Waiting for hero's help, Question about CISCO 7200 SSG feature ? thanks

Unanswered Question
Aug 26th, 2008
User Badges:

I know that Cisco 7200 has function "Service Selection Gateway"(SSG),

I want to enable SSG function and recevie dynamic authortication,


used command as follow :


ssg enable

ssg radius-helper auth-port 3799 acct-port 3780

ssg radius-helper key cisco


then Let Radius Server send RADIUS packets to port 3799,but device respond


"port not reach.",I think because port didn't be opened,


but how does it enable SSG feature? pls which Hero tell me a method.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Tue, 08/26/2008 - 03:03
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Simec,


a good reference for SSG


http://www.cisco.com/en/US/docs/ios/12_2/12_2b/12_2b8/feature/guide/ftssg15b.html


Try with the default ports:


Defaults


The default port number for acct-port is 1646.

The default port number for auth-port is 1645.


Are you sure RADIUS is using UDP port 3799 when talking to SSG ?


Hope to help

Giuseppe

simec_tsin Tue, 08/26/2008 - 21:59
User Badges:

Hi, Giuslar, thank you.


I have been read the guide that you refer.


as I know, between SSG and RADIUS Server,its have some talking ways.


1) In a way, SSG send accountting/authentication Request


(RADIUS packet) to RADIUS Server,


and RADIUS Server respond the Response(RADIUS packet) to SSG.


2)In another way, RADIUS Server send dynamic authorization Request


(RADIUS packet) to SSG,and SSG respond the Response(RADIUS packet)


to SSG.

I want to enable the second way, but it isn't successful.


best regard

Actions

This Discussion