How to test a VIP Enterprise Gateway validation server using vsradiusclient_test.exe
search cancel

How to test a VIP Enterprise Gateway validation server using vsradiusclient_test.exe

book

Article ID: 164557

calendar_today

Updated On:

Products

VIP Enterprise Gateway

Issue/Introduction

What is vsradiusclient_test.exe?

It is a Symantec RADIUS test client for sending RADIUS authentication requests to the VIP Enterprise Gateway Validation Server. The tool work on Windows, Linux, AIX, HP-UX, and Solaris platforms. (The 3rd-party tool 'NTradping' tool can also be used).

Where do I get it?

On the VIP Enterprise Gateway, it is located in the <install path>\Symantec\VIP_Enterprise_Gateway\tools folder. Download manually from VIP Manager by navigating to Account > Download Files > Third Party Integrations > Tools.zip. (manual download only requires Visual C++ 2012 x64 Update 4 Redistributable)

What is it used for?

  • Verify or test the state of an Enterprise Gateway Validation Server by sending a RADIUS validation request directly to the validation server, then viewing the response.
  • Rapidly send tests to multiple VIP Enterprise Gateway systems from a single instance of the tool. Use it locally or remotely. 
  • Create a script to automatically check the uptime of a VIP EG validation server. Various options help enable this use-case securely. See “Health Monitor for Validation Server” section of the Enterprise Gateway Installation and Configuration guide.

Instructions for use:

Syntax:

vsradiusclient_test.exe --server-host { ip_addr | hostname } [--server-port int] --client-ip ip_addr { --secret string | --secret-file file_name } [--user-name string --password string] [--attempts int] [--timeout int] [--verbose]

Required parameters:

--server-host  IP address or DNS name of the target VIP Enterprise Gateway
--server-port  VIP EG Validation Server port number
--client-ip  IP of this machine.
--secret  The RADIUS shared secret set in the Validation server settings on the target VIP Enterprise Gateway

Optional parameters:

--user-name  Username who can satisfy the VIP EG userstore filters (for ULO) and exists in the VIP Cloud (ULO and UO). The user should also have a credential assigned in VIP Manager.
--password  Username AD/LDAP password. If UO mode only, this is the VIP credential security code. 
--secret-file  Location of the file containing the shared secret. Keeps the shared secret out of process list space - especially important for multi-user systems. Appropriate ACLs are required for the file containing the unencrypted shared secret.
--attempts  Number of retry attempts
--timeout  Value (in seconds) of the request timeout
--user-agent  User-agent attribute to be added the RADIUS request. Will be visible in the VIP EG validation server log. 

Note: To prevent buffer conflict errors, periodically open a fresh command prompt session if repeated tests are performed.

Sample:
C:\> vsradiusclient_test.exe --server-host 10.11.12.13 --server-port 1812 --client-ip 192.168.1.2 --secret RADIUSsharedsecret --user-name bsmith --password bmithpassword --timeout 60

Interactive Mode (will prompt for username and password):
C:\> vsradiusclient_test.exe --server-host 10.11.12.13 --server-port 1812 --client-ip 192.168.1.2 --secret RADIUSsharedsecret --timeout 60

Automated mode:
C:\> vsradiusclient_test.exe --server-host 10.11.12.13 --server-port 1817 --client-ip 192.168.1.2 --secret-file “C:\vip_monitor_secret.txt” --user-name vipmonitor --password vipmonitorpassword --timeout 3
 

Resolution

 

 

Attachments