>
>Would the primary RADIUS server, happen to by any chance also be your
>customers primary DNS server?
>
>On Tue, 20 Jan 1998 clemdog@marshallnet.com wrote:
>
>> I discovered today when I took the primary radius server down
>> people on the PM3 could not go anywhere. The backup server was
>> authenticating them and all but they could not get out to the world.
>> If someone could point out the blunder from this it would be most
>> appreciated. Hope this makes sense to someone.
>>
>> PM3 global config
>> show global
>> System Name: port1
>> Default Host: 0.0.0.0
>> Alternate Hosts:
>> IP Gateway: 207.177.3.254
>> Gateway Metric: 1
>> Default Routing: Quiet (Off)
>> Name Service: DNS
>> Name Server: 207.177.3.2
>> Domain: marshallnet.com
>> Telnet Access Port: 23
>> Loghost: 0.0.0.0
>> Maximum PMconsole: 1
>> Assigned Address: 207.177.4.129
>> RADIUS Server: p100.marshallnet.com
>> Alternate Server: 207.177.3.12
>> Accounting Server: p100.marshallnet.com
>> Alt. Acct. Server: 0.0.0.0
>> PPP Authentication: PAP: on CHAP: off
>> ISDN Switch Type: ATT-5ESS
>> End Point Disc: None
>> Disabled Modules: OSPF BGP
>>
>> Also
>> port1> show ether0
>> Ethernet Status: IP - Enabled IPX - Disabled
>> Interface Addr: port1.marshallnet.com (207.177.3.253)
>> Netmask: 255.255.255.0
It looks like you are attempting to use the two class-C nets as two distinct
network segments on one physical link. If would be much easier to supernet
(using VLSM or OSPF) both as one contiguous supernet using a netmask for
this ( IE 255.255.254.0 ).
I would think since the PM3 "knows" about the router everything works fine
while the primary Radius server is running (on the same class-C segment) but
when you drop the primary the PM3 no longer "see's" the secondary Radius
server which is in the other class-C segment. I suspect you can check this
by setting the secondary Radius server to debug mode and see if the PM3 is
getting authentication request information to it.
(Sure looks like a case for OSPF and Gated)...<grin>...
>> Broadcast Address: 207.177.3.0 < This I wonder about>
>> IPX Network: 00000000
>> IPX Frame Type: ETHERNET_802.2
>> Ethernet Address: 00:c0:05:04:09:02
>> Routing: RIP(Broadcast, Listen (On))
>> Input Filter:
>> Output Filter:
>>
>> I will try to explain the rest of this jumbo.
>> We have 2 Class C's as follows
>> 207.177.3.*
>> 207.177.4.*
>> router is at 207.177.3.254 also known as route1.marshallnet.com
>> PM3 is at 207.177.3.253 also known as port1.marshallnet.com
>>
>> Main authentication server known as P100 aka 207.177.3.3 has
>> following routes and does some dialup pots for first half of the
>> 207.177.4.* network
>>
>> 207.177.4.128 port1.marshalln 255.255.255.128 UG0 0 5556 eth0
>> 207.177.3.0 * 255.255.255.0 U 0 0 781 eth0
>> 127.0.0.0 * 255.0.0.0 U 0 0 98 lo default
>> route1.marshall 0.0.0.0 UG 0 0 5657 eth0
>>
>> Primary name server known as ns1.marshallnet.com 207.177.3.2
>> has these routes
>> Destination Gateway Genmask Flags Metric Ref
>> 207.177.4.0 p100.marshallne 255.255.255.128 UG 00 167 eth0
>> 207.177.4.128 port1.marshalln 255.255.255.128 UG 0 01089 eth0
>> 207.177.3.0 * 255.255.255.0 U 0 016 eth0
>> 127.0.0.0 * 255.0.0.0 U 0 0 2 lo
>> default route1.marshall 0.0.0.0 UG 0 0 4358 eth0
>>
>> Backup Radius server kwown as P120 or 207.177.3.12
>> has these
>> 207.177.4.128 port1.marshalln 255.255.255.128 UG 0 0 9 eth0
>> 207.177.4.0 p100.marshallne 255.255.255.128 UG 0 0 3 eth0
>> 207.177.3.0 * 255.255.255.0 U 0 0 7 eth0
>> 127.0.0.0 * 255.0.0.0 U 0 0 1 lo
>> default route1.marshall 0.0.0.0 UG 0 0 710 eth0
>>
>>
>> Jon Clemons
>> -
>> To unsubscribe, email 'majordomo@livingston.com' with
>> 'unsubscribe portmaster-users' in the body of the message.
>>
>>
>
>Josh Richards - <jrichard@livingston.com>
>Beta Engineer
>Lucent Technologies (Remote Access Business Unit)
>(previously Livingston Enterprises, Inc.)
>
>-
>To unsubscribe, email 'majordomo@livingston.com' with
>'unsubscribe portmaster-users' in the body of the message.
>
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.