Free Radius

I want to install Free Radius for my wireless. I went to the site and I couldnt find a windows version. Only linux
Is there a windows version and if so where? Also Would anyone strongly recommend using the linux version over windows?

im trying the MD5 just learn about the config files.
Im following this http://wiki.freeradius.org/EAP/MD5_HOWTO
I'm having problems with this part
"Assumptions:
* You have a server that starts without any errors when doing radiusd -s -X
* You have at least one properly configured client (i.e. Access Point, AP)
* You have at least one configured user and your radtest user password 10 secret'' works from a test host (e.g. localhost), i.e. you receive an Accept message from your server"
making the radtest: Would I put this in the users.config file?
radtest Auth-Type := Local, User-Password == "secret10"
radiusd -s -X? I'm using the windows version to learn. Its intalled on my desktop. I don't think I need this part.

Similar Messages

  • Oracle Security with free radius

    Hello,
    Have few questions on Radius configuration and setup on HP-UX box.
    1. Is it possible to install free radius client and server on HP-UX 11i?
    2. Will Radius work without OAS option? Currently we are using SE (Std. Edition)
    Tried installing free radius client/server on HP-UX.. but I was not successed.. Is it possible to achive this?
    Thanks in advance.
    Cheers,
    Binny

    Without Advanced security how does Oracle server recognize RADIUS? Currently we are using Standard enterprise. With this option the RADIUS adaptor does not exists. Need to know with SE can we achieve Authentication?
    Many thanks,
    Binny

  • SPARC v240 can i install Solaris 10 and free Radius proxy software?

    On a SPARC v240 can i install Solaris 10 and free Radius proxy software?

    No, the patch was created on top of Solaris 10 packages. The patchadd utility requires that the VERSION strings match between the installed package's pkginfo file and the pkginfo files inside the patch. Unless the base package did not change between Solaris 9 and Solaris 10, the patch will not get applied because of the VERSION mismatch. But it is very unlikely that the packages did not change between the two releases.
    Even if you were to be able to install it, there could be dependencies that the patch's binaries have on other Solaris 10 binaries.
    -- Alan

  • Cisco AAA and Free Radius enable secret failure

    Hi,
    I am currently testing aaa authentication with free radius.
    I can authenticate users through the radius server, however i cannot authenticate the enable secret.
    Here is the router configurations
    aaa new-model
       aaa authentication login default group radius local
       aaa authentication login localauth local
       aaa authentication ppp default if-needed group radius local
       aaa authentication enable default group radius enable
       aaa authorization exec default group radius local
       aaa authorization network default group radius local
       aaa accounting delay-start
       aaa accounting exec default start-stop group radius
       aaa accounting network default start-stop group radius
    radius-server host 192.168.0.135 auth-port 1812 acct-port 1813 key cisco
    I have created a user for the enable secret as such:
    $enable15$   Auth-Type := local
            Service-Type = NAS-Prompt-User
    The router cannot authenticate when logging for priviliged mode. I cannot find any log on the radius server as well.
    PLease help.

    It should be $enab15$ as the user that IOS sends to the radius server.
    Sent from Cisco Technical Support iPhone App

  • Radius Dictionary file conversion from free radius/steelbelt to cisco acs

    Does anyone have a tool or have experience converting a free radius dictionary file to cisco acs radius format.

    The key is to get all of the information needed. Normally when they say it takes too long for the client to answer that is not always the exact fault.
    You may seem to get that answer if the ACS is taking a long time to process the request and the switch or client has basically timed out its requests.
    The information needed is the following
    all of these items really need to be gathered at the same time
    switch debugs including
    debug radius
    debug aaa authen
    debug aaa accounting
    sniffer capture between the switch and the ACS
    logs from ACS with debugs enabled.
    If you are going to AD on the backend you may also want a sniffer capture between the ACS and the AD
    all of these together should tell you where the delay of failure lays and then at that time some changes can be suggested

  • Free RADIUS/802.1X Service for WPA/WPA2-Enterprise

    Hi, just wanted to let everyone know that I recently started offering a Free Edition of our AuthenticateMyWiFi service, a hosted RADIUS/AAA service offering 802.1X authentication for use with WPA/WPA2-Enterprise encryption.
    The Free Edition features 1 user account, supports 1 AP, and includes: PEAP authentication for wireless and wired connections, web-based control panel, and activity logging.
    This is great for IT professionals wanting to experiment with 802.1X or to get enterprise Wi-Fi security in homes and small offices.
    For more info visit our site:
    http://www.nowiressecurity.com/service.htm
    - Eric Geier

    I recommend contacting Linksys support on the phone and ask them which model router has Radius or Enterprise WPA features. Some home class routers may not have this. Ask and see what is available. 

