终端--75e--服务器
接口下开启无感知认证后直接绕过认证,后台imc上面也没有用户在线信息,portalserver日志中没有接收到免认证信息。接口下关掉免认证后,portal认证正常
测试终端mac:30:65:EC:C4:C2:D2、ac92-325c-ce79
开启debug信息后,没有打印出与这两个mac相关的radius报文:
*Dec 31 11:21:14:730 2019 ERAL-ORTAL/7/EVENT: -MDC=1-Slot=2; Notify daemon new mac trigger rule added.
*Dec 31 11:21:13:916 2019 ERAL-ORTAL/7/EVENT: -MDC=1; MAC-trigger: Received new MAC event, interface=Vlan-interface102, MAC=ac92-325c-ce79, IP=192.168.30.106, ifIndexL2=233, vlan=102.
*Dec 31 11:21:14:730 2019 ERAL-ORTAL/7/RULE: -MDC=1-Slot=2;
MT_RULE:
InterfaceL3 = Vlan-interface102
InterfaceL2 = GigabitEthernet2/0/39
VLAN = 102
SrcMAC = ac92-325c-ce79
SrcIP = 192.168.30.106
*Dec 31 11:21:14:730 2019 ERAL-ORTAL/7/EVENT: -MDC=1-Slot=2; Notify portal daemon new mac trigger entry successfully.
*Dec 31 11:21:13:917 2019 ERAL-ORTAL/7/ERROR: -MDC=1;
The rule is created while setting user rule, set drv flag:0.
*Dec 31 11:21:13:917 2019 ERAL-ORTAL/7/RULE: -MDC=1;
查看设备日志:
*Dec 31 11:17:35:881 2019 ERAL-ORTAL/7/EVENT: -MDC=1; MAC-trigger: User's traffic has not reached the free-auth traffic upper threshold. User MAC=b0e5-ed94-2b12, user traffic=1342, threshold=1024000.
查看设备上配置了免认证阈值的功能:
free-traffic threshold命令用来配置用户免认证流量的阈值。
设备开启了基于MAC地址的快速认证功能时,用户在上线后都拥有一定的免认证流量。设备会在MAC-Trigger表项老化之前实时检测Portal用户收发的流量。当用户收发的流量还未达到设定的阈值时,允许用户访问外部网络资源;当用户收发的流量达到设定的阈值时,则触发基于MAC地址的快速认证。
将配置取消后,问题解决。