(2014-05-22)
Testing authentication
These cli commands can help you test your radius or ldap server:
# diag test auth radius <server_name> <chap | pap | mschap | mschap2> <username> <pwd>
# diag test authserver ldap <server_name> <username> <pwd>
These commands turn on more extensive debugging output for authentication which can be useful for figuring out what is wrong:
# diag debug reset
# diag debug application fnbamd –1
# diag debug enable
I've had situations where pressing the <test> button works, group lookup works, but actual authentication fails. In one case the
diag steps above showed me that TLS wasn't actually happening.