某局点 WX3540X Windows系统802.1x认证失败

WX3540X，Version 9.1.055, Release 1218P01

现场AC和IMC做了远程802.1X认证，使用手机认可以证成功，电脑用iNode客户端输入用户名和密码可以认证成功，但是使用Windows自带的连接输入用户名和密码提示：无法连接到这个网络

一、看AC日志有如下信息，第一次认证是带了host名称，所以提示服务器上用户不存在，第二次认证的时候，没有带host名称，还是认证失败了，提示：A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26.

根据之前的一些案例，设置Windows上终端网卡为用户身份验证，还是不行

DOT1X/5/DOT1X_WLAN_LOGIN_FAILURE: -Username=host/aaaaaaaaa-UserMAC=xxxx-xxxx-xxxx-BSSID=zzzz-xxxx-xxxx-SSID=Name-APName=AP-RadioID=1-VLANID=32; A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26. Server reason "E63018: The user does not exist or has not subscribed to this service."

DOT1X/5/DOT1X_WLAN_LOGIN_FAILURE: -Username=test-UserMAC=xxxx-xxxx-xxxx-BSSID=zzzz-zzzz-xxxx-SSID=Name-APName=AP-RadioID=2-VLANID=32; A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26.

二、在AC上debugging radius all，有如下信息，03代表服务器回复Access-Reject认证拒绝，联系IMC侧同事协助分析

*Aug  1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/PACKET:
    EAP-Message=0x04090004
    Message-Authenticator=0x66bab01c041290651e8abc8dc34c3503
*Aug  1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/PACKET:
 03 8a 00 2c 45 4c c8 52 b5 94 38 93 a2 36 10 a9                  
 7f ee 9c b6 4f 06 04 09 00 04 50 12 66 ba b0 1c
 04 12 90 65 1e 8a bc 8d c3 4c 35 03
*Aug  1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/EVENT: Sent reply message successfully.
*Aug  1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/EVENT: PAM_RADIUS: Processing RADIUS authentication.
*Aug  1 18:23:36:468 2024 H3C-AC-TEST RADIUS/7/EVENT: PAM_RADIUS: Fetched authentication reply-data successfully, resultCode: 1
%Aug  1 18:23:36:468 2024 H3C-AC-TEST DOT1X/5/DOT1X_WLAN_LOGIN_FAILURE: -Username=xxxx-UserMAC=xxxx-xxxx-xxxx-BSSID=xxxx-xxxx-xxxx-SSID=Name-APName=AP-RadioID=2-VLANID=32; A user failed 802.1X authentication.Reason:AAA processed authentication request and return 26.

最后IMC侧排查，EIA预置证书过期，重新导入证书后认证成功