WX3540X,Version 9.1.055, Release 1218P01
现场AC和IMC做了远程802.1X认证,使用手机认可以证成功,电脑用iNode客户端输入用户名和密码可以认证成功,但是使用Windows自带的连接输入用户名和密码提示:无法连接到这个网络
过程分析
一、看AC日志有如下信息,第一次认证是带了host名称,所以提示服务器上用户不存在,第二次认证的时候,没有带host名称,还是认证失败了,提示:A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26.
根据之前的一些案例,设置Windows上终端网卡为用户身份验证,还是不行
DOT1X/5/DOT1X_WLAN_LOGIN_FAILURE: -Username=host/aaaaaaaaa-UserMAC=xxxx-xxxx-xxxx-BSSID=zzzz-xxxx-xxxx-SSID=Name-APName=AP-RadioID=1-VLANID=32; A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26. Server reason "E63018: The user does not exist or has not subscribed to this service." DOT1X/5/DOT1X_WLAN_LOGIN_FAILURE: -Username=test-UserMAC=xxxx-xxxx-xxxx-BSSID=zzzz-zzzz-xxxx-SSID=Name-APName=AP-RadioID=2-VLANID=32; A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26.
二、在AC上debugging radius all,有如下信息,03代表服务器回复Access-Reject认证拒绝,联系IMC侧同事协助分析
*Aug 1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/PACKET: EAP-Message=0x04090004 Message-Authenticator=0x66bab01c041290651e8abc8dc34c3503 *Aug 1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/PACKET: 03 8a 00 2c 45 4c c8 52 b5 94 38 93 a2 36 10 a9 7f ee 9c b6 4f 06 04 09 00 04 50 12 66 ba b0 1c 04 12 90 65 1e 8a bc 8d c3 4c 35 03 *Aug 1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/EVENT: Sent reply message successfully. *Aug 1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/EVENT: PAM_RADIUS: Processing RADIUS authentication. *Aug 1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/EVENT: PAM_RADIUS: Fetched authentication reply-data successfully, resultCode: 1 %Aug 1 18:23:36:468 2024 H3C-AC-TEST DOT1X/5/DOT1X_WLAN_LOGIN_FAILURE: -Username=xxxx-UserMAC=xxxx-xxxx-xxxx-BSSID=xxxx-xxxx-xxxx-SSID=Name-APName=AP-RadioID=2-VLANID=32; A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26.
全部评论