note: RadiusNT/X packet debug is enabled by including the X flag from the command line. For
example radius x15 X starts radius in debug 15 mode with packet debugging enabled.
Radlogin Version 4
14
Accounting Listeners
Listeners provide a means of monitoring remote systems for important events. Once received these
events are translated into RADIUS/AAA accounting requests for reporting and billing purposes.
Type
Asterisk
Event
All Events
Listenusername
Asterisk
Cdr
Listencallerid
Asterisk
Cdr
Listendnis
Asterisk
Cdr
Description
IP Address of configured listener typically used as NAS-IPAddress (NAS-Identifier)
Reflects users phone number by matching Source/Destination
against from-internal Context.
Reflects users calling number by matching Source/Destination
against from-internal Context.
Reflects users called number or INCOMING CALL for
incoming calls by matching Source/Destination against frominternal Context.
Two asterisk request profiles are included by default. Asterisk (RADIUS Standard) translates asterisk
CDR events to standard attributes all RFC 2866 compliant RADIUS/AAA systems understand. If you will
be integrating Asterisk with the Emerald Management Suite this profile should be used. A secondary
profile Asterisk (Digium VSA) is also available which translates CDR events to asterisk specific VSAs for
systems specifically requiring them. Each of the default request profiles can be customized as needed to
provide the desired RADIUS accounting attributes.
Note: CDR manager event logging must be enabled by editing the file
/etc/asterisk/cdr_manager.conf on the asterisk server to reflect the following setting:
[general]
enabled = yes
Option
Name
Description
Listener server description
Radlogin Version 4
15
Server
Profile
Listener
Queue
Queued
Resp Avg
To add a new listener click the add link besides the Listener menu item.
Option
Listener name
Listener type
RADIUS Server
Radlogin Version 4
Description
Short text describing the asterisk server and purpose of the
listener.
Type of listener, currently Asterisk Manager API is the only
available type.
Specifies RADIUS server collected event are to be sent. If
RADIUS Server is set Any all configured and available RADIUS
servers can be used to provide fault tolerance.
Number of accounting retries attempted before discarding a
queued accounting record. Note: Each try in this context counts
as failures of the entire failover and retry policy configured within
the Radius Servers menu. A dynamic back-off mechanism is used
between each try.
16
Profile
Radlogin Version 4
17