cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

3262
Views
0
Helpful
3
Replies
Nasser Heidari
Beginner

Problem with Automate-tester Probe-on

Hi, 

I have configured my BNG with two radius servers in one aaa group :

radius server rad-01
address ipv4 10.10.4.20 auth-port 18012 acct-port 18013
timeout 10
retransmit 3
automate-tester username dummy ignore-acct-port probe-on
key *****

radius server rad-02
address ipv4 10.10.4.21 auth-port 18012 acct-port 18013
timeout 10
retransmit 3
automate-tester username dummy ignore-acct-port probe-on
key *****


aaa group server radius freeradius
server name rad-01
server name rad-02

radius-server dead-criteria time 15 tries 3
radius-server deadtime 10

with this configuration, once my first radius server becomes unavailable, BNG will try second radius. This is working fine.

My problem is that once there is a network outage between BNG and Radius, both AAA servers become DEAD and for 10 minutes BNG don't try to check if radius status is UP (radius-server deadtime 10). 

I want to use automate-tester feature to query radius server status when it becomes DEAD.

According to cisco documentation , using probe-on feature can switch server status from DEAD to up:

http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/identity-based-networking-services/whitepaper_C11-731907.html

The use of this additional key word in the automate-tester command ensures that:

   The probes are sent out only when the RADIUS server is marked DEAD

   A DEAD server will be marked “UP” only when a response is received from the RADIUS server.

I have already configured probe-on feature, but still I don't see any packets from BNG once radius becomes DEAD. Is there any workaround for this issue?

Regards,

Nasser

3 REPLIES 3

Software?

Octavian Szolga
Participant
dhristov
Cisco Employee

the problem seems to be related to " automate-tester username dummy ignore-acct-port probe-on". Can you try to remove that CLI. We are working on a fix,

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: pxGrid (35%)

Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel