(RADIATOR) how to SNMP to an address other than NAS-IP-Address?
Dave Kitabjian
dave at netcarrier.com
Thu Nov 3 11:06:12 CST 2005
Thanks for the tips, guys!
We'll try this out.
Dave
_____
From: Martin Wallner [mailto:Martin.Wallner at eunet.co.at]
Sent: Wednesday, November 02, 2005 7:22 PM
To: Hugh Irvine; Dave Kitabjian
Cc: radiator at open.com.au
Subject: AW: (RADIATOR) how to SNMP to an address other than
NAS-IP-Address?
Dave,
It is (at least at Cisco and Juniper) EXTREMELY easy to make the SNMP
process use the same, defined Loopback address as the AAA process uses
connecting to the RADIATOR. Even multiple SNMP processes or Traps can be
sent from defined Loopback addresses. You can have multiple SNMP
communities or v3 users. NO need to fumble on the other side.
Everything else, like writing code around the problem on the other side
- RADIATIR - only tends to turns around at a time you are not prepared
for it and bites you in the a**..... Believe me, we were working here on
such a beast for a day until we found the 'little thing that made the
live easier two years ago' .... :-/
=mw=
_____
Von: owner-radiator at open.com.au im Auftrag von Hugh Irvine
Gesendet: Mi 02.11.2005 22:55
An: Dave Kitabjian
Cc: radiator at open.com.au
Betreff: Re: (RADIATOR) how to SNMP to an address other than
NAS-IP-Address?
Hello Dave -
The best way to deal with this problem is to define a loopback
interface in each device and use it for both RADIUS and SNMP. This
avoids problems with using any of the physical interfaces on the device.
Otherwise all I can think of is a hook to rewrite the NAS-IP-Address
before it gets written into the session database.
regards
Hugh
On 3 Nov 2005, at 08:05, Dave Kitabjian wrote:
> The subject says it all.
>
> It's not uncommon for us to have a NAS which is multi-homed, and
> the IP address to use to talk to the SNMP MIB is not the same one
> from which the NAS is sending packets to Radiator nor the one in
> NAS-IP-Address.
>
> Does anyone have any suggestions about how to specify sort of an
> SNMP-IP-Address attribute to each NAS? I can think of a couple
> rather tedious solutions, but I was hoping for something less
> grueling...
>
> Thanks!
>
> Dave
>
NB:
Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive (www.open.com.au/archives/
radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051103/76184e59/attachment.html>
More information about the radiator
mailing list