Country/Region

Cannot access the Internet after Portal authentication

2024-06-21 14:54:06 Published
  • 0 Followed
  • 0Collected ,3626Browsed
Naomi

Network Topology

AC+Fit AP Cloud Cluster, Docking Scenarios with Third-party Servers


Problem Description

When the terminal reconnects to WiFi, the portal authentication page pops up normally, but after entering the portal user password, the WiFi icon is lost and the terminal cannot access the Internet.

Process Analysis

1. Collect debug information

- debugging radius all
- debugging portal all

2. Check debug

*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Portal server sangfor turned to UP state.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Set auth server to LMDB, ulRet = 0.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Success to get info from wlan snooping, vlan:194, mac:xxxx-xxxx-ef9e, userip:10.xx.1.xx.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Success to get ifindex(69456) and vlan(194) from IPCIM, user IP= 10.xx.1.xx  ,MAC=xxxx-xxxx-ef9e
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Successful to get ifIndex(69456) and VLAN(194) from IPCIM, user IP= 10.xx.1.xx ,MAC= xxxx-xxxx-ef9e .
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/ERROR: Authsm already exists while receiving REQ_AUTH for non-chap method.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Auth-SM[10.xx.1.xx]: Auth-SM processed the REQ_AUTH packet while in state 6.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/EVENT: Auth-SM[10.xx.1.xx]: Authsm already exists in state 6 while receiving REQ_AUTH.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/PACKET: Portal sent 23 bytes of packet[Type=ack_auth(4), ErrCode=2, IP= 10.xx.1.xx].
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/PACKET: Portal attributes information:
[  5 TEXTINFO            ] [  7] [AC999]
*Apr 19 15:02:08:403 2024 H3C-AC-WX3820X PORTAL/7/EVENT: -Slot=2; Set auth server to LMDB, ulRet = 0.
*Apr 19 15:02:08:248 2024 H3C-AC-WX3820X PORTAL/7/PACKET: Portal original packet:

3. The debug"s Error code is displayed to indicate that the AC device is telling the Portal Server that this link has been established.

4. After the customer deletes the Portal table entry, the terminal can connect to WiFi normally.

5. Verify the terminal verbose message and find that the idle-cut time is not set.


Solution

The problem is solved after configuring idle-cut time, and it is recommended to configure it in 1/3 of the DHCP lease.

Idle-cut command:

[AC]domain xxx

[AC]authorization-attribute idle-cut 10 10240

Please rate this case:   
0 Comments

No Comments

Add Comments:

Copyright© 2025 H3C reserves all rights to the current version NO.1

The copyright of this icon belongs to H3C. It is only for the use of this community. Do not use it for commercial purposes. Anyone who violates this icon will be prosecuted