问

H3C WX2540H 公网portal认证可以弹出认证页面，输入户密码点登录提示认证超时

Portal

2023-12-07提问

0关注
0收藏，349浏览

zhiliao_4jaxxE

zhiliao_4jaxxE 零段

粉丝：0人关注：0人

问题描述：

H3C WX2540H 公网portal认证，配置已完成，认证过程中，可以弹出认证页面，输入户密码点登录提示认证超时，dubug查看ac可以收到来自portal服务器响应且目的端口是2000，但ac未回包；wifi名xx-访客2，终端mac 32a5-3694-3503，外网radius 47开头，配置及debug信息见下，麻烦大佬帮助下

PAM_RADIUS: Fetched accounting-update reply-data successfully, resultCode: 0

*Dec 7 11:21:18:493 2023 H3C PORTAL/7/RULE:

[Outbound] permit the packet on the outbound {MatchRes = [Rule1-Permit]}.

IfName = WLAN-BSS1/0/2264, PortName = WLAN-BSS1/0/2264, Vlan = 504, DstMAC = 32a5-3694-3503,

SrcIP = 47.99.242.34, DstIP = 192.168.14.149

L4Protocol = 6, SrcPort = 8887, DstPort = 65517, VrfIndex = 0

*Dec 7 11:21:18:531 2023 H3C PORTAL/7/RULE:

[Inbound] execute full rule match, { MatchRes = [Rule2-Permit] }

IfName = WLAN-BSS1/0/2036, PortName = WLAN-BSS1/0/2036, Vlan = 504, SrcMAC = a4cf-997a-052b,

SrcIP = 192.168.14.58, DstIP = 157.148.41.214

L4Protocol = 6, SrcPort = 54419, DstPort = 443, VrfIndex = 0

*Dec 7 11:21:18:560 2023 H3C RADIUS/7/EVENT: Reply SocketFd recieved EPOLLIN event.

*Dec 7 11:21:18:560 2023 H3C RADIUS/7/EVENT: Received reply packet successfully.

*Dec 7 11:21:18:560 2023 H3C RADIUS/7/EVENT: Found request context, dstIP: 172.16.4.100, dstPort: 1812, VPN instance: --(public), socketFd: 219, pktID: 237.

*Dec 7 11:21:18:560 2023 H3C RADIUS/7/EVENT:

The reply packet is valid.

*Dec 7 11:21:18:560 2023 H3C RADIUS/7/EVENT:

最佳答案

Xcheng

Xcheng 九段

粉丝：121人关注：3人

检查下对接参数吧

目前看收到服务器会报的，联系服务器侧一起看下具体原因吧

比如是上送参数问题还是服务器未添加接入设备等

您好，服务器已添加接入设备，否则服务器不会回报，ac配置如下： wlan service-template guest_network description _2 ssid 辛选网络_访客2 vlan 504 portal enable method direct portal domain wb_domain portal bas-ip 192.168.14.10 portal apply web-server wb_portal_url service-template enable radius scheme wb_radius primary authentication 47.99.242.34 key cipher $c$3$4cSAJRY2/R75RTZ9IjdV86u41lVUd4qgbmv7Fkn1Tg== primary accounting 47.99.242.34 key cipher $c$3$eJwcqfn+oIYVgod062dCpmdVmFIw/JwRfchy9QcdHA== key authentication cipher $c$3$Qw2KRSAWRNm6TuA4ygNgSmfNmKvtokACqVrjnSXfHA== key accounting cipher $c$3$opyi3zbkkG2FzbaZR6FlNOLFoW43VsO8iX0sXdM6IA== user-name-format keep-original nas-ip 192.168.14.10 domain wb_domain authentication lan-access radius-scheme wb_radius authorization lan-access radius-scheme wb_radius accounting lan-access radius-scheme wb_radius authentication portal radius-scheme wb_radius authorization portal radius-scheme wb_radius accounting portal radius-scheme wb_radius portal free-rule 1 destination ip any udp 53 portal free-rule 2 destination ip 192.168.10.10 255.255.255.255 portal free-rule 3 destination ip 172.16.4.100 255.255.255.255 portal free-rule 4 destination ip 114.114.114.114 255.255.255.255 udp 53 portal free-rule 5 destination ip 1.15.158.106 255.255.255.255 udp 53 portal free-rule 7 destination ip any tcp 53 portal free-rule 8 destination ip 47.99.242.34 255.255.255.255 portal url-unescape-chars ? # portal web-server wb_portal_url url http://47.99.242.34:8887/ui/portal.html url-parameter nasip value 218.75.35.254 portal server wb_portal_server ip 47.99.242.34 key cipher $c$3$VNAf

zhiliao_4jaxxE 发表时间：2023-12-07

回复zhiliao_4jaxxE:

那就找服务器看下是那个报文或者那个模块异常吧。目前信息只能定位radius报文有回应。检查下吧

Xcheng 发表时间：2023-12-07