  • Is Microsoft NPS affected by an equivalent of the heartbleed bug that affects free radius

    Is NPS based on a version of Open SSL and if so will there be a patch soon to mitigate against the heartbleed bug

    Thank you, and please accept my apologies, I am not technically inclined to your level and if I may broach the subject once more - I have sensitive data other than bank and email,
    Are there Registry lines or msinfo32 identifications that would disclose if I was running or have the OPENSSL - I am running x64 Win7, Nod32, use the Windows Firewall, have updated Java, use Google, and Mozilla. No programs are allowed to access the internet
    without first being given permission (pdf and word)
    And once again, I do apologize for my limited knowledge  . . . have to reboot . . . just had 11 security updates 
    OpenSSL is shipped as a standalone and portable tool, so it may be unzipped to a folder without installation, therefore msinfo and Programs and Features applet will not tell you definitely.
    My weblog: en-us.sysadmins.lv
    PowerShell PKI Module: pspki.codeplex.com
    PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
    Check out new: SSL Certificate Verifier
    Check out new:
    PowerShell FCIV tool.

  • Radius wont Authenticate Default Users

    I am using free radius on ubuntu 12.04 LTS. 
    The AAA configs I have, I  used on all of my Layer 2 devices, and it works successfully, however I can not get users to authenticate on a Layer 3 device.... here is some info... I can ping to and from my server, also I have rules on the asa 5510 allowing devices to talk to the radius server... as well as an access-list permit on the router....what am I missing. 
    Cisco Internetwork Operating System Software
    IOS (tm) s72033_rp Software (s72033_rp-ADVIPSERVICESK9_WAN-M), Version 12.2(18)SXF13, RELEASE SOFTWARE (fc1)
    the configs---
    aaa new-model
    aaa group server radius RadiusGrp
     server X.X.X.X auth-port 1812 acct-port 1813
    aaa authentication login default group RadiusGrp
    aaa authorization exec default group RadiusGrp
    aaa accounting exec default start-stop group RadiusGrp
    aaa accounting system default start-stop group RadiusGrp
    radius-server host X.X.X.X auth-port 1812 acct-port 1813 key secret
    radius-server retransmit 3
    Debugging AAA authentication ---
    May  1 13:22:24: AAA/AUTHEN/START (3020837816): port='tty1' list='' action=LOGIN service=LOGIN
    May  1 13:22:24: AAA/AUTHEN/START (3020837816): using "default" list
    May  1 13:22:24: AAA/AUTHEN/START (3020837816): Method=RadiusGrp (radius)
    May  1 13:22:24: AAA/AUTHEN (3020837816): status = GETUSER
    May  1 13:22:26: AAA/AUTHEN/CONT (3020837816): continue_login (user='(undef)')
    May  1 13:22:26: AAA/AUTHEN (3020837816): status = GETUSER
    May  1 13:22:26: AAA/AUTHEN (3020837816): Method=RadiusGrp (radius)
    May  1 13:22:26: AAA/AUTHEN (3020837816): status = GETPASS
    May  1 13:22:30: AAA/AUTHEN/CONT (3020837816): continue_login (user='thull')
    May  1 13:22:30: AAA/AUTHEN (3020837816): status = GETPASS
    May  1 13:22:30: AAA/AUTHEN (3020837816): Method=RadiusGrp (radius)
    May  1 13:22:51: AAA/AUTHEN (3020837816): status = ERROR
    May  1 13:22:51: AAA/AUTHEN/START (2366780039): port='tty1' list='' action=LOGIN service=LOGIN
    May  1 13:22:51: AAA/AUTHEN/START (2366780039): Restart
    May  1 13:22:51: AAA/AUTHEN/START (2366780039): no methods left to try
    May  1 13:22:51: AAA/AUTHEN (2366780039): status = ERROR
    May  1 13:22:51: AAA/AUTHEN/START (2366780039): failed to authenticate
    May  1 13:22:53: AAA/MEMORY: free_user_quiet (0x44BFCBB8) user='thull' ruser='NULL' port='tty1' rem_addr='X.X.X.X' authen_type=1 service=1 priv=1
    May  1 13:22:53: AAA: parse name=tty1 idb type=-1 tty=-1
    May  1 13:22:53: AAA: name=tty1 flags=0x11 type=5 shelf=0 slot=0 adapter=0 port=1 channel=0
    May  1 13:22:53: AAA/MEMORY: create_user (0x44BFCBB8) user='NULL' ruser='NULL' ds0=0 port='tty1' rem_addr='X.X.X.X.' 100authen_type=ASCII service=LOGIN priv=1 initial_task_id='0', vrf= (id=0)
    May  1 13:22:53: AAA/AUTHEN/START (1597653700): port='tty1' list='' action=LOGIN service=LOGIN
    May  1 13:22:53: AAA/AUTHEN/START (1597653700): using "default" list
    May  1 13:22:53: AAA/AUTHEN/START (1597653700): Method=RadiusGrp (radius)
    May  1 13:22:53: AAA/AUTHEN (1597653700): status = GETUSER

