Skip to main content

SecureAuth RADIUS Test Tool

Use the SecureAuth RADIUS Test Tool to run and diagnose your SecureAuth RADIUS Server. The tool helps you isolate where an authentication problem starts.

The tool supports three tasks:

  • Test a SecureAuth IdP endpoint – Test the endpoints that SecureAuth RADIUS uses. Use this to identify whether the problem is with the RADIUS Server or with the SecureAuth IdP realm that RADIUS accesses.

  • Test the SecureAuth Connect configuration – If you use SecureAuth RADIUS with SecureAuth Connect, validate that SecureAuth Connect is configured correctly to work with RADIUS.

  • Simulate a VPN client connection – Run a VPN authorization request against the SecureAuth RADIUS Server to check whether the problem is in the VPN server configuration.

Requirements

Download the SecureAuth RADIUS Test Tool

From the SecureAuth Product Downloads page, download the SecureAuth RADIUS Test Tool.

Run the SecureAuth RADIUS Test Tool

The tool creates a configuration file named configurations.json in the folder that contains the .exe file, and uses it to remember your settings. To move your settings to another machine, copy configurations.json.

To run the tool, open the .exe file. The tool opens to the following window.

SecureAuth RADIUS Test Tool opening window

Test a SecureAuth IdP endpoint

  1. In the sidebar, select Configs, then select the IDP tab.

    Configs page with the IDP tab selected
  2. Click + Add IDP Preset, or click the pencil icon to edit an existing preset. Enter the information for your IdP realm. This is the same information you use in the RADIUS Server. The Preset Name is a label for your own reference and does not affect the request. Save the preset.

    Edit IDP preset dialog
  3. In the sidebar, select IDP, then select your preset from the Configuration list.

    IDP page with a preset selected from the Configuration list
  4. From the Request Type list, select the request to run. This example uses Get Factors.

    IDP page with Get Factors selected as the request type
  5. Enter the Username to test, then click Submit. The response lists the available factors for that user in the selected realm.

Test the SecureAuth RADIUS Server

  1. In the sidebar, select Configs, then select the RADIUS tab.

    Configs page with the RADIUS tab selected
  2. Click + Add RADIUS Preset, or click the pencil icon to edit an existing preset. Enter the information for your RADIUS Server. This is the same information you use in your VPN server. The Preset Name is a label for your own reference and does not affect the request. Save the preset.

    Edit RADIUS preset dialog
  3. In the sidebar, select RADIUS, then select your preset from the Configuration list.

    RADIUS page with a preset selected from the Configuration list
  4. Enter a username and password, the same way you would in the VPN client, then click Submit. To test an advanced RADIUS configuration, add RADIUS attributes. This example sets Calling-Station-Id, which is optional.

    RADIUS attributes selector
  5. If you receive an Access-Challenge, respond by entering your response in the password field, the same way your VPN client does.

    RADIUS page with a sample request and attributes
  6. After you finish a test, click Clear to reset the request State. This tells the RADIUS Server to start a new authentication request instead of answering a challenge.

Test the SecureAuth Connect configuration

  1. In the sidebar, select Configs, then select the CIAM tab.

    Configs page with the CIAM tab selected
  2. Click + Add CIAM Preset, or click the pencil icon to edit an existing preset. Enter the information for your SecureAuth Connect client. The Preset Name is a label for your own reference and does not affect the request. Save the preset.

    Edit CIAM preset dialog
  3. In the sidebar, select CIAM, then select your preset from the Configuration list.

    CIAM page with a preset selected from the Configuration list
  4. To check whether SecureAuth Connect is reachable from this machine, select the Alive request type.

    CIAM page with the Alive request type selected
  5. To check the basic configuration, select Create Session and enter an identifier. A 201 Created response means the configuration works.

    CIAM page with the Create Session request type selected
  6. To check whether a test username and password authenticate, select Submit Password. A successful authentication returns status: accept.

    CIAM page with the Submit Password request type selected

Display and save settings

  • To switch between light and dark mode, go to the bottom left and click the sun icon.

  • To collapse the side menu, go to the bottom left and click the button next to the sun icon.

  • To save the current window size, sidebar state, and light or dark mode, in the sidebar select Configs, then select the Settings tab, and save.

Configs page with the Settings tab selected

Dark mode

Test tool in light mode with the sidebar collapsed

Light mode