By Luis Rueda Diez
Open the Mac App Store to buy and download apps.
EAPTest is a tool for networking professionals working in 802.1x secure network access environments.
EAPTest allows testing of authentication on RADIUS Servers using common Extended Authentication Protocol (EAP) methods. The tool greatly facilitates the setup and troubleshooting in 802.1x environments.
RADIUS (Remote Authentication Dial In User Service) is a networking protocol that provides centralized Authentication, Authorization and Accounting for users connecting to a wired or wireless secure network. When a client connects to a wired network access switch or to a wireless network access point, before access is granted, valid credentials (user and password) must be provide by the user to the network device. This device validates the user credentials communicating with an Authentication Server. The Authentication Server checks the credentials and responds to the network device accepting or rejecting the user and optionally providing information about the privileges that should been assigned to the user. Clients authenticates to the network using the 802.1x protocol. Network devices validates user credentials using the RADIUS protocol.
Several methods to protect the user credentials sent from the client to the Authentication Server are available. These methods are defined in the EAP protocol (Extended Authentication Protocol). EAPTest supported methods are TTLS, PEAP, MSCHAPv2, MD5 and GTC. For TTLS is possible to use PAP, CHAP, MSCHAP, MSCHAPv2, MD5 and GTC as inner methods. For PEAP, the inner methods available are MSCHAPv2, MD5 and GTC.
Information about the type of network access such as access device, wireless network or location are sent to the Authentication Server through attributes contained in the RADIUS messages.Information about an authenticated user is also returned by the Server using attributes.
EAPTest simulates both the client and the network access device communicating with the Authentication Server providing a real time graphical view of the RADIUS messages interchanged with the Authentication Server. All RADIUS attributes contained in the messages are shown, including information about the Digital Certificates received from the server for TTLS and PEAP methods.
Attributes sent to the Authentication Server can be specified in order to test all the possible scenarios. RADIUS attributes are defined in an EAPTest dictionary database that can be easily extended importing dictionary files. RFC2865, 2868, 3162 and 3576 standard attributes and vendor specific dictionaries from Microsoft, Cisco and Aruba are included.
EAPTest has been used to troubleshoot secure networks based on FreeRADIUS, Microsoft IAS/NAP and Aruba ClearPass.
What's New in Version 1.0.1
- Fixed Authentication Server Name resolution
- Updated for OS X 10.9 Mavericks