    It seems that your radius server is not listening on udp 1812 port. Try to use 1645 and 1646 port for radius authen/author and accounting respectively and also apply firewall rules to allow traffic on these udp ports.
    HTH
    "Please rate helpful posts"

  • TCL and Radius, not getting a ACCESS-REQUEST /ACCEPT / REJECT

    I'm trying to setup TCL for PREPAID. I'm told by the person who's making the script that no ACCESS-REQUEST is going through to the RADIUS SERVER (FREE RADIUS).
    Anyone have any ideas?? Here's a debug output...
    Feb 25 21:36:36.798: RADIUS(0000229C): Config NAS IP: 0.0.0.0
    Feb 25 21:36:36.798: RADIUS(0000229C): sending
    Feb 25 21:36:36.802: RADIUS/ENCODE: Best Local IP-Address 66.38.123.145 for Radius-Server 66.38.193.149
    Feb 25 21:36:36.802: RADIUS(0000229C): Send Accounting-Request to 66.38.193.149:1646 id 21829/176, len 213
    Feb 25 21:36:36.802: RADIUS: authenticator B5 29 CF 05 BE 7E 9C F8 - FE 15 76 F2 9F 32 3D 55
    Feb 25 21:36:36.802: RADIUS: Acct-Session-Id [44] 139 "14714/16:36:36.794 EST Fri Feb 25 2005/Router./1E30B8A1 86AC11D9 81649A83 4E410D97/originate/VoIP/////1E30B8A1 86AC11D9 81649A83 4E410D97"
    Feb 25 21:36:36.806: RADIUS: User-Name [1] 12 "1111111111"
    Feb 25 21:36:36.806: RADIUS: Acct-Status-Type [40] 6 Start [1]
    Feb 25 21:36:36.806: RADIUS: Calling-Station-Id [31] 12 "4169237347"
    Feb 25 21:36:36.806: RADIUS: Called-Station-Id [30] 6 "1111"
    Feb 25 21:36:36.806: RADIUS: Service-Type [6] 6 Login [1]
    Feb 25 21:36:36.806: RADIUS: NAS-IP-Address [4] 6 66.38.123.145
    Feb 25 21:36:36.806: RADIUS: Acct-Delay-Time [41] 6 0
    Feb 25 21:36:36.834: RADIUS(0000229C): Config NAS IP: 0.0.0.0
    Feb 25 21:36:36.834: RADIUS(0000229C): sending
    Feb 25 21:36:36.834: RADIUS/ENCODE: Best Local IP-Address 66.38.123.145 for Radius-Server 66.38.193.149
    Feb 25 21:36:36.834: RADIUS(0000229C): Send Accounting-Request to 66.38.193.149:1646 id 21829/177, len 322
    Feb 25 21:36:36.838: RADIUS: authenticator 11 18 AA 5F 2A 1D C6 5D - FD D5 85 A7 77 D3 08 CB
    Feb 25 21:36:36.838: RADIUS: Acct-Session-Id [44] 218 "14714/16:36:36.786 EST Fri Feb 25 2005/Router./1E30B8A1 86AC11D9 81649A83 4E410D97/originate/VoIP/16:36:36.830 EST Fri Feb 25 2005/16:36:36.830 EST Fri Feb 25 2005/1C/66.38.193.148/1E30B8A1 86AC11D9 81649A83
    thanks,
    Paul

    Maybe you miss some radius commands:
    aaa authentication login h323 group radius
    aaa authorization exec h323 group radius
    best regards
    Grzegorz

  • ACE Radius Authentication

    I have radius authentication configured on my ACEs. I can login just fine but I am assinged to the Network-Monitor Role. Where can I configure the role that radius users are assigned to? Is there a return list attribute?
    -Joshua

    Team,
    After some tinkering, I was able to authenticate to the ACE module with full admin privileges via radius using free-radius. I used the following steps to get this working:
    On the linux CLI I entered the following command to modify the users file of free-radius "gedit /etc/raddb/users"
    I then added the following to the users file:
    admin          Auth-Type := Local, User-Password == "password"
                         Service-Type = NAS-Prompt-User,
                         cisco-avpair = "shell:Admin=Admin default-domain
    I saved the file.
    I then stopped and started the radiusd service.
    /sbin/service radiusd stop
    /sbin/service radiusd start
    Regards,
    John...

