RAS Authentication Test (Compact 2013)

3/26/2014

The RAS Authentication Test exercises authentication protocols and RAS flags. This is done by combining the following four authentication types with the twelve RASEO_* flags.

The four authentication types are as follows:

  • PAP
  • EAP
  • MSCHAPv2
  • NODDC

The RASEO_* flags are as follows:

  • RASEO_ProhibitPAP
  • RASEO_ProhibitEAP
  • RASEO_RequireEncryptedPw
  • RASEO_RequireMsEncryptedPw
  • RASEO_RequireDataEncryption
  • RASEO_RequireEncryptedPw | RASEO_RequireMsEncryptedPw
  • RASEO_RequireMsEncryptedPw | RASEO_RequireDataEncryption
  • RASEO_RequireEncryptedPw | RASEO_RequireMsEncryptedPw | RASEO_RequireDataEncryption
  • <no flag>

This combination of 48 test cases (12 flags x 4 authentication types) for IPv4 and IPv6, and they are repeated for the following RAS connection types:

  • L2TP (using a preshared key)
  • DCC (serial cable)

Note

No authentication is done over DCC. Instead, regardless of the combinations of RAS flags and authentication types, the test cases for DCC check for successful connection to the RAS server.

Test Prerequisites

Your device must meet the following requirements before you run this test.

The following tables show the hardware dependency for each RAS connection type.

Requirements

Description

Windows Embedded Compact device

The device being tested

RAS server with serial cable

Required for DCC. Should accept incoming clients without authentication. Must be connected to the Windows Embedded Compact device via a serial cable.

VPN server with Ethernet or other network connection

Required for L2TP. Recommended for IPv6 L2TP, VPN server with Win2K8 or later. Must be reachable over the network for VPN test cases (L2TP). The VPN server must accept all authentication protocols and must have dial-in permission for the username given in the command line.

The following tables show the software requirements for the RAS Authentication Test.

Requirements

Description

Tux.exe

Test harness, required for all tests

Kato.dll

Logging engine, required for all tests

PPPAuth.dll

Library containing the test cases

Subtests

The following table lists the subtests included in this test.

