How to Monitor RADIUS Servers

Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides Authentication, Authorization, and Accounting. A server is used to implement the service side of the client-server protocol, and this HOWTO article will describe how the server can be monitored.

radauth for Windows

radauth is an open source command line application used for testing authentication against a RADIUS server. Typically available for unix/Linux operating systems, Power Admin has recompiled the utility for Windows systems. The binary executable as well as the source code and project files are available here.

Running radauth with the -h command line argument shows the options available.

radauth will show its success or failure in the console, but it's primary means of communicating success or failure to monitoring systems is via its exit code. An exit code of 0 indicates a successful authentication against the RADIUS server. An exit code of 0 for success means radauth is compatible with the Plugin Monitor.

Configuring RADIUS Server Monitoring

Add the RADIUS server for monitoring, and then add a Plugin Monitor to the device.

The example above will attempt a login of username myUsername against RADIUS server radserver with password myPassword and RADIUS shared secret sharedSecret. If radauth succeeds and returns 0, the monitor will be in an OK status, otherwise it will enter the Alert status.