  • Radius compatibility mode settings in WLC

    our users are using some 3rd party radius server for MAC address auth. I found there is a setting called Radius compatibility mode in the WLC configuration. But there is no document talking about what this setting does for.
    So should I set it to use "Other" or just leave it as "Cisco ACS"?

    This determines what password is used for mac authentication. ACS expects to see the username and password to both be the mac address for mac authentication. Free Radius uses a shared secret for a password. And other Radius servers don't require any password for mac auths sent to the server.

  • Sending and requesting parameter from IP IP GW to RADIUS

    Hello all
    i am new to IP IP gw and RADIUS. i have some doubts regarding the interaction between IP IP gw and RADIUS.
    if i wish to send some parameters like h323 billing-model on access accept message how i do this. similarly sending the credit time and credit amount
    i am using TCL 2.0 and free radius 1.1
    Thanks in advance
    Vignesh

    try this link for more information on h323 gatekeepar configuration
    http://www.cisco.com/warp/public/788/voip/gk-call-routing.html
    http://www.cisco.com/warp/public/788/voip/understand-gatekeepers.html

  • RADIUS authentification via RDBMS authentification

    Does anybody know whether RADIUS can used Oracle RDBMS authentification for RADIUS authentification.
    The idea is to use Oracle DB users list and passwords for RADIUS users management. In other words - is it possible RADIUS and Oracle DB users to be the same?

    Yes...it's about OAS - Oracle Advanced Security...(from 8.1.7). You can use even Cistron Radius Server (a free radius server from ftp://ftp.radius.cistron.nl/pub/radius/ or http://www.freeradius.org/)
    and minimal changes:
    sqlnet.authentication = IP-address-of-RADIUS-server
    Regards,
    Paul Breniuc
    Message was edited by:
    user468540
    Message was edited by:
    user468540

  • WIRELESS IOS AUTONOMOUS + Guest to internet + authenticated via a web page.

    Hi to all,
    need to configure with:
    - AUTONOMOUS IOS AP (NOT use a wireless controller)
    - CISCO IOS router 2811
    a guest wireless network that only has access to the internet through a vlan WITH HTTP/S GUEST AUTHENTICATION WEB PAGE ?
    I know:
    "web authorization isn't native to the access point. It is a web authorization portal that is on the WLC."
    "Cisco IT example: At present we use GRE tunnels for guest traffic which was a part of legacy guest networking solution we had at Cisco for several years. GRE tunnels get terminated at one the DMZ routers. Each request for a guest connection to the Internet gets authenticated over https by either a Cisco Building BroadBand Services Manager (BBSM) or a Cisco NAC Appliance. Guests get provided with an access code in advance as we use a web based portal/application to produce those. Also we support guest connections for both wireless and wired clients from some switch ports. "
    I am looking for any suggestions (are there any feature on CISCO IOS ROUTER for "HTTP/S GUEST AUTHENTICATION WEB PAGE").
    Thanks.
    Roberto Taccon

    If the router with auth proxy is the one providing the ip address on the client connecting to the autonomous AP, it may be an option.
    Local AAA will not work with auth proxy as then there you are no longer in a scenario where the router is proxy.
    You could get a WLC526 (small controller) to get the web auth, or a free radius server (many out there) that will run on a linux server and then use the http proxy feature.
    I personally recommend you to get a WLC, in the long run you will benefit of many more features and you will be able to very easily add other access points.
    The WLC526 is the smaller one:
    http://www.cisco.com/en/US/docs/wireless/controller/526/1.5/configuration/guide/2_add_contr.html

