Microsoft IAS and Loadbalancing with Cisco CSS
From: Eric J. (bt_hirosaito_at_gmx.de)
Date: 03/21/05
- Next message: anonymous_at_discussions.microsoft.com: "IAS-proxy and adding attributes part 2"
- Previous message: Thomas K: "Re: PEAP WLAN Certificate"
- Messages sorted by: [ date ] [ thread ]
Date: 21 Mar 2005 02:17:40 -0800
Hi,
does anyone of you have any experiences with using a cisco CSS and IAS
?
Cause we got many problems with that:
The switch sends the radius request to the loadbalancer which
translates the ip and forwards it to the server.
But only the first return packet comes from the virtual loadbalancer
ip. all other packets arenīt translated and still have the real ip of
the server.
So the switch always says: RADIUS: Response for non-existent request
ident
cause the switch asks the .55 (virtualIP) and the .35(realIP) answers
here the switch-log. maybe anyone has a clue.
RADIUS: EAP-login: length of radius packet = 177 code = 1
RADIUS: Initial Transmit FastEthernet0/2 id 155 10.10.10.55:1812,
Access-Request, len 177
RADIUS: Received from id 155 10.10.10.55:10609, Access-Challenge, len
76
RADIUS: EAP-login: length of eap packet = 6
RADIUS: EAP-login: got challenge from radius
RADIUS: ustruct sharecount=1
RADIUS: EAP-login: length of radius packet = 245 code = 1
RADIUS: Initial Transmit FastEthernet0/2 id 156 10.10.10.55:1812,
Access-Request, len 245
RADIUS: Received from id 156 10.10.10.35:1812, Access-Challenge, len
1576
RADIUS: Response for non-existent request ident
RADIUS: Retransmit id 156
RADIUS: Received from id 156 10.10.10.35:1812, Access-Challenge, len
1576
RADIUS: Response for non-existent request ident
Thanks
Eric
- Next message: anonymous_at_discussions.microsoft.com: "IAS-proxy and adding attributes part 2"
- Previous message: Thomas K: "Re: PEAP WLAN Certificate"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
