Radius traffic is no loner SNAT'd after a failover, CSS-CSS

Unanswered Question
Aug 16th, 2007
User Badges:

Hi Experts,

I have case where i have 2 CSS's in active standby mode. We use a VIP for radius traffic ie. UDP 1813. When in normal operation, all is OK. The IP src of the packet from CSS to the GGSN (NAS) has the CSS VIP IP. After we failover to the other CSS, this new CSS stops un NATing. This means the the packet from CSS to the GGSN in the radius response has the src IP of the real radius server. The GGSN doesn't accept this as this ip is unexpected.

Why is CSS stopping doing NAT after a switchover. Software is 7.10.504.


TIA


Alan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Diego Vargas Thu, 08/16/2007 - 07:14
User Badges:
  • Cisco Employee,

In order to find the root cause of the issue more information is needed. What I can tell you for sure is that the code version that you are running is very old and is vulnerable so several problems.


We already have 8.20, so it would important to consider an upgrade in the future.


Perhaps you can attach the showtech of both CSS and I can take a look to see if something is wrong, also please clarify if when failing over back to the Primary the NATing started working again.


Hope it helps!!

Actions

This Discussion