  • WLC 5508: 802.1 AAA override; Authenication success no dynamic vlan assignment

    WLC 5508: software version 7.0.98.0
    Windows 7 Client
    Radius Server:  Fedora Core 13 / Freeradius with LDAP storage backend
    I have followed the guide at http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a008076317c.shtml with respective to building the LDAP and free radius server.  802.1x authorization and authenication correctly work.  The session keys are returned from the radius server and the wlc send the appropriate information for the client to generate the WEP key.
    However, the WLC does not override the VLAN assignment, even though I was to believe I set everything up correctly.  From the packet capture, you can see that verfication of client is authorized to use the WLAN returns the needed attributes:
    AVP: l=4  t=Tunnel-Private-Group-Id(81): 10
    AVP: l=6  t=Tunnel-Medium-Type(65): IEEE-802(6)
    AVP: l=6  t=Tunnel-Type(64): VLAN(13)
    I attached a packet capture and wlc config, any guidance toward the attributes that may be missing or not set correctly in the config would be most appreciated.

    Yes good catch, so I had one setting left off in freeradius that allowed the inner reply attributes back to the outer tunneled accept.  I wrote up a medium high level config for any future viewers of this thread:
    The following was tested and verified on a fedora 13 installation.   This is a minimal setup; not meant for a "live" network (security issues  with cleartext passwords, ldap not indexed properly for performance)
    Install Packages
    1.  Install needed packages.
    yum install openldap*
    yum install freeradius*
    2.  Set the services to automatically start of system startup
    chkconfig --level 2345 slapd on
    chkconfig --level 2345 radiusd on
    Configure and start LDAP
    1.  Copy the needed ladp schemas for radius.  Your path may vary a bit
    cp /usr/share/doc/freeradius*/examples/openldap.schema /etc/openldap/schema/radius.schema
    2.  Create a admin password for slapd.  Record this password for later use when configuring the slapd.conf file
    slappasswd
    3.  Add the ldap user and group; if it doesn't exisit.  Depending on the install rpm, it may have been created
    useradd ldap
    groupadd ldap
    4.  Create the directory and assign permissions for the database files
    mkdir /var/lib/ldap
    chmod 700 /var/lib/ldap
    chown ldap:ldap /var/lib/ldap
    5.  Edit the slapd.conf file.
    cd /etc/openldap
    vi slapd.conf
    # See slapd.conf(5) for details on configuration options.
    # This file should NOT be world readable.
    #Default needed schemas
    include        /etc/openldap/schema/corba.schema
    include        /etc/openldap/schema/core.schema
    include        /etc/openldap/schema/cosine.schema
    include        /etc/openldap/schema/duaconf.schema
    include        /etc/openldap/schema/dyngroup.schema
    include        /etc/openldap/schema/inetorgperson.schema
    include        /etc/openldap/schema/java.schema
    include        /etc/openldap/schema/misc.schema
    include        /etc/openldap/schema/nis.schema
    include        /etc/openldap/schema/openldap.schema
    include        /etc/openldap/schema/ppolicy.schema
    include        /etc/openldap/schema/collective.schema
    #Radius include
    include        /etc/openldap/schema/radius.schema
    #Samba include
    #include        /etc/openldap/schema/samba.schema
    # Allow LDAPv2 client connections.  This is NOT the default.
    allow bind_v2
    # Do not enable referrals until AFTER you have a working directory
    # service AND an understanding of referrals.
    #referral    ldap://root.openldap.org
    pidfile        /var/run/openldap/slapd.pid
    argsfile    /var/run/openldap/slapd.args
    # ldbm and/or bdb database definitions
    #Use the berkely database
    database    bdb
    #dn suffix, domain components read in order
    suffix        "dc=cisco,dc=com"
    checkpoint    1024 15
    #root container node defined
    rootdn        "cn=Manager,dc=cisco,dc=com"
    # Cleartext passwords, especially for the rootdn, should
    # be avoided.  See slappasswd(8) and slapd.conf(5) for details.
    # Use of strong authentication encouraged.
    # rootpw        secret
    rootpw      
    {SSHA}
    cVV/4zKquR4IraFEU7NTG/PIESw8l4JI  
    # The database directory MUST exist prior to running slapd AND
    # should only be accessible by the slapd and slap tools. (chown ldap:ldap)
    # Mode 700 recommended.
    directory    /var/lib/ldap
    # Indices to maintain for this database
    index objectClass                       eq,pres
    index uid,memberUid                     eq,pres,sub
