Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
0
Helpful
2
Replies

How can I verify connections to my server on ACE-udp port

nygenxny123
Level 1
Level 1

‎05-05-2010 11:42 AM

We are failing when RADIUS is trying to be implemented through a vip

server doesnt see connections

I do

show serverfarm RADIUIS

---------------------------------
                                               ----------connections-----------
      real                  weight state             current           total            failures
  ---+---------------------+------+------------+----------+----------+---------
  rserver: PRDDOMCLT02
      10.11.13.180:0        8      OPERATIONAL  0          13         0
  rserver: PRDDOMCLT01
      10.11.13.212:0        8      OPERATIONAL  0          12         0

and I can see connections on the table for the rserver, but how can i confirm what part it is used on?

These would be typical UDP Radius ports

serverfarm host RADIUS
  probe probe_service_icmp
  rserver PRDDOMCLT02
    inservice
  rserver PRDDOMCLT01

rserver host PRDDOMCLT02
  ip address 10.11.13.180
  probe probe_service_icmp
  inservice

rserver host PRDDOMCLT01
  ip address 10.11.13.212
  probe probe_service_icmp
  inservice

class-map match-all RADIUS-VIP
  2 match virtual-address 172.20.224.35 any

policy-map type loadbalance first-match RADIUS-VIP
  class class-default
    serverfarm RADIUS

class RADIUS-VIP
   loadbalance vip inservice
   loadbalance policy RADIUS-VIP
   loadbalance vip icmp-reply
   nat dynamic 2 vlan 112

interface vlan 112
  ip address 10.11.12.4 255.255.252.0
  alias 10.11.12.10 255.255.252.0
  peer ip address 10.11.12.5 255.255.252.0
  no normalization
  no icmp-guard
  access-group input any
  nat-pool 2 10.11.12.20 10.11.12.20 netmask 255.255.252.0 pat
  service-policy input VIPs
  service-policy input ALLOW_ICMP_POLICY
  no shutdown

Labels:
0 Helpful
2 Replies 2

Gilles Dufour
Cisco Employee
Cisco Employee

‎05-06-2010 09:09 AM

You should get a sniffer trace on the vlan to see if the request comes in, if it is sent out and what the server does with it.

Gilles.

0 Helpful

ciscocsoc
Level 4
Level 4
In response to Gilles Dufour

‎05-07-2010 01:20 AM

Are you letting traffic from the VIP through ahny firewall on the RADIUS server and is the VIP defined as a NAS in the RADIUS configuration?

Cathy

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card