Verify the Setup
This section describes how to verify authentication and view authentication logs.
Install the RADIUS Ping Tool
-
Launch the Setup-4T-RADIUS-Client-Test-Tool.exe in the Installers directory on the AAA Server installation CD, or from the TestTools menu of the Start screen.
- Click Next.
-
Accept the license agreement and click Next.
-
Accept the default installation location or browse to select an alternative, and then click Next.
-
Click Install, or click Back to modify the setup information.
- Clear the option to launch the tool if necessary and click Finish.
Use the RADIUS Ping Tool
The section describes how to use the RADIUS Ping Tool to verify authentication.
-
From the Windows Start menu, point to Programs, ActivID, and then select RADIUS Client Test Tool.
The RADIUS Ping Tool dialog box is displayed:
The RADIUS Ping Tool fields are listed in the following table.
Field Description RADIUS server Enter the IP address of the authentication server. Ah Enter the authentication port number. Ac Enter the accounting port number. Chap (Optional) Check the option if using Microsoft encryption. The Chap option is available only if Synchronous authentication is selected as the Request type. Timeout Enter the number of seconds to wait for a response from the server. Retries Enter the number of times the authentication request is sent to the server. Shared secret Enter the name of the shared secret used to encrypt the exchanges between the authentication server and the console. Use the same secret set in the AAA Server configuration. User name Enter the user name set for the device you assigned. For more information, see the procedures in the Initial Configuration section. Password Enter the password set for the device you assigned. For more information, see the procedures in the Initial Configuration section. Request type (Optional) If you are using challenge and response authentication, then select Asynchronous authentication. Get New Click when the Challenge field becomes available to generate a challenge. The Challenge field is available after selecting a Request type. Use ActivID ActivClient to obtain the response to this new challenge. Dictionary Select the required dictionary. Use the same dictionary as specified for the gate or group. Add/Remove Click to add or remove the RADIUS attributes, as required. -
When you have completed the fields, click Send.
The results of the test display in the Server Reply text box.
View the Authentication Logs
The section describes how to view the authentication logs.
Only system administrators can set rights for audit managers. However, when a system administrator first creates an audit manager, the system administrator loses the rights to administrate the audit logs, unless the audit manager then authorizes the system administrator to do so.
-
From the Tools menu, point to Log, and then click View Authentication.
The Authentication Log dialog box is displayed:
- In the Time Criteria section, specify the From and To dates for the time period required.
-
In the General Criteria section, do the following:
- Select the server for the authentication data you want to view.
- To view the logs for a specific server with a pool of servers, select the Server IP address for the required server.
- To view data for a specific user, enter the user’s ID.
- To view error data only, select the REJECTED only option.
- Click Show to display the authentication data corresponding to the specified criteria.
- Click Print to print the displayed data.
You can produce more sophisticated statistics with standard reporting tools by accessing the data stored in the A_AHLOG table directly from the AAA Server database. Use a tool that supports ODBC (DSN=ActivPackAdmin).
