Once an IdP Server and Realm have been submitted, eduroam Administrators are able to test the configuration of a Realm to ensure it is responding to requests via three authentication methods: EAP-PEAP, EAP-TTLS, EAP-TLS.

How to test an eduroam Realm

Prerequisites: Your Realm is approved, your Realm and corresponding IdP server information has been submitted as part of your configuration

  1. Log into the eduroam Federation Manager
  2. From the top nav bar, click 'Test Realm(s)' or from the IdP Realms tab, click 'Test Realm' next to the Realm you wish to test
  3. Select the Realm to test
  4. Select the authentication type to test, either EAP-PEAP, EAP-TTLS, or EAP-TLS.
  5. Enter a username/password and and/or certificate for an active eduroam user on the IdP being tested
  6. Click 'Test'
  7. Results appear in about 10 seconds towards the bottom of the page along with a history of sent requests



Your credentials will not be saved by the Federation Manager. Each request will result in four results, representing the two TLRS servers and the two real servers running behind each of the TLRS virtual servers.

Successful Result

A successful result will be in a green box, and have a result of ‘OK’.  Each result will be late

Error Messages

A result with an error will be in a red box and have one of two error messages.

access-reject

An access-reject reason can result from a mistyped username/password or one that is not valid for the realm and IdP. An access-reject will also be returned if the IdP server’s shared secret in eduroam Federation Manager does not match the shared secret configured on the IdP server.  

timeout

The IdP server for the chosen realm is currently unreachable. This may be because the server is currently offline, not configured to respond to requests, or the request are currently being blocked by a firewall.


Related articles