• 全部
  • 经验案例
  • 典型配置
  • 技术公告
  • FAQ
  • 漏洞说明
  • 全部
  • 全部
  • 大数据引擎
  • 知了引擎
产品线
搜索
取消
案例类型
发布者
是否解决
是否官方
时间
搜索引擎
匹配模式
高级搜索

E5130 V7+windows 2012 Radius认证问题

2020-09-25提问
  • 0关注
  • 1收藏,1549浏览
Oliver
Oliver 零段
粉丝:0人 关注:0人

问题描述:

设置列表

  • 有序列表
  • 无序列表

对齐方式

  • 靠左
  • 居中
  • 靠右

最近想把几台E5130S的H3C交换机通过Radius验证远程telnet管理

遇到了Radius服务器验证通过,但是交换机登录不上的问题

交换机配置如下:



debug的信息也没出现报错,开始accouting就直接关闭会话了

*Sep  8 14:13:20:439 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Processing RADIUS authentication.

*Sep  8 14:13:20:439 2020 XXYY RADIUS/7/EVENT:

Processing AAA request data.

*Sep  8 14:13:20:439 2020 XXYY RADIUS/7/EVENT:

Got request data successfully, primitive: authentication.

*Sep  8 14:13:20:440 2020 XXYY RADIUS/7/EVENT:

Getting RADIUS server info.

*Sep  8 14:13:20:440 2020 XXYY RADIUS/7/EVENT:

Got RADIUS server info successfully.

*Sep  8 14:13:20:440 2020 XXYY RADIUS/7/EVENT:

Created request context successfully.

*Sep  8 14:13:20:441 2020 XXYY RADIUS/7/EVENT:

Created request packet successfully, dstIP: Y.Y.Y.Y, dstPort: 1812, VPN instance: --(public), socketFd: 27, pktID: 150.

*Sep  8 14:13:20:441 2020 XXYY RADIUS/7/EVENT:

Added packet socketfd to epoll successfully, socketFd: 27.

*Sep  8 14:13:20:441 2020 XXYY RADIUS/7/EVENT:

Mapped PAM item to RADIUS attribute successfully.

*Sep  8 14:13:20:442 2020 XXYY RADIUS/7/EVENT:

Got RADIUS username format successfully, format: 2.

*Sep  8 14:13:20:442 2020 XXYY RADIUS/7/EVENT:

Added attribute user-name successfully, user-name: A1770.

*Sep  8 14:13:20:444 2020 XXYY RADIUS/7/EVENT:

Filled RADIUS attributes in packet successfully.

*Sep  8 14:13:20:444 2020 XXYY RADIUS/7/EVENT:

Composed request packet successfully.

*Sep  8 14:13:20:444 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Sent authentication request successfully.

*Sep  8 14:13:20:444 2020 XXYY RADIUS/7/EVENT:

Created response timeout timer successfully.

*Sep  8 14:13:20:445 2020 XXYY RADIUS/7/PACKET:

    User-Name="A1770"

    NAS-Identifier="XXYY"

    Framed-IP-Address=172.16.33.99

    Acct-Session-

    User-Password=******

    Service-Type=Login-User

    NAS-IP-Address=x.x.x.x

    H3c-Product-

    H3c-Nas-Startup-Timestamp=1573202940

*Sep  8 14:13:20:446 2020 XXYY RADIUS/7/EVENT:

Sent request packet successfully.

*Sep  8 14:13:20:447 2020 XXYY RADIUS/7/PACKET:

 01 96 00 99 1c 89 55 57 d9 14 b1 38 b7 3d af ae

 ce 68 84 64 01 07 41 31 37 37 30 20 0c 6a 72 32

 2d 31 2d 32 46 4e 32 08 06 ac 10 21 63 2c 29 30

 30 30 30 30 30 30 31 32 30 32 30 30 39 30 38 30

 36 31 33 32 30 30 30 30 30 30 30 30 31 30 38 31

 39 37 33 33 33 37 02 12 bd 02 dd 45 6c 32 36 1d

 5b dc b5 30 6a 60 37 43 06 06 00 00 00 01 04 06

 ac 10 38 4e 1a 19 00 00 63 a2 ff 13 48 33 43 20

 53 35 31 33 30 53 2d 35 32 50 2d 45 49 1a 0c 00

 00 63 a2 3b 06 5d c5 2b fc

*Sep  8 14:13:20:447 2020 XXYY RADIUS/7/EVENT:

Sent request packet and create request context successfully.

