How To Test RADIUS Response Time

Slow internet connectivity is a bane for any organization, whether end-users or customers. It affects productivity as people may need help to use resources, access files and tools for work, etc. It can also affect their customer service as there could be delays in raising tickets, loading websites, etc.

However, a slow internet connection could be due to many reasons, such as the number of users on the bandwidth, insufficient bandwidth, and end-user devices (old, outdated devices, etc. ).  Effective troubleshooting can occur only when you detect the root cause of the slow connection.

This article will help you leverage a free-source tool (‘eapol-test”)to test your Cloud RADIUS server and measure the response time for authentication requests. 

 What is RADIUS Response Time

The RADIUS (Remote Access Dial-In User Server) is an authentication protocol that ensures that only authenticated users can access your network. It prevents unauthorized users from accessing your data and acts as a safeguard against attacks and malicious users. 

RADIUS is the AAA (Authentication, Authorization, and Accounting) server. True to its name, it grants or denies access, provides various levels of user access authorization, and keeps an account of all the users on your network.

For the RADIUS to work, it typically prompts the Network Attached Storage (NAS) for credentials or a challenge. The user provides the required credentials, which is sent to the RADIUS server. The RADIUS server then allows or rejects the user per the preset conditions. 
RADIUS response time is set to anywhere between 1 to 10 milliseconds. If a NAS fails to receive a response within the stipulated time, it must resend the request until the user can access the needed facility. A RADIUS testing tool tests a RADIUS server’s functionality, performance, and robustness.

Why Test Your RADIUS With A RADIUS Monitoring Tool

Troubleshooting a RADIUS is tedious and would take hours, especially when dealing with various services and protocols. A CloudRADIUS monitoring tool like eapol_test helps to measure the amount of time a server takes to respond, process a request, and send a reply. It also measures the time it takes to respond to the client. 

RADIUS monitoring tool helps test the performance and viability of a server against predetermined service level agreements. 

How To Test Your CoudRADIUS?

The developers of the wpa_supplicant software on Linux provide a handy tool called eapol_test that will test an EAP authentication flow like a client with a lot of debug information. 

Installation of the eapol_test executable

Generic eapol_test build instructions:

  • Install generic build tooling for your distribution (e.g., ‘build-essential’)
  • Install OpenSSL development headers (if applicable, e.g., ‘libssl-dev’, ‘openssl-devel’)
  • Install DBus development headers (if applicable, e.g. ‘libdbus-1-dev’, ‘dbus-devel’)
  • Install libnl development headers (if applicable, e.g. ‘libnl*-3-dev’, ‘libnl3-devel’)

Commands for installing the eapol_test

  * tar xzf wpa_supplicant-*.tar.gz

  * cd wpa_supplicant-*/wpa_supplicant

  * sed ‘s/^.*CONFIG_EAPOL_TEST.*/CONFIG_EAPOL_TEST=y/’ < defconfig > .config

  * CFLAGS=”-Wno-deprecated-declarations” make eapol_test

  * sudo install -m 0755 eapol_test /usr/local/bin


  1. Config file

 After installing the eapol_test script, the config file must be created. Below is the sample:











The configuration file provides the necessary information regarding the CA (Certificate Authority) and client certificate, including their paths and optional private key password if applicable. It is essential to ensure that these parameters are accurately saved in the configuration file using the exact file names for the CA and client certificate. 

JoinNow MultiOS Management Portal can generate client certificates from the PKI. You must navigate the PKI (Public Key Infrastructure) section and select the “Create Certificate” option. The CA certificate should represent the root certificate of the CloudRADIUS Server Certificate and must be in .pem format. 

By default, SecureW2 utilizes the DigiCert Global Root CA, which is taken from the Network Profiles section by selecting “Edit” and then “Certificates.” It is necessary to convert the certificate to .pem format before using it. The letter ‘c’ denotes the .oem format. Please note that the values mentioned here are examples. You need to use the values applicable to your environment.

  1. Port Number

The port number should be mentioned specifically. It is denoted by `p.`

3. Shared Secret

SharedSecret, similar to the Port number, is specific for each organization and should be included in the command.  It is denoted by `s.`

  1. RADIUS Server IP

If you are also using Satellite CloudRADIUS servers, you can also use those IP Addresses.

Command Usage

The following is the command to be used to run the authentication request:
eapol_test -c <configfile> -p <portnumber> -s <shared secret> -a <RADIUS IP Address>

This should return the complete logs of the authentication requests, including the handshakes. Capturing the time before and after the command should help calculate the response time, including the internet latency.

Success/Failure Identification


This command can be used to determine whether the authentication was successful.

Response time calculation

date +%s%3

The above command gives the time in milliseconds. This can be executed before and after the eapol_test script. The total time taken for the response can be calculated by calculating the difference between these values. This includes the latency on the internet. 

   Sample snippet:

startTime=$(date +%s%3)

eapol_test -c <configfile> -p <portnumber> -s <shared secret> -a <RADIUS IP Address>


endTime=$(date +%s%3)

responseTime = $endTime – $startTime


Test SecureW2s CloudRADIUS With eapol_test For Quick Troubleshooting

Slow internet need not be the reason for slow connectivity. However, testing SecureW2s CloudRADIUS with the eapol-test tool will be a good start to troubleshooting your internet worries. As for anything else, our highly recommended support team is here to help you around the clock. 

Anusha Harish

Anusha is a copywriter with a passion for telling stories through her writing. With a law degree and keen research skills, she writes articles to help customers make informed decisions. She is a movie buff and a bookworm. She can be found tucked away with a book and a cup of coffee when she is not reading and writing for work.

Related Posts