No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Agile controller AD authentication successd but user offline after 2 minute

Publication Date:  2018-06-30 Views:  312 Downloads:  0
Issue Description

Customer want configuration the AD authentication via Agile controller, After user authenticate using AD users or local users, The user have IP from the right vlan and have log on the agile that the user authenticate successfully, but it take about two minutes then the Ethernet adapter present that the authentication failed and after about three minutes from that customer can’t reach anything in his network from that PC although the PC still have the right IP from its vlan.

Agile controller version is V100R003C30SPC102

Topology as follow:

PC----ONU----Agile Controller----AD

 

ONU is access device and the dot1x authentication point.


Alarm Information


Handling Process

Step 1 Suggest customer configuration windows DOT1X with follow production document

 

http://support.huawei.com/hedex/pages/EDOC1000150907AEG05247/05/EDOC1000150907AEG05247/05/resources/useros1x/c_useros1x_008.html?ft=0&fe=10&hib=14.3.5.2&id=c_useros1x_008&text=Configuring%2520Wired%2520802.1X%2520Authentication&docid=EDOC1000150907

 

Step 2 Packets Capture in issue PC and Agile

 

Analysis the packets we found:

After PC authentication success, ONU device send the EAP-request packet every 15 second after 6 times PC didn’t feedback the request packets then authentication fail.

Root Cause

Unreasonable configuration in ONU device about dot1x keepalive it cause the ONU send the eap-request packets every 15 second.


Solution

Disable the dot1x keepalive in ONU device.

Suggestions

N/A


END