Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Radius traffic is no loner SNAT'd after a failover, CSS-CSS

Hi Experts,

I have case where i have 2 CSS's in active standby mode. We use a VIP for radius traffic ie. UDP 1813. When in normal operation, all is OK. The IP src of the packet from CSS to the GGSN (NAS) has the CSS VIP IP. After we failover to the other CSS, this new CSS stops un NATing. This means the the packet from CSS to the GGSN in the radius response has the src IP of the real radius server. The GGSN doesn't accept this as this ip is unexpected.

Why is CSS stopping doing NAT after a switchover. Software is 7.10.504.



Cisco Employee

Re: Radius traffic is no loner SNAT'd after a failover, CSS-CSS

In order to find the root cause of the issue more information is needed. What I can tell you for sure is that the code version that you are running is very old and is vulnerable so several problems.

We already have 8.20, so it would important to consider an upgrade in the future.

Perhaps you can attach the showtech of both CSS and I can take a look to see if something is wrong, also please clarify if when failing over back to the Primary the NATing started working again.

Hope it helps!!