    # enable monitoring
    database monitor
    # allow onlu rootdn to read the monitor
    access to *
             by dn.exact="cn=Manager,dc=cisco,dc=com" read
             by * none
    6.  Remove the slapd.d directory
    cd /etc/openldap
    rm -rf slapd.d
    7.  Hopefully if everything is correct, should be able to start up slapd with no problem
    service slapd start
    8.  Create the initial database in a text file called /tmp/initial.ldif
    dn: dc=cisco,dc=com
    objectClass: dcobject
    objectClass: organization
    o: cisco
    dc: cisco
    dn: ou=people,dc=cisco,dc=com
    objectClass: organizationalunit
    ou: people
    description: people
    dn: uid=jonatstr,ou=people,dc=cisco,dc=com
    objectClass: top
    objectClass: radiusprofile
    objectClass: inetOrgPerson
    cn: jonatstr
    sn: jonatstr
    uid: jonatstr
    description: user Jonathan Strickland
    radiusTunnelType: VLAN
    radiusTunnelMediumType: 802
    radiusTunnelPrivateGroupId: 10
    userPassword: ggsg
    9.  Add the file to the database
    ldapadd -h localhost -W -D "cn=Manager, dc=cisco,dc=com" -f /tmp/initial.ldif
    10.  Issue a basic query to the ldap db, makes sure that we can request and receive results back
    ldapsearch -h localhost -W -D cn=Manager,dc=cisco,dc=com -b dc=cisco,dc=com -s sub "objectClass=*"
    Configure and Start FreeRadius
    1. Configure ldap.attrmap, if needed.  This step is only needed if we  need to map and pass attributes back to the authenicator (dynamic vlan  assignments as an example).  Below is an example for dynamic vlan  addresses
    cd /etc/raddb
    vi ldap.attrmap
    For dynamic vlan assignments, verify the follow lines exist:
    replyItem    Tunnel-Type                                   radiusTunnelType
    replyItem    Tunnel-Medium-Type                   radiusTunnelMediumType
    replyItem    Tunnel-Private-Group-Id              radiusTunnelPrivateGroupId
    Since we are planning to use the userpassword, we will let the mschap  module perform the NT translations for us.  Add the follow line to  check ldap object for userpassword and store as Cleartext-Password:
    checkItem    Cleartext-Password    userPassword
    2.  Configure eap.conf.  The following sections attributes below  should be verified.  You may change other attributes as needed, they are  just not covered in this document.
    eap
    {      default_eap_type = peap      .....  }
    tls {
        #I will not go into details here as this is beyond scope of  setting up freeradisu.  The defaults will work, as freeradius comes with  generated self signed certificates.
    peap {
        default_eap_type = mschapv2
        #you will have to set this to allowed the inner tls tunnel  attributes into the final accept message
        use_tunneled_reply = yes
    3.  Change the authenication and authorization modules and order.
    cd /etc/raddb/sites-enabled
    vi default
    For the authorize section, uncomment the ldap module.
    For the authenicate section, uncomment the ldap module
    vi inner-tunnel
    Very importants, for the authorize section, ensure the ldap module is first, before mschap.  Thus authorize will look like:
    authorize
    {      ldap      mschap      ......  }
    4.  Configure ldap module
    cd /etc/raddb/modules
    ldap
    {        server=localhost       identify = "cn=Manager,dc=cisco,dc=com"        password=admin       basedn="dc=cisco,dc=com"       base_filter =  "(objectclass=radiusprofile)"       access_attr="uid"       ............   }
    5.  Start up radius in debug mode on another console
    radiusd -X
    6.  radtest localhost 12 testing123
    You should get a Access-Accept back
    7.  Now to perform an EAP-PEAP test.  This will require a wpa_supplicant test libarary called eapol_test
    First install openssl support libraries, required to compile
    yum install openssl*
    yum install gcc
    wget http://hostap.epitest.fi/releases/wpa_supplicant-0.6.10.tar.gz 
    tar xvf wpa_supplicant-0.6.10.tar.gz
    cd wpa_supplicant-0.6.10/wpa_supplicant
    vi defconfig
    Uncomment CONFIG_EAPOL_TEST = y and save/exit
    cp defconfig .config
    make eapol_test
    cp eapol_test /usr/local/bin
    chmod 755 /usr/local/bin/eapol_test
    8.  Create a test config file named eapol_test.conf.peap
    network=
    {   eap=PEAP  eapol_flags=0  key_mgmt=IEEE8021X  identity="jonatstr"   password="ggsg"  \#If you want to verify the Server certificate the  below would be needed   \#ca_cert="/root/ca.pem"  phase2="auth=MSCAHPV2"   }
    9.  Run the test
    eapol_test -c ~/eapol_test.conf.peap -a 127.0.0.1 -p 1812 -s testing123

Maybe you are looking for