Prerequisites and Basic Procedures

The following steps are part of the basic testing procedure and illustrate it:

1. Test direct logon to OneSpan Authentication Server Appliance.
2. Test back-end authentication via OneSpan Authentication Server Appliance.
3. Test management features.

Before you can complete the test scenarios, you need to create a user account in the OneSpan Authentication Server Appliance instance (see  User records) with the following configuration:

• A corresponding Windows user account does exist.
• The stored static password is the same as the password for the Windows user account.
• An authenticator with Response-Only and Challenge/Response authenticator applications is assigned to the user account. Demo authenticator records need to be imported and assigned to the account (see  Authenticator records and assignment. The DPX files of the demo authenticators are part of the delivery package of OneSpan Authentication Server Appliance.
• A RADIUS client component is registered in the OneSpan Authentication Server Appliance instance (see  Client component records.
• A test policy is created (see Creating a test policy).

To test RADIUS back-end authentication, you will need to Install the RADIUS Client Simulator application from the delivery package of OneSpan Authentication Server Appliance on a computer that you will use to create, configure, and test the OneSpan Authentication Server Appliance settings.

Modifying the test policy

In each scenario you need to modify the test policy created before (see  Creating a test policy).

To modify the test policy

1. Log on to the OneSpan Authentication Server Administration Web Interface (see Accessing OneSpan Authentication Server Appliance Configuration Tool and OneSpan Authentication Server Administration Web Interface).
2. Navigate to POLICIES > List.
3. Locate the test policy and click its policy ID in the list.
4. Modify the settings depending on the scenario.
5. Click SAVE.

Testing direct logon to RADIUS server

Once the RADIUS server has been set up, attempt a direct login using the RADIUS Client Simulator and the user account created for testing.

To test direct logon to the RADIUS server

1. Open the RADIUS Client Simulator.
2. Enter the IP address of the RADIUS server.
3. Enter the Authentication and Accounting port numbers if they vary from the default.
4. Enter the Shared Secret that was configured in the RADIUS client record in the RADIUS server for OneSpan Authentication Server Appliance.
5. Select a Protocol to use.
6. Click on any port icon to attempt a logon.
7. Enter the user ID and password and click Login.
8. The reply attributes set up for that user account should be displayed in the RADIUS Client Simulator.

Testing a logon with RADIUS Client Simulator

In each scenario, you will need to attempt a logon using the RADIUS Client Simulator application.

To test a logon with RADIUS Client Simulator

1. Click any port in the Simulated NAS Ports group to open the Manual Simulation dialog.
2. Type the user ID you are using for test logons in the User ID field.
3. Type the password for the user account in the Password field. Depending on the scenario, this is either the static password, the OTP generated by the authenticator, or a combination of both.

4. Click Login.

   The Status information field will indicate the success or failure of your logon.