Solved: Which IP SLA probes for LDAP and Radius

abdel.bidar · ‎09-17-2008

Hi,

I would like to use IP SLA probes to monitor Broadband customer access.

We want to deploy some shadow routers on some Exchange sites to measure customer experience.

We are thinking about creating some DNS probe. We would like to test authentication.

I am thinking of running UDP probe port 1812 for Radius.

I dont know if it is enough.

What about LDAP ?

Anyone would have done some similar implementation ?

Thanks

rgds

Abdel

Joe Clarke · ‎09-17-2008

There aren't specific operations to test Radius and LDAP. For Radius, there's nothing you can do as the udpEcho operation won't work with the Radius port. You would need to configure the collector to send queries to the UDP echo port (port 7), or to an IP SLA responder device (see http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/sla_udp_echo_ps6441_TSD_Products_Configuration_Guide_Chapter.html ).

However, for LDAP, you can configure a generic TCP connection collector which will at least give you connection latency data. The collector should connect to tcp/389 (assuming clear text LDAP) or tcp/636 for ldaps.

View solution in original post

Joe Clarke · ‎09-17-2008

There aren't specific operations to test Radius and LDAP. For Radius, there's nothing you can do as the udpEcho operation won't work with the Radius port. You would need to configure the collector to send queries to the UDP echo port (port 7), or to an IP SLA responder device (see http://www.cisco.com/en/US/docs/ios/ipsla/configuration/guide/sla_udp_echo_ps6441_TSD_Products_Configuration_Guide_Chapter.html ).

However, for LDAP, you can configure a generic TCP connection collector which will at least give you connection latency data. The collector should connect to tcp/389 (assuming clear text LDAP) or tcp/636 for ldaps.