Note: The interface addresses of MA5200F and C2600 are 220.127.116.11 and 18.104.22.168 separately.
The interconnecting addresses of 2600 and PC are 22.214.171.124 and 126.96.36.199 separately. PC could ping through tothe uplink port address 188.8.131.52 of C2600, but not the downlink port address 184.108.40.206 of MA5200F, so users cannot open web pagge.
1. According to checkup for setting of PC, the IP address and mask are normal.
2. C2600 could ping through to MA5200 and PC, and it is configured with default route.
3. Check the configurations of MA5200:
1) Check the route, and MA5200F is configured with return route to PC network segment.
2) Through checkup, the user is not online.
3) Check the relevant configurations of L3 authentication, and it is found that the pre-authentication domain configured for users imports the default authentication and accounting policy (it is defaulted to radius authentication and accounting). However, the account related to radius authentication and accounting is not found, so users cannot access network. Change the authentication mode of pre-authentication domain to non-authentication and non-accounting, and the users could access network and ping through the interface address of MA5200, and open the web page.
1. The configuration of MA5200F is problematic.
2. The configuration of router is problematic.
3. The setting of PC is problematic.
The problem in this case arise from the problematci configuration of pre-authentication domain of MA5200.