*Sep  8 14:13:20:448 2020 XXYY RADIUS/7/EVENT:

Added request context to global table successfully.

*Sep  8 14:13:20:448 2020 XXYY RADIUS/7/EVENT:

Processing AAA request data.

*Sep  8 14:13:20:448 2020 XXYY RADIUS/7/EVENT:

Reply SocketFd recieved EPOLLIN event.

*Sep  8 14:13:20:449 2020 XXYY RADIUS/7/EVENT:

Received reply packet succuessfully.

*Sep  8 14:13:20:449 2020 XXYY RADIUS/7/EVENT:

Found request context, dstIP: Y.Y.Y.Y, dstPort: 1812, VPN instance: --(public), socketFd: 27, pktID: 150.

*Sep  8 14:13:20:449 2020 XXYY RADIUS/7/EVENT:

The reply packet is valid.

*Sep  8 14:13:20:450 2020 XXYY RADIUS/7/EVENT:

Decoded reply packet successfully.

*Sep  8 14:13:20:450 2020 XXYY RADIUS/7/PACKET:

    Idle-Timeout=1200

    Service-Type=Login-User

    Session-Timeout=59940

    Class=0xb5ec09790000013700010200ac102bc700000000193b4dc893e74cc801d685a61c64cb460000000000000005

    Microsoft-Attr-14=0x00000032

    Microsoft-Attr-15=0x00000078

*Sep  8 14:13:20:451 2020 XXYY RADIUS/7/PACKET:

 02 96 00 6c 25 cc 54 93 a7 d8 4c dd eb 07 f1 d1

 35 31 19 4c 1c 06 00 00 04 b0 06 06 00 00 00 01

 1b 06 00 00 ea 24 19 2e b5 ec 09 79 00 00 01 37

 00 01 02 00 ac 10 2b c7 00 00 00 00 19 3b 4d c8

 93 e7 4c c8 01 d6 85 a6 1c 64 cb 46 00 00 00 00

 00 00 00 05 1a 0c 00 00 01 37 0e 06 00 00 00 32

 1a 0c 00 00 01 37 0f 06 00 00 00 78

*Sep  8 14:13:20:451 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Fetched authentication reply-data successfully, resultCode: 0

*Sep  8 14:13:20:451 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Received authentication reply message, resultCode: 0

*Sep  8 14:13:20:453 2020 XXYY RADIUS/7/EVENT:

Sent reply message successfully.

*Sep  8 14:13:20:454 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Processing RADIUS authorization.

*Sep  8 14:13:20:456 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: RADIUS Authorization successfully.

*Sep  8 14:13:20:473 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: RADIUS accounting started.

*Sep  8 14:13:20:474 2020 XXYY RADIUS/7/EVENT:

Processing AAA request data.

*Sep  8 14:13:20:474 2020 XXYY RADIUS/7/EVENT:

Got request data successfully, primitive: accounting-start.

*Sep  8 14:13:20:474 2020 XXYY RADIUS/7/EVENT:

Getting RADIUS server info.

*Sep  8 14:13:20:475 2020 XXYY RADIUS/7/EVENT:

Got RADIUS server info successfully.

*Sep  8 14:13:20:475 2020 XXYY RADIUS/7/EVENT:

Created request context successfully.

*Sep  8 14:13:20:475 2020 XXYY RADIUS/7/EVENT:

Created request packet successfully, dstIP: Y.Y.Y.Y, dstPort: 1813, VPN instance: --(public), socketFd: 27, pktID: 141.

*Sep  8 14:13:20:475 2020 XXYY RADIUS/7/EVENT:

Added packet socketfd to epoll successfully, socketFd: 27.

*Sep  8 14:13:20:475 2020 XXYY RADIUS/7/EVENT:

Mapped PAM item to RADIUS attribute successfully.

*Sep  8 14:13:20:475 2020 XXYY RADIUS/7/EVENT:

Got RADIUS username format successfully, format: 2.

*Sep  8 14:13:20:476 2020 XXYY RADIUS/7/EVENT:

Added attribute user-name successfully, user-name: A1770.

*Sep  8 14:13:20:476 2020 XXYY RADIUS/7/EVENT:

Filled RADIUS attributes in packet successfully.

*Sep  8 14:13:20:476 2020 XXYY RADIUS/7/EVENT:

Composed request packet successfully.

