Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring MCC to Monitor Connectivity Between SAE and RADIUS Server

 

You can use the /opt/UMC/mcc/etc/mcc-config.properties file to configure the Monitor Components Connectivity (MCC) component to monitor the connectivity state between SAE and RADIUS server periodically.

To configure MCC to monitor connectivity state between SAE and RADIUS server:

  1. In the /opt/UMC/mcc/etc/mcc-config.properties file, set the type attribute to sae-to-radius.
  2. Set the polling-interval attribute with a time interval at which you want the MCC to monitor the connectivity between the SAE and RADIUS server. By default, this attribute is set to 300000 milliseconds (that is, 5 minutes).
  3. Configure the rad-test-comm-code attribute to set a RADIUS test command code which you want to use for testing the connectivity of the RADIUS server.

    Setting the rad-test-comm-code attribute to Server-Status tests the connectivity by sending the Server-Status packet to the RADIUS server. The port used for the Server-Status packet is the actual RADIUS accounting port configured under the [edit shared sae group group-name configuration plug-ins name name radius-accounting peer-group name server-port] hierarchy level.

    If the RADIUS server does not support the Server-Status packet, you can set the rad-test-comm-code attribute to Access-Request. This setting tests the connectivity by sending the Access-Request packet to the RADIUS server. For Access-request, a test username, password, and port need to be configured using the rad-test-user, rad-test-pwd, and rad-auth-port attributes, respectively. The password should be base64 encoded. By default, the rad-auth-port is set to 1812.

    Note

    If there are more than one RADIUS server configured for accounting, then the RADIUS test command code configuration is applicable for all RADIUS servers. For example, if there are three RADIUS servers configured and if the rad-test-comm-code attribute is set to Server-Status, then all three RADIUS servers should support the Server-Status command code.

    Similarly, if the rad-test-comm-code attribute is set to Access-Request, all three RADIUS servers should be running in the configured port to do monitoring with the configured test username and password. Also, the test username and password configuration should be available in all three RADIUS servers.