某局点S5560X-54S-EI portal异常

现场portal认证（url成功后），发现输入用户名密码后认证不成功，收集了debug，只有http的，其中的error应该是设备自己产生的证书原因

[14:07:13:928]radius scheme radius1

[14:07:13:928] primary authentication 10.32.186.37

[14:07:13:929] primary accounting 10.32.186.37 1812

[14:07:13:931] key authentication cipher $c$3$lwVqYD1EIEfbqstTUdfVwtr347KGKDj/h9lFiiMdlA==

[14:07:13:932] key accounting cipher $c$3$EsX4CmyItU3lt9TE5T3zfsmyHI/bbI3L+7aHa6oVfQ==

[14:07:13:933] user-name-format without-domain

[14:07:13:934] nas-ip 10.109.117.1

[14:07:13:937]#

[14:07:13:938]radius scheme system

[14:07:13:939] user-name-format without-domain

[14:07:13:940]#

[14:07:13:941]domain dm1

[14:07:13:942] authentication portal radius-scheme radius1

[14:07:13:943] authorization portal radius-scheme radius1

[14:07:13:944] accounting portal radius-scheme radius1

[14:07:13:947] domain default enable dm1

[14:07:14:429] portal free-rule 2 destination ip 10.32.184.5 255.255.255.255

[14:07:14:430] portal free-rule 3 destination ip 10.32.186.37 255.255.255.255

[14:07:14:431] portal free-rule 4 destination ip 10.109.117.1 255.255.255.255

[14:07:14:432]#

[14:07:14:432]portal web-server newpt

[14:07:14:433] url https://10.32.186.37:54321

[14:07:14:434]#

[14:07:14:434]portal server newpt

[14:07:14:437] ip 10.32.186.37 key cipher $c$3$MJ/GroazrZ5NPdAuiWjovoVZAUg1TySbI3pO7sY6uA==

[14:07:14:437] port 2000

84]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Allocated HTTP data length(132).

[14:43:41:388]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Reassembled packet successfully, and stream processing completed.

[14:43:41:392]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Parsed header(len=14) successfully for getting original URL.

[14:43:41:394]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Got method(1) and URI(len=1) successfully.

[14:43:41:397]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Got host(weixin.qq.com) successfully.

[14:43:41:399]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Got original URL(http://weixin.qq.com/) successfully.

[14:43:41:402]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Processed and responded to redirect packet(flag:0x18) successfully.

[14:43:41:405]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Data needed to send: len=358.

[14:43:41:409]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Appended TCP packet to respond to mbuf packet: mss=1024, len=378, seq=c09, ack=767352e7.

[14:43:41:411]*Jan  1 05:04:01:783 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Data sent: len=358, data left: len=0.

[14:43:41:418]*Jan  1 05:04:01:785 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Received the packet(flag:0x10, datalen:0, srcIP:10.109.117.8, dstIP:140.207.122.242, seq:0x767352e7, ack:0xd70, sport:24629, dport:80).

[14:43:41:423]*Jan  1 05:04:01:785 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Assembled TCP cheat packet(flag:0x10) is null.

[14:43:41:431]*Jan  1 05:04:01:786 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Received the packet(flag:0x11, datalen:0, srcIP:10.109.117.8, dstIP:140.207.122.242, seq:0x767352e7, ack:0xd70, sport:24629, dport:80).

[14:43:41:434]*Jan  1 05:04:01:786 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Appended TCP packet to respond to mbuf packet: mss=1024, len=20, seq=d70, ack=767352e8.

[14:43:41:437]*Jan  1 05:04:01:786 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Assembled TCP cheat packet(flag:0x11) successfully.

[14:43:41:440]*Jan  1 05:04:01:786 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Responded by TCP cheat packet(flag:0x11) successfully.

[14:43:41:830]*Jan  1 05:04:02:328 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Aging timer timeout: timelen=3.

[14:43:43:161]*Jan  1 05:04:03:614 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Received the packet(flag:0x2, datalen:0, srcIP:10.109.117.8, dstIP:114.112.207.66, seq:0x6463efb6, ack:0x0, sport:24630, dport:443).

[14:43:43:164]*Jan  1 05:04:03:614 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Created a client node successfully.

[14:43:43:167]*Jan  1 05:04:03:614 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Processing outgoing IPv4 packet.

[14:43:43:169]*Jan  1 05:04:03:615 2021 yhq-lyh-zww-hj-06 HTTPREDR/7/EVENT: Delivered to HTTP redirect module successfully.

[14:07:33:021]10.109.117.8    088f-c31b-72d2 909           GE1/0/10                 1192  D  

最后一个http回复的url也是对的。但是pc没有发起http连接。现场windows10，换过终端故障一样。

portal服务器和radius服务器配置没有指定vpn

指定vpn后解决