AC控制器admin账号无法登录
- 0关注
- 0收藏,371浏览
问题描述:
可以确定密码是对的,从来没有改过,用telnet加了个radius认证的什么命令后就登不进去了,telnet界面提示AAA authentication failed,web界面提示登录失败,我附件上传了配置,有大神能帮忙看下什么情况吗
- 2023-12-28提问
- 举报
-
(0)
最佳答案
telnet指定radius认证了,所以本地用户失效。
console进吧,把相应命令删除一下,如果只是这条命令没保存的话 也可以重启下设备
- 2023-12-28回答
- 评论(5)
- 举报
-
(0)
方便说一下是哪条命令吗,可能已经保存了,昨天重启过了也没用
我在下面把配置重新发了一下
配置没问题,改一下密码 再试试
PC直连AC试试
[AC]dis cu
#
version 7.1.064, Release 5457
#
sysname AC
#
wlan global-configuration
calibrate-channel self-decisive enable all
calibrate-power self-decisive enable all
#
telnet server enable
#
dhcp enable
#
dns server 202.5.5.5
#
lldp global enable
#
password-recovery enable
#
vlan 1
#
vlan 10
#
vlan 20
#
vlan 30
#
vlan 50
#
vlan 4094
#
dhcp server ip-pool 1
gateway-list 192.168.0.100
network 192.168.0.0 mask 255.255.255.0
dns-list 192.168.0.100
#
dhcp server ip-pool 4094
gateway-list 10.40.94.1
network 10.40.92.0 mask 255.255.252.0
dns-list 10.40.94.1
#
dhcp server ip-pool vlan50
gateway-list 192.168.50.1
network 192.168.50.0 mask 255.255.255.0
dns-list 114.114.114.114 223.5.5.5
#
wlan service-template 1
ssid SMR_Corp
vlan 20
akm mode psk
preshared-key pass-phrase cipher $c$3$3cExuTkEg2rZp3XPFVjlPFgZwySaNg7TNXrUP7s2Hw==
cipher-suite ccmp
security-ie rsn
service-template enable
#
wlan service-template 2
ssid SMR_Pord
vlan 30
akm mode psk
preshared-key pass-phrase cipher $c$3$1lDrPQAXokM2OfpdmfGBDsC2pH7z96Xl4OkJJfVXEQ==
cipher-suite ccmp
security-ie rsn
service-template enable
#
wlan service-template 3
ssid SMR_Guest
vlan 50
akm mode psk
preshared-key pass-phrase cipher $c$3$VgpYlnv5IGuWriXtfk5qU21V/s7Pb5UIGxwJ
cipher-suite ccmp
security-ie rsn
service-template enable
#
wlan service-template h3c-g-d39c38
ssid H3C-G-D39C38
vlan 4094
#
wlan service-template nctest
ssid SMR_Corp_Test
vlan 20
akm mode dot1x
cipher-suite ccmp
security-ie rsn
client-security authentication-mode dot1x
dot1x re-authenticate enable
dot1x domain ***.***
service-template enable
#
interface NULL0
#
interface Vlan-interface1
ip address dhcp-alloc
#
interface Vlan-interface10
ip address 10.250.244.2 255.255.255.128
#
interface Vlan-interface20
ip address 10.250.245.2 255.255.255.0
#
interface Vlan-interface30
ip address 10.250.246.2 255.255.255.0
#
interface Vlan-interface50
ip address 192.168.50.1 255.255.255.0
#
interface Vlan-interface4094
ip address 10.40.94.1 255.255.252.0
dhcp server apply ip-pool 4094
#
interface GigabitEthernet1/0/4
port link-mode route
#
interface GigabitEthernet1/0/5
port link-mode route
ip address 223.83.136.47 255.255.255.192
nat outbound
#
interface GigabitEthernet1/0/6
port link-mode route
ip address dhcp-alloc
nat outbound
undo dhcp select server
#
interface GigabitEthernet1/0/1
port link-mode bridge
port link-type trunk
port trunk permit vlan all
#
interface GigabitEthernet1/0/2
port link-mode bridge
#
interface GigabitEthernet1/0/3
port link-mode bridge
#
scheduler logfile size 16
#
line class console
user-role network-admin
#
line class vty
user-role network-operator
#
line con 0