*Sep  8 14:13:20:476 2020 XXYY RADIUS/7/EVENT:

Created response timeout timer successfully.

*Sep  8 14:13:20:478 2020 XXYY RADIUS/7/PACKET:

    User-Name="A1770"

    Framed-IP-Address=172.16.33.99

    Acct-Session-

    NAS-Identifier="XXYY"

    Class=0xb5ec09790000013700010200ac102bc700000000193b4dc893e74cc801d685a61c64cb460000000000000005

    NAS-IP-Address=x.x.x.x

    Acct-Authentic=RADIUS

    Acct-Status-Type=Start

    Acct-Delay-Time=0

    Event-Timestamp="Sep  8 2020 14:13:20 beijing"

    H3c-Product-

    H3c-Nas-Startup-Timestamp=1573202940

*Sep  8 14:13:20:479 2020 XXYY RADIUS/7/EVENT:

Sent request packet successfully.

*Sep  8 14:13:20:480 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Sent accounting-start request successfully.

*Sep  8 14:13:20:481 2020 XXYY RADIUS/7/PACKET:

 04 8d 00 c7 c5 3c 41 3b 98 8e 89 f9 53 76 d7 ac

 a1 a0 69 54 01 07 41 31 37 37 30 08 06 ac 10 21

 63 2c 29 30 30 30 30 30 30 30 31 32 30 32 30 30

 39 30 38 30 36 31 33 32 30 30 30 30 30 30 30 30

 31 30 38 31 39 37 33 33 33 37 20 0c 6a 72 32 2d

 31 2d 32 46 4e 32 19 2e b5 ec 09 79 00 00 01 37

 00 01 02 00 ac 10 2b c7 00 00 00 00 19 3b 4d c8

 93 e7 4c c8 01 d6 85 a6 1c 64 cb 46 00 00 00 00

 00 00 00 05 04 06 ac 10 38 4e 2d 06 00 00 00 01

 28 06 00 00 00 01 29 06 00 00 00 00 37 06 5f 57

 21 00 1a 19 00 00 63 a2 ff 13 48 33 43 20 53 35

 31 33 30 53 2d 35 32 50 2d 45 49 1a 0c 00 00 63

 a2 3b 06 5d c5 2b fc

*Sep  8 14:13:20:481 2020 XXYY RADIUS/7/EVENT:

Sent request packet and create request context successfully.

*Sep  8 14:13:20:482 2020 XXYY RADIUS/7/EVENT:

Added request context to global table successfully.

*Sep  8 14:13:20:482 2020 XXYY RADIUS/7/EVENT:

Processing AAA request data.

*Sep  8 14:13:20:482 2020 XXYY RADIUS/7/EVENT:

Reply SocketFd recieved EPOLLIN event.

*Sep  8 14:13:20:482 2020 XXYY RADIUS/7/EVENT:

Received reply packet succuessfully.

*Sep  8 14:13:20:483 2020 XXYY RADIUS/7/EVENT:

Found request context, dstIP: Y.Y.Y.Y, dstPort: 1813, VPN instance: --(public), socketFd: 27, pktID: 141.

*Sep  8 14:13:20:483 2020 XXYY RADIUS/7/EVENT:

The reply packet is valid.

*Sep  8 14:13:20:484 2020 XXYY RADIUS/7/EVENT:

Decoded reply packet successfully.

*Sep  8 14:13:20:484 2020 XXYY RADIUS/7/PACKET:

 05 8d 00 14 d2 45 0c 53 bc fe fd c7 92 c6 36 e5

 0d 93 48 80

*Sep  8 14:13:20:484 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Fetched accounting-start reply-data successfully, resultCode: 0

*Sep  8 14:13:20:485 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Received accounting-start reply message, resultCode: 0

*Sep  8 14:13:20:499 2020 XXYY RADIUS/7/EVENT:

Sent reply message successfully.

*Sep  8 14:13:20:521 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: RADIUS accounting stopped.

*Sep  8 14:13:20:522 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Sent accounting-stop request successfully.

*Sep  8 14:13:20:522 2020 XXYY RADIUS/7/EVENT:

Processing AAA request data.

*Sep  8 14:13:20:522 2020 XXYY RADIUS/7/EVENT:

Got request data successfully, primitive: accounting-stop.

*Sep  8 14:13:20:523 2020 XXYY RADIUS/7/EVENT:

Getting RADIUS server info.

