Translations of this page:

Osmius

Osmius agent for Radius
Agent name: osm_ag_RADIUS01 Agent code: RADIUS01
Subject: Osmius agent for Radius Servers User manual
Date: 21/02/2011 Revision date:

General Information

This agent is able to monitor availability and authentication of Radius servers. It has been tested against several freeRadius servers. However, we recommend checking its functionality before implanting it in a production environment.

Radius agent has been developed using functionalities and enhancements of Osmius framework and ACE libraries, so it is necessary to install the ACE libraries for the proper deployment and operation of agente de Osmius para Linux. See chapter: installation.

RADIUS01 agent provides up to 5 basic events with configuration parameters to allow scaling of a very simple way. Events has been selected by Osmius Research and Development Team as the most useful and easy.

All events are remote, so not intrusive, and are based on server queries using radtest and radclient linux commands. Monitoring is done through the network connection, by this reason you have to provide some connection information, see connection info section below.

Radius instance

As a general rule each Osmius agent can monitor one instance type. If you are not familiar with these concepts check out the glossary. Each instance is individually defined in the configuration file (if you want further information go to agents and instances); depending on agent type is the instance type and depending on instance is the connection info.

CONNECTION_INFO

The connection information or connection_info is data that the agent needs to know in order to connect to the instance. (See more about the connection_info)

For Radius agent the connection_info prototype would be:

CONNECTION_INFO= -i HOSTNAME|IP -s SECRET

Replace the following:

  • HOSTNAME|IP: Radius server Hostname or IP address. Mandatory.
  • SECRET: Radius shared secret. Mandatory.

Examples:

CONECTION_INFO = -i radius-server -x mysecret
CONECTION_INFO = -i 192.168.1.10 -X yoursecret

OBSERVATION: if you don't know the secret consult on Radius administrator.

TYPE

The type defines the instance type to be monitored. Every declared instance must be associated with a type as you can see here

For Radius agent:

TYPE= RADIUS01

Event summary table for Radius

Here is briefly the capabilities of this agent, further down on this page each event is described in more detail.

EVENT DESCRIPTION c w a tseconds Extra parameters / Remarks
AVAILABL Radius Availability 1 0 0 300 This events uses radclient command
RADAUTH0 Check an user authentication 1 0 0 600 -U “user” -P “password” [-X “secret”]
If secret here is not defined the secret of the instance will be used.
You can create up to 10 events of this type: from RADAUTH0 to RADAUTH9.
This event uses radyesy command.

Radius agent events

AVAILABL

AVAILABL event checks Radius service availability.

Return values:

VALUE MEANING
-1 Error
0 NOT available
1 AVAILABLE

Recommended parameters:

Comparison type Inverse. The higher value the lower severity (-c 1)
Monitoring interval 60 seconds – 1 hour –> depends on instance importance
Warning threshold 0
Alert threshold 0

Parameter setting example:

AVAILABL = -t 15 -c 1 -w 0 -a 0

Remarks:
radclient command have to be installed where agent is running in order to this events works.

RADAUTH0

RADAUTH0 event checks an username/password authentication with a Radius server.

Extra parameters:
This event need the following parameters:

PARAMETER MEANING Mandatory
-U -U “user” - User to check. Yes
-P -P “password” - User's password. Yes
-X -X “secret” - Radius secret.
if you don't set it, the secret of the instance connection info will be used.
No

Return values:

VALUE MEANING
-1 Error
0 WRONG authentication
1 SUCESSFUL authentication

Recommended parameters:

Comparison type Inverse. The lower value the higher severity (-c 1)
Monitoring interval 60 seconds – 1 hour –> depends on instance importance
Warning threshold 0
Alert threshold 0

Parameter setting example:

RADAUTH0 = -t 15 -c 1 -w 0 -a 0 -U "user22" -P "passuser22" [-X special_secret]

Remarks:
radtest command have to be installed where agent is running in order to this events works.
You can create up to ten events of this type: from RADAUTH0 to RADAUTH9.

Radius agent prerequisites

In order to compile, this agent requires a set of prerequisites, which are generic to compile any Osmius agent, you can see these prerequisites.

Radius agent Makefile and compilation

  • Make Project Creator (MPC) is used by Osmius, so creating Makefiles is a trivial task. If you want to learn more about MPC and Osmius check out the section of Makefiles on Osmius.
  • For Radius agent you can generate Makefile in this way:

From the agent directory using console or terminal.

$ACE_ROOT/bin/mpc.pl -type gnuace osm_ag_radius.mpc
  • Now that you have created the Makefile, agent compiling is extremely simple.
make -f GNUmakefile.Osm_Ag_Radius_Osmius

Binaries are automatically installed in the bin directory of OSM_ROOT base directory.

Radius agent execution

Radius agent has the same running features of the other Osmius agents. You can check it out int he section Start and Stop Agents.

To run Radius agent without Osmius web console:

osm_ag_RADIUS01 -c osm_ag_RADIUS01.ini -m MASTERAG -p 1950 -d [>> osm_ag_radius01.log]1)

Running in standalone mode

Radius agent, like the others Osmius agents, allows the execution in standalone mode. This option may be particularly useful when developing a new agent or to perform specific agent tests.

Basically you have to add a new value, called SNDCMD, to Radius agent configuration file (osm_ag_RADIUS01.ini) as shown here.

Then you have to launch Radius agent setting Master Agent communications port to zero, for example:

osm_ag_RADIUS01 -c osm_ag_RADIUS01.ini -m 00000000 -p 0 -d

Tests list

Test performed to Osius agent for Radius servers.

Date: 18/02/2011
Test Result Remarks
Creating an instance with all its events in silent mode OK N/A
Creating an instance with all its events with custom text OK N/A
Creating an instance with all its events but no custom text OK N/A
Declaration of 3 instances with all its events to 5 seconds and keep it
running for 48 hours
OK N/A
Declare 2 instances, cause a disconnect and then reconnectOK N/A
Declare 1 instance and test each event OK N/A
Elimination of general parameter and check unbootable OK RECONN deleted
Elimination of instance CONN_INFO and check unbootable OK N/A
1) Optional, to store agent messages in a file
 
en/agentes/radius01.txt · Last modified: 2012/12/12 09:14 by osmius
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki