RadiusAuthMonitor This monitor lets you test the functionality of the RADIUS authentication system. The availability is tested by sending an AUTH packet to the RADIUS server. If a valid ACCEPT response is received, the RADIUS service is up and considered available. This monitor implements placeholder substitution in parameter values. To use this monitor it is required to install the RADIUS protocol for Horizon. For RPM-based distributions: yum install opennms-plugin-protocol-radius For Debian-based distributions: apt-get install opennms-plugin-protocol-radius The test is similar to test the behavior of a RADIUS server by evaluating the result with the command line tool radtest. root@vagrant:~# radtest "John Doe" hello 127.0.0.1 1812 radiuspassword Sending Access-Request of id 49 to 127.0.0.1 port 1812 User-Name = "John Doe" User-Password = "hello" NAS-IP-Address = 127.0.0.1 NAS-Port = 1812 Message-Authenticator = 0x00000000000000000000000000000000 rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=49, length=37 (1) Reply-Message = "Hello, John Doe" 1 The Access-Accept message which is evaluated by the monitor. Monitor Facts Class Name org.opennms.protocols.radius.monitor.RadiusAuthMonitor Remote Enabled false Configuration and Use Table 1. Monitor specific parameters for the RadiusAuthMonitor Parameter Description Required Default value Placeholder substitution timeout Time in milliseconds to wait for the RADIUS service. optional 5000 No retry This is a placeholder for the second optional monitor parameter description. optional 0 No authport RADIUS authentication port. optional 1812 No acctport RADIUS accounting port. optional 1813 No user Username to test the authentication optional OpenNMS Yes password Password to test the authentication optional OpenNMS Yes secret The RADIUS shared secret used for communication between the client/NAS and the RADIUS server. optional secret Yes authtype RADIUS authentication type. The following authentication types are supported: chap, pap, mschapv1, mschapv2, eapmd5, eapmschapv2, eapttls optional pap No nasid The Network Access Server identifier originating the Access-Request. optional opennms Yes inner-protocol When using EAP-TTLS authentication, this property indicates the tunnelled authentication type. Only pap is currently supported. optional pap No inner-user Username for the tunnelled pap authentication when using EAP-TTLS. optional Inner-OpenNMS Yes This monitor implements the Common Configuration Parameters. Examples Example configuration how to configure the monitor in the poller-configuration.xml. <service name="Radius-Authentication" interval="300000" user-defined="false" status="on"> <parameter key="retry" value="3" /> <parameter key="timeout" value="3000" /> <parameter key="user" value="John Doe" /> <parameter key="password" value="hello" /> <parameter key="secret" value="radiuspassword" /> <parameter key="rrd-repository" value="/var/lib/opennms/rrd/response" /> <parameter key="ds-name" value="radiusauth" /> </service> <monitor service="Radius-Authentication" class-name="org.opennms.protocols.radius.monitor.RadiusAuthMonitor" /> PrTableMonitor SmbMonitor