SubTest ID

Description

601

L2TP_PAP_PROHIBIT_PAP

605

L2TP_PAP_PROHIBIT_EAP

606

L2TP_PAP_REQUIRE_ENC_PW

607

L2TP_PAP_REQUIRE_MS_ENC_PW

608

L2TP_PAP_REQUIRE_DATA_ENC

609

L2TP_PAP_REQUIRE_ENC_MS_PW

610

L2TP_PAP_REQUIRE_MS_DATA_ENC

611

L2TP_PAP_REQUIRE_MS_DATA_ENC_PW

612

L2TP_PAP_REQUIRE_NO_FLAGS

801

L2TP_MSCHAPv2_PROHIBIT_PAP

802

L2TP_MSCHAPv2_PROHIBIT_MSCHAPV2

803

L2TP_MSCHAPv2_PROHIBIT_MSCHAP

804

L2TP_MSCHAPv2_PROHIBIT_CHAP

805

L2TP_MSCHAPv2_PROHIBIT_EAP

806

L2TP_MSCHAPv2_REQUIRE_ENC_PW

807

L2TP_MSCHAPv2_REQUIRE_MS_ENC_PW

808

L2TP_MSCHAPv2_REQUIRE_DATA_ENC

809

L2TP_MSCHAPv2_REQUIRE_ENC_MS_PW

810

L2TP_MSCHAPv2_REQUIRE_MS_DATA_ENC

811

L2TP_MSCHAPv2_REQUIRE_MS_DATA_ENC_PW

812

L2TP_MSCHAPv2_REQUIRE_NO_FLAGS

901

L2TP_EAP_PROHIBIT_PAP

905

L2TP_EAP_PROHIBIT_EAP

906

L2TP_EAP_REQUIRE_ENC_PW

907

L2TP_EAP_REQUIRE_MS_ENC_PW

908

L2TP_EAP_REQUIRE_DATA_ENC

909

L2TP_EAP_REQUIRE_ENC_MS_PW

910

L2TP_EAP_REQUIRE_MS_DATA_ENC

911

L2TP_EAP_REQUIRE_MS_DATA_ENC_PW

912

L2TP_EAP_REQUIRE_NO_FLAGS

1101

L2TP_NODCC_PROHIBIT_PAP

1105

L2TP_NODCC_PROHIBIT_EAP

1106

L2TP_NODCC_REQUIRE_ENC_PW

1107

L2TP_NODCC_REQUIRE_MS_ENC_PW

1108

L2TP_NODCC_REQUIRE_DATA_ENC

1109

L2TP_NODCC_REQUIRE_ENC_MS_PW

1110

L2TP_NODCC_REQUIRE_MS_DATA_ENC

1111

L2TP_NODCC_REQUIRE_MS_DATA_ENC_PW

1112

L2TP_NODCC_REQUIRE_NO_FLAGS

1201

DCC_PAP_PROHIBIT_PAP

1205

DCC_PAP_PROHIBIT_EAP

1206

DCC_PAP_REQUIRE_ENC_PW

1207

DCC_PAP_REQUIRE_MS_ENC_PW

1208

DCC_PAP_REQUIRE_DATA_ENC

1209

DCC_PAP_REQUIRE_ENC_MS_PW

1210

DCC_PAP_REQUIRE_MS_DATA_ENC

1211

DCC_PAP_REQUIRE_MS_DATA_ENC_PW

1212

DCC_PAP_REQUIRE_NO_FLAGS

1501

DCC_EAP_PROHIBIT_PAP

1505

DCC_EAP_PROHIBIT_EAP

1506

DCC_EAP_REQUIRE_ENC_PW

1507

DCC_EAP_REQUIRE_MS_ENC_PW

1508

DCC_EAP_REQUIRE_DATA_ENC

1509

DCC_EAP_REQUIRE_ENC_MS_PW

1510

DCC_EAP_REQUIRE_MS_DATA_ENC

1511

DCC_EAP_REQUIRE_MS_DATA_ENC_PW

1512

DCC_EAP_REQUIRE_NO_FLAGS

1701

DCC_NODCC_PROHIBIT_PAP

1705

DCC_NODCC_PROHIBIT_EAP

1706

DCC_NODCC_REQUIRE_ENC_PW

1707

DCC_NODCC_REQUIRE_MS_ENC_PW

1708

DCC_NODCC_REQUIRE_DATA_ENC

1709

DCC_NODCC_REQUIRE_ENC_MS_PW

1710

DCC_NODCC_REQUIRE_MS_DATA_ENC

1711

DCC_NODCC_REQUIRE_MS_DATA_ENC_PW

1712

DCC_NODCC_REQUIRE_NO_FLAGS

The following test cases are the L2TP authentication tests for IPV6 scenarios in pppauth.dll.