user-role network-admin
#
line vty 0 31
authentication-mode scheme
user-role network-operator
#
ip route-static 0.0.0.0 0 223.83.136.1
#
undo info-center logfile enable
#
ssh server enable
#
radius session-control enable
#
radius scheme radius
primary authentication 10.250.244.30 key cipher $c$3$L9T2lEmt4pcXJfB7KiwxUdOEOghU0pGKKjMpxg==
primary accounting 10.250.244.30 key cipher $c$3$U4JVQ1k4aSzwB90dI/q5aepl2xqkQ1WfaN4hjw==
key authentication cipher $c$3$jEgsROCLKy1K1pCWynGAhbLL0JBBH0xIIu/vAQ==
key accounting cipher $c$3$qMti4cVJ9zkf+cep5VrkKwVhYbLOfENdjGhv0w==
user-name-format without-domain
#
radius dynamic-author server
client ip 10.250.244.30 key cipher $c$3$QL5K9h++BqxxyWJ3G0i1PAs0UoflOAnSSkH+PQ==
#
domain ***.***
authentication login radius-scheme radius
authorization login radius-scheme radius
accounting login radius-scheme radius
authentication lan-access radius-scheme radius
authorization lan-access radius-scheme radius
accounting lan-access radius-scheme radius
authentication portal radius-scheme radius
authorization portal radius-scheme radius
accounting portal radius-scheme radius
#
domain system
#
domain default enable ***.***
#
role name level-0
description Predefined level-0 role
#
role name level-1
description Predefined level-1 role
#
role name level-2
description Predefined level-2 role
#
role name level-3
description Predefined level-3 role
#
role name level-4
description Predefined level-4 role
#
role name level-5
description Predefined level-5 role
#
role name level-6
description Predefined level-6 role
#
role name level-7
description Predefined level-7 role
#
role name level-8
description Predefined level-8 role
#
role name level-9
description Predefined level-9 role
#
role name level-10
description Predefined level-10 role
#
role name level-11
description Predefined level-11 role
#
role name level-12
description Predefined level-12 role
#
role name level-13
description Predefined level-13 role
#
role name level-14
description Predefined level-14 role
#
user-group system
#
local-user admin class manage
password hash $h$6$iqOLutEA3os+2DB/$4fAbNnDp5DD2HHJTlLNYbEaMxFWjStjNryQh1hFEiZD1+kT1bCYoGvurxZWZD0zgipRPbl/AqLenRszXf5ID/w==
service-type ssh telnet terminal http https
authorization-attribute user-role level-15
authorization-attribute user-role network-admin
#
portal web-server Radius
url http://10.250.244.30:8080/portal
#
netconf soap http enable
#
ip http enable
ip https enable
#
smartmc tm username admin password cipher $c$3$aSqpiE8dpZqa0sXFFz/FibUQRZEIQ7Op enable
#
wlan auto-ap enable
wlan auto-persistent enable
wlan tcp mss 1360
#
- 2023-12-28回答
- 评论(0)
- 举报
-
(0)
编辑答案
亲~登录后才可以操作哦!
确定你的邮箱还未认证,请认证邮箱或绑定手机后进行当前操作
举报
×
侵犯我的权益
×
侵犯了我企业的权益
×
- 1. 您举报的内容是什么?(请在邮件中列出您举报的内容和链接地址)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
- 3. 是哪家企业?(营业执照,单位登记证明等证件)
- 4. 您与该企业的关系是?(您是企业法人或被授权人,需提供企业委托授权书)
抄袭了我的内容
×
原文链接或出处
诽谤我
×
- 1. 您举报的内容以及侵犯了您什么权益?(请在邮件中列出您举报的内容、链接地址,并给出简短的说明)
- 2. 您是谁?(身份证明材料,可以是身份证或护照等证件)
对根叔社区有害的内容
×
不规范转载
×
举报说明