AW: (RADIATOR) how to SNMP to an address other than NAS-IP-Address?

Martin Wallner Martin.Wallner at eunet.co.at
Wed Nov 2 18:22:25 CST 2005


Dave,
 
It is (at least at Cisco and Juniper) EXTREMELY easy to make the SNMP process use the same, defined Loopback address as the AAA process uses connecting to the RADIATOR. Even multiple SNMP processes or Traps can be sent from defined Loopback addresses. You can have multiple SNMP communities or v3 users. NO need to fumble on the other side.
 
Everything else, like writing code around the problem on the other side - RADIATIR - only tends to turns around at a time you are not prepared for it and bites you in the a**..... Believe me, we were working here on such a beast for a day until we found the 'little thing that made the live easier two years ago' .... :-/
 
=mw=
 

________________________________

Von: owner-radiator at open.com.au im Auftrag von Hugh Irvine
Gesendet: Mi 02.11.2005 22:55
An: Dave Kitabjian
Cc: radiator at open.com.au
Betreff: Re: (RADIATOR) how to SNMP to an address other than NAS-IP-Address?




Hello Dave -

The best way to deal with this problem is to define a loopback 
interface in each device and use it for both RADIUS and SNMP. This 
avoids problems with using any of the physical interfaces on the device.

Otherwise all I can think of is a hook to rewrite the NAS-IP-Address 
before it gets written into the session database.

regards

Hugh



On 3 Nov 2005, at 08:05, Dave Kitabjian wrote:

> The subject says it all.
>
> It's not uncommon for us to have a NAS which is multi-homed, and 
> the IP address to use to talk to the SNMP MIB is not the same one 
> from which the NAS is sending packets to Radiator nor the one in 
> NAS-IP-Address.
>
> Does anyone have any suggestions about how to specify sort of an 
> SNMP-IP-Address attribute to each NAS? I can think of a couple 
> rather tedious solutions, but I was hoping for something less 
> grueling...
>
> Thanks!
>
> Dave
>


NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.


--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051103/540c01be/attachment.html>


More information about the radiator mailing list