6.5R2 (build 14951)
is there any possibillity to check the Radius and LDAP Server state via snmp proactive ?
- I have configured 2 LDAP Server for authentication.
- I only get an "User access log" messages when BOTH LDAP-Server are unreachable:
Minor AUT23391 2010-02-09 13:25:33 - SYSTEMNAME - [127.0.0.1] CONTEXT:ystem() - Could not connect to LDAP server LDAP-SERVER: Failed binding to admin DN:  Can't contact LDAP server: (null)
- also an snmp trap is send:
Critical 2010/02/09 13:25:33 - SYSTEMNAME - CONTEXT:ystem() - Sending externalAuthServerUnreachable SNMP trap to SNMPLOGSERVER:162
- via the GUI I can only manually check if LDAP connection is working
- is there any possibility to see, if one LDAP is not reachable or not working ?
- are there any local possibillities on the IVE (like scripting) to check the LDAP authentication ?
- I get an "User access log" message for EVERY Radius that isn«t reachable:
Minor AUT21097 2010-02-11 13:06:16 - SYSTEMNAME - [127.0.0.1] CONTEXT:ystem() - Radius Server Radius-Produktion: Login failed for USER because host RADIUS-IP:1812 is unreachable.
- I also get an snmptrap:
Critical 2010/02/11 13:06:16 - SYSTEMNAME - CONTEXT:ystem() - Sending externalAuthServerUnreachable SNMP trap to SNMPLOGSERVER:162
- but I have no chance to see, when all Radius Servers are dead
- is there any possibility to check, if one Radius is not reachable or not working ?
- are there any local possibillities on the IVE (like scripting) to check the Radius authentication ?
3. snmptrap Implementation:
- in the snmptrap I cannot see which AuthServer has a Problem, the IVE sends an "externalAuthServerUnreachable" message,
- is there any possibillty to see, which AuthServer is unreachable ?
thx in advance
You need a 3rd party alerting program like WhatsUP Gold. You can ping each LDAP server and also check to see if the services are active on the LDAP or Radius Ports through service checks. Do this for each server and have an email sent to you when either one goes down.
WhatsUpGold is cheap but there is freeware that can do the same thing.
thx for the info.
I already have some 3rd party tools, but I wanna check also the network between my SSL-GW and the LDAP and Radius, not only the functionality of the LDAP and Radius,
So I thought there are some other implementations on the SSL-GW.