*Sep  8 14:13:20:523 2020 XXYY RADIUS/7/EVENT:

Got RADIUS server info successfully.

*Sep  8 14:13:20:523 2020 XXYY RADIUS/7/EVENT:

Created request context successfully.

*Sep  8 14:13:20:523 2020 XXYY RADIUS/7/EVENT:

Created request packet successfully, dstIP: Y.Y.Y.Y, dstPort: 1813, VPN instance: --(public), socketFd: 27, pktID: 142.

*Sep  8 14:13:20:524 2020 XXYY RADIUS/7/EVENT:

Added packet socketfd to epoll successfully, socketFd: 27.

*Sep  8 14:13:20:524 2020 XXYY RADIUS/7/EVENT:

Mapped PAM item to RADIUS attribute successfully.

*Sep  8 14:13:20:524 2020 XXYY RADIUS/7/EVENT:

Got RADIUS username format successfully, format: 2.

*Sep  8 14:13:20:524 2020 XXYY RADIUS/7/EVENT:

Added attribute user-name successfully, user-name: A1770.

*Sep  8 14:13:20:524 2020 XXYY RADIUS/7/EVENT:

Filled RADIUS attributes in packet successfully.

*Sep  8 14:13:20:525 2020 XXYY RADIUS/7/EVENT:

Composed request packet successfully.

*Sep  8 14:13:20:525 2020 XXYY RADIUS/7/EVENT:

Created response timeout timer successfully.

*Sep  8 14:13:20:526 2020 XXYY RADIUS/7/PACKET:

    User-Name="A1770"

    Framed-IP-Address=172.16.33.99

    Acct-Session-

    NAS-Identifier="XXYY"

    Class=0xb5ec09790000013700010200ac102bc700000000193b4dc893e74cc801d685a61c64cb460000000000000005

    NAS-IP-Address=x.x.x.x

    Acct-Session-Time=0

    Acct-Authentic=RADIUS

    Acct-Status-Type=Stop

    Acct-Delay-Time=0

    Event-Timestamp="Sep  8 2020 14:13:20 beijing"

    H3c-Product-

    H3c-Nas-Startup-Timestamp=1573202940

*Sep  8 14:13:20:527 2020 XXYY RADIUS/7/EVENT:

Sent request packet successfully.

*Sep  8 14:13:20:532 2020 XXYY RADIUS/7/PACKET:

 04 8e 00 cd 99 1e f3 1d 39 70 c2 bd fa ba e1 ec

 26 3a f0 f8 01 07 41 31 37 37 30 08 06 ac 10 21

 63 2c 29 30 30 30 30 30 30 30 31 32 30 32 30 30

 39 30 38 30 36 31 33 32 30 30 30 30 30 30 30 30

 31 30 38 31 39 37 33 33 33 37 20 0c 6a 72 32 2d

 31 2d 32 46 4e 32 19 2e b5 ec 09 79 00 00 01 37

 00 01 02 00 ac 10 2b c7 00 00 00 00 19 3b 4d c8

 93 e7 4c c8 01 d6 85 a6 1c 64 cb 46 00 00 00 00

 00 00 00 05 04 06 ac 10 38 4e 2e 06 00 00 00 00

 2d 06 00 00 00 01 28 06 00 00 00 02 29 06 00 00

 00 00 37 06 5f 57 21 00 1a 19 00 00 63 a2 ff 13

 48 33 43 20 53 35 31 33 30 53 2d 35 32 50 2d 45

 49 1a 0c 00 00 63 a2 3b 06 5d c5 2b fc

*Sep  8 14:13:20:532 2020 XXYY RADIUS/7/EVENT:

Sent request packet and create request context successfully.

*Sep  8 14:13:20:532 2020 XXYY RADIUS/7/EVENT:

Added request context to global table successfully.

*Sep  8 14:13:20:533 2020 XXYY RADIUS/7/EVENT:

Processing AAA request data.

*Sep  8 14:13:20:533 2020 XXYY RADIUS/7/EVENT:

Reply SocketFd recieved EPOLLIN event.

*Sep  8 14:13:20:533 2020 XXYY RADIUS/7/EVENT:

Received reply packet succuessfully.

*Sep  8 14:13:20:533 2020 XXYY RADIUS/7/EVENT:

Found request context, dstIP: Y.Y.Y.Y, dstPort: 1813, VPN instance: --(public), socketFd: 27, pktID: 142.

