How to test a VIP Enterprise Gateway validation server using vsradiusclient_test.exe
search cancel

How to test a VIP Enterprise Gateway validation server using vsradiusclient_test.exe


Article ID: 164557


Updated On:


VIP Service


What is vsradiusclient_test.exe?

Vsradiusclient is a RADIUS test tool for testing RADIUS authentication requests to the VIP Enterprise Gateway RADIUS Validation Server. The tool work on Windows, Linux, AIX, HP-UX, and Solaris platforms and can be run directly on the Enterprise Gateway or remotely from another server. (The 3rd-party tool 'NTradping' tool can also be used).

Where do I get it?

On the VIP Enterprise Gateway, it is located in the <install path>\Symantec\VIP_Enterprise_Gateway\tools folder. Download manually from VIP Manager by navigating to Account > Download Files > Third Party Integrations > (manual download only requires Visual C++ 2012 x64 Update 4 Redistributable). 

What is it used for?

  • Verify or test the state of an Enterprise Gateway Validation Server by sending a RADIUS validation request directly to the validation server, then viewing the response.
  • Rapidly send tests to multiple VIP Enterprise Gateway systems from a single instance of the tool. Use it locally or remotely. 
  • Create a script to automatically check the uptime of a VIP EG validation server. Various options help enable this use-case securely. See “Health Monitor for Validation Server” section of the Enterprise Gateway Installation and Configuration guide.

Instructions for use:


vsradiusclient_test.exe --server-host { ip_addr | hostname } [--server-port int] --client-ip ip_addr { --secret string | --secret-file file_name } [--user-name string --password string] [--attempts int] [--timeout int] [--verbose]

Required parameters:

--server-host  IP address or DNS name of the target VIP Enterprise Gateway
--server-port  VIP EG Validation Server port number
--client-ip  IP of the machine running the test. 
--secret  The RADIUS shared secret set in the Validation server settings on the target VIP Enterprise Gateway

Optional parameters:

--user-name  Username who can satisfy the VIP EG userstore filters (for ULO) and exists in the VIP Cloud (ULO and UO). The user should also have a credential assigned in VIP Manager.
--password  Username AD/LDAP password. If UO mode only, this is the VIP credential security code. 
--secret-file  Location of the file containing the shared secret. Keeps the shared secret out of process list space - especially important for multi-user systems. Appropriate ACLs are required for the file containing the unencrypted shared secret.
--attempts  Number of retry attempts
--timeout  Value (in seconds) of the request timeout
--user-agent  Optional user-agent attribute added to the RADIUS request that is visible in the VIP EG validation server log. 

Note: To prevent buffer conflict errors, periodically open a fresh command prompt session if repeated tests are performed.

C:\> vsradiusclient_test.exe --server-host --server-port 1812 --client-ip --secret RADIUSsharedsecret --user-name bsmith --password bmithpassword --timeout 60

Interactive Mode (will prompt for username and password):
C:\> vsradiusclient_test.exe --server-host --server-port 1812 --client-ip --secret RADIUSsharedsecret --timeout 60

Automated mode:
C:\> vsradiusclient_test.exe --server-host --server-port 1817 --client-ip --secret-file “C:\vip_monitor_secret.txt” --user-name vipmonitor --password vipmonitorpassword --timeout 3

If the secret e.g. ^9f7&5WVDxXHg7k4EP28yTY5A contains the special characters then enclose the sharedsecret with double quotes. Example below-

C:\> vsradiusclient_test.exe --server-host --server-port 1812 --client-ip --secret "^9f7&5WVDxXHg7k4EP28yTY5A" --timeout 60

Testing with Number Challenge with PUSH:

Press ENTER after the number is entered on the VIP Access app and accepted.


VIP Enterprise Gateway




Attachments get_app