Page History

...

Call it eduroam_monitor_check.sh and store it alongside the config file in /opt/:

#!/bin/sh
# Run a heartbeat
ip=<the IP address for your server>
s=<the secret for the client you created>
bssid=<the BSSID for your eduroam network, in a MAC format like 02:00:00:00:00:01>
# check that eapol_test works
if [[ -x /sbin/eapol_test ]]; then
  if [[ -f /opt/eduroam_monitor/eapol_config.cfg ]]; then
    # get the actual output
    i=$(/sbin/eapol_test -c /opt/eduroam_monitor/eapol_config.cfg -N 30:s:$bssid:eduroam -N 32:s:eduroamUK-heartbeat -t 5 -r 1 -a $ip -s $s |tail -1)
    # output is either success or failure
    /bin/logger eduroam Monitoring: $i
  fi
fi

The result of this script is not a success or failure error code, but rather a line in the system log with the text 'eduroam Monitoring: <result>', along with a successful authentication in your RADIUS server logs for the test user in your configuration.

...

...

You can run this script by either adding a line into a crontab for your monitoring user, or you can copy copy eduroam_monitor_check.sh into /etc/cron.hourly for an hourly run. Alternatively, if you prefer a more frequent run, add a file into /etc/cron.d/ with this contents:

...

You will need the configuration file (see above). The extension of the configuration file is not important, but do note Note down the location and name because you will need it. In the example code, I assume C:\eduroamHB as the location, and thus I'll use C:\eduroamHB\eapol_peap.cfg as name.

To run eapol_test.exe, place it in the same directory as eapol_peapconfig.cfg (or your chosen name). Then, in the same location, create a batchfile with this contents:

@echo off

...

set ROAMING_IP="<the IP address for your server>"

...

set ROAMING_SECRET="<the secret for the client you created>"

...

set BSSID="<the BSSID for your eduroam network, in a MAC format like 02:00:00:00:00:01>"

...

cd C:\eduroamHB

...

eapol_test.exe -t6 -N 33:x:4f53432d457874656e6465642d49643d31323435 -N 30:s:%BSSID%:eduroam -N 32:s:eduroamUK-heartbeat -c eapol_

...

config.cfg -a %ROAMING_IP% -s %ROAMING_SECRET% |findstr /R "^SUCCESS$" >nul 2>nul

...

set MYVAR=%errorlevel%

...

IF "%MYVAR%" == "0" GOTO EventSuccess

...

eventcreate /Id 2 /D "eduroam

...

 Monitoring: FAILURE" /T ERROR /L system /SO

...

 eduroamMonitor >nul 2>nul

...

GOTO End

...

:EventSuccess

...

eventcreate /Id 1 /D "eduroam

...

 Monitoring: SUCCESS" /T SUCCESS /L system /SO

...

 eduroamMonitor >nul 2>nul

...

:End

As before, adjust the location of the file and the directories in the batchfile accordingly. You can also use this batchfile to test your connection to the roaming servers by adjusting the ROAMING_IP and ROAMING_SECRET settings to the IP of the NRPS FLR of your choice, along with its secret. This will skip your server and test your external connection directly instead.

To create a scheduled task that runs every ten minutes, you should execute this command as an administrator on your server that the batchfile runs from:

SCHTASKS /Create /U <domain\user> /P <password> /SC MINUTE /MO 10 /TN eduroamHeartBeat eduroamMonitor /TR "C:\eduroamHB\eduroamHBeduroam_mon.bat" /RU 'NT AUTHORITY\SYSTEM'

Adjust the /U and /P parameters to an admin user and its password.

After every run, you should see an event in the 'System' log in the Event Viewer of your server called 'eduroamHeartBeateduroamMonitor'. An 'Information' type message means it will be a success message. An 'Error' type message will contain an error.

Then check your event log regularly to see whether your external connection is still 'up'. 

...