*Sep  8 14:13:20:534 2020 XXYY RADIUS/7/EVENT:

The reply packet is valid.

*Sep  8 14:13:20:534 2020 XXYY RADIUS/7/EVENT:

Decoded reply packet successfully.

*Sep  8 14:13:20:538 2020 XXYY RADIUS/7/PACKET:

 05 8e 00 14 1a 10 ee f4 5b 69 a6 a4 fc b6 3f 9a

 e4 ca 03 33

*Sep  8 14:13:20:539 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Fetched accounting-stop reply-data successfully, resultCode: 0

*Sep  8 14:13:20:539 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: Received accounting-stop reply message, resultCode: 0

*Sep  8 14:13:20:540 2020 XXYY RADIUS/7/EVENT:

Sent reply message successfully.

组网及组网描述:

设置列表

  • 有序列表
  • 无序列表

对齐方式

  • 靠左
  • 居中
  • 靠右


最佳答案

Sonja777
Sonja777 八段
粉丝:18人 关注:0人

*Sep  8 14:13:20:499 2020 XXYY RADIUS/7/EVENT:

Sent reply message successfully.

*Sep  8 14:13:20:521 2020 XXYY RADIUS/7/EVENT:

PAM_RADIUS: RADIUS accounting stopped.

发了reply报文立刻就报了stop,一般这种情况要么是配置问题要么是账号密码问题,可以检查一下。

就是这一条我也很奇怪,windows的NPS和交换机就是最普通的配置,至于账号密码查了也没问题,搞不懂为什么交换机这边会发一条请求stop的信息

Oliver 发表时间:2020-09-25 更多>>

就是这一条我也很奇怪,windows的NPS和交换机就是最普通的配置,至于账号密码查了也没问题,搞不懂为什么交换机这边会发一条请求stop的信息

Oliver 发表时间:2020-09-25
0 个回答
按时间 按赞数

该问题暂时没有网友解答

编辑答案

你正在编辑答案

如果你要对问题或其他回答进行点评或询问,请使用评论功能。

分享扩散:

提出建议

    +
网站相关
关于我们
服务条款
帮助中心
经验与权限
积分规则
联系我们
联系我们
建议反馈
常用链接
标杆的神器下载
关注我们
H3C官网
新华三服务公众号
安仔远程运维服务
新华三商城
内容许可
除特别说明外,用户内容均可采用知识共享署名-相同方式共享3.0中国大陆许可协议进行许可

Copyright©2024新华三集团保留一切权利 当前呈现版本 NO.1

本图标版权归新华三集团所有,仅限本社区使用,切勿用做商业目的,违者必究

浙ICP备09064986号-1   浙公网安备 33010802004416号

亲~登录后才可以操作哦!

确定

亲~检测到您登陆的账号未在http://hclhub.h3c.com进行注册

注册后可访问此模块

跳转hclhub

你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作

举报

×

侵犯我的权益 >
对根叔社区有害的内容 >
辱骂、歧视、挑衅等(不友善)

侵犯我的权益

×

泄露了我的隐私 >
侵犯了我企业的权益 >
抄袭了我的内容 >
诽谤我 >
辱骂、歧视、挑衅等(不友善)
骚扰我

泄露了我的隐私

×

您好,当您发现根叔知了上有泄漏您隐私的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您认为哪些内容泄露了您的隐私?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)

侵犯了我企业的权益

×

您好,当您发现根叔知了上有关于您企业的造谣与诽谤、商业侵权等内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到 pub.zhiliao@h3c.com 邮箱,我们会在审核后尽快给您答复。
  • 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
  • 3. 是哪家企业?(营业执照,单位登记证明等证件)
  • 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

抄袭了我的内容

×

原文链接或出处

诽谤我

×

您好,当您发现根叔知了上有诽谤您的内容时,您可以向根叔知了进行举报。 请您把以下内容通过邮件发送到pub.zhiliao@h3c.com 邮箱,我们会尽快处理。
  • 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
  • 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
我们认为知名企业应该坦然接受公众讨论,对于答案中不准确的部分,我们欢迎您以正式或非正式身份在根叔知了上进行澄清。

对根叔社区有害的内容

×

垃圾广告信息
色情、暴力、血腥等违反法律法规的内容
政治敏感
不规范转载 >
辱骂、歧视、挑衅等(不友善)
骚扰我
诱导投票

不规范转载

×

举报说明