SubTest ID

Description

2601

L2TP_PAP_PROHIBIT_PAP_IPV6

2605

L2TP_PAP_PROHIBIT_EAP_IPV6

2606

L2TP_PAP_REQUIRE_ENC_PW_IPV6

2607

L2TP_PAP_REQUIRE_MS_ENC_PW_IPV6

2608

L2TP_PAP_REQUIRE_DATA_ENC_IPV6

2609

L2TP_PAP_REQUIRE_ENC_MS_PW_IPV6

2610

L2TP_PAP_REQUIRE_MS_DATA_ENC_IPV6

2611

L2TP_PAP_REQUIRE_MS_DATA_ENC_PW_IPV6

2612

L2TP_PAP_REQUIRE_NO_FLAGS_IPV6

2801

L2TP_MSCHAPv2_PROHIBIT_PAP_IPV6

2802

L2TP_MSCHAPv2_PROHIBIT_MSCHAPV2_IPV6

2803

L2TP_MSCHAPv2_PROHIBIT_MSCHAP_IPV6

2804

L2TP_MSCHAPv2_PROHIBIT_CHAP_IPV6

2805

L2TP_MSCHAPv2_PROHIBIT_EAP_IPV6

2806

L2TP_MSCHAPv2_REQUIRE_ENC_PW_IPV6

2807

L2TP_MSCHAPv2_REQUIRE_MS_ENC_PW_IPV6

2808

L2TP_MSCHAPv2_REQUIRE_DATA_ENC_IPV6

2809

L2TP_MSCHAPv2_REQUIRE_ENC_MS_PW_IPV6

2810

L2TP_MSCHAPv2_REQUIRE_MS_DATA_ENC_IPV6

2811

L2TP_MSCHAPv2_REQUIRE_MS_DATA_ENC_PW_IPV6

2812

L2TP_MSCHAPv2_REQUIRE_NO_FLAGS_IPV6

2901

L2TP_EAP_PROHIBIT_PAP_IPV6_IPV6

2905

L2TP_EAP_PROHIBIT_EAP_IPV6

2906

L2TP_EAP_REQUIRE_ENC_PW_IPV6

2907

L2TP_EAP_REQUIRE_MS_ENC_PW_IPV6

2908

L2TP_EAP_REQUIRE_DATA_ENC_IPV6

2909

L2TP_EAP_REQUIRE_ENC_MS_PW_IPV6

2910

L2TP_EAP_REQUIRE_MS_DATA_ENC_IPV6

2911

L2TP_EAP_REQUIRE_MS_DATA_ENC_PW_IPV6

2912

L2TP_EAP_REQUIRE_NO_FLAGS_IPV6

3101

L2TP_NODCC_PROHIBIT_PAP_IPV6

3105

L2TP_NODCC_PROHIBIT_EAP_IPV6

3106

L2TP_NODCC_REQUIRE_ENC_PW_IPV6

3107

L2TP_NODCC_REQUIRE_MS_ENC_PW_IPV6

3108

L2TP_NODCC_REQUIRE_DATA_ENC_IPV6

3109

L2TP_NODCC_REQUIRE_ENC_MS_PW_IPV6

3110

L2TP_NODCC_REQUIRE_MS_DATA_ENC_IPV6

3111

L2TP_NODCC_REQUIRE_MS_DATA_ENC_PW_IPV6

3112

L2TP_NODCC_REQUIRE_NO_FLAGS_IPV6

Setting Up the Test

The RAS Authentication Test requires the image to have the following SYSGENs set depending on what is being tested:

  • SYSGEN_PPP for DCC cases
  • SYSGEN_L2TP for L2TP cases

If you do not have one or more of these SYSGENs, you can exclude the relevant test cases by specifying only the desired test cases w the -x option in Tux.

Also, if you do not have the serial cable setup, you can skip the relevant test cases by specifying only the desired test cases using the -x option in Tux.

Boot the Windows Embedded Compact-based device and attach the serial cable to a RAS server. Run case 100 in the TAPIclient Tux suite to get the device identifier of the serial port you wish to use. For example: s tux -o -d tapiclient -x 100.

Running the Test

Before you can run the RAS Authentication Test, you must modify the current command line for this test by specifying the parameters after the -c.

s tux -o -d PPPAuth -c "[Parameters]"

The following table shows the command line parameters for use with the RAS Authentication Test.

Command line parameter

Description

-device id

choose available RAS device

-user username

User name to be authenticated

-dccuser username

Direct cable connection user name

-pwd password

User password

-dccpw password

Use direct cable connection and user password

-domain domain

The server domain

-svr VPN_server

(L2TP) The VPN server name

-psk key

(L2TP only) The preshared key

-x test_cases

Specifies the test case or cases to run

tux -o -d PPPAuth.dll -c" parameters"

There are two new options for IPv4 and IPv6.

Ipv6:

tux -o -d pppauth -c"-user user1 -pwd pass456$ -domain wincevpn -psk test123 -svr IPV6WCEVPNSRVR" -x 2801

ipv4:

tux -o -d pppauth -c"-user user1 -pwd pass456$ -domain wincevpn -psk test123 -svr IPV6WCEVPNSRVR" -x 801

Verifying the Test

When the test completes running, verify that "PASS" appears in the test log for all sub-tests.

Troubleshooting the Test

If any of the test cases fail, be sure you can connect to your VPN Server and RAS server using the Network Configuration Window from the control panel. Make sure that your VPN Server and RAS Server are set up correctly as described in Test Prerequisites for the RAS Authentication Test.

See Also

Other Resources

Networking - Bluetooth, Modem, Wireless Tests