Unanswered Question
Apr 5th, 2010
User Badges:

I'm currently trying to setup an ISG using TAL (transparent autologon).  I already tested it using the ISG as a DHCP server and it works good.

But now I'm trying to make it work using an external DHCP server configuring dhcp relay on ISG and it is not working.

I'm using the following configuration:

aaa group server radius CAR
server X.X.X.X auth-port 1812 acct-port 1813
aaa authentication login IP_SESSION group CAR
aaa authorization subscriber-service IP_SESSION group CAR
ip dhcp pool ISG
   relay source <int0/3.1000500_network>
   relay destination <dhcp_server_address>
policy-map type control IP_SESSION
class type control always event session-start
  10 authorize aaa list IP_SESSION password PASSWORD identifier mac-address
class type control always event service-stop
interface GigabitEthernet0/3.1000500
encapsulation dot1Q 1000 second-dot1q 500
ip address X.X.X.X
service-policy type control IP_SESSION
ip subscriber l2-connected
  initiator dhcp

As soon as I configure DHCP relay the permited CPE Mac_address begins flapping from authenticated state to disconnection.

The following message starts appearing:

SSS MGR [uid:910]: Failed to retrieve PM context

Any ideas?

I already tested the DHCP server configuring the interface as a normal IP interface and it works perfectly with the CPE.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
CHARLES HEUPEL Thu, 05/06/2010 - 04:58
User Badges:

Do you have these commands in your router?

ip dhcp relay information option

ip dhcp relay information policy keep

ip dhcp relay information trust-all

Also, check your access-list.  The DHCP server IP address may need to be in your access-list depending on your architecture.


This Discussion