No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
WLAN Troubleshooting Guide (V200)
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Case Study: STA Authentication Fails Due to Inconsistent Portal Protocol Versions on the AC and Portal Server

Case Study: STA Authentication Fails Due to Inconsistent Portal Protocol Versions on the AC and Portal Server

Symptom

When the AC connects to a third-party Portal server, STAs fail Portal authentication.

Relevant Alarms and Logs

None

Cause Analysis

The Portal protocol version configured on the AC is different from that configured on the Portal server. Specifically, the third-party server supports only Portal V1.0, but Portal V2.0 is manually configured on the AC.

Procedure

  1. Check the STA authentication process using the trace function.

    [AC] trace object mac-address sta-mac
[AC] trace object ip-address sta-ip
[AC] trace enable

    A message is displayed, indicating that the shared key configured on the Portal server must be the same as that configured on the AC.

  2. Ensure that the shared keys are the same. Reconfigure the shared key to ensure consistency.

    1. The third-party Portal server and RADIUS server use the same shared key.
    2. 802.1X+RADIUS authentication configured on the live network is working properly.
    3. After the shared key is changed using the following method, the system still displays a message indicating that the shared keys are inconsistent.
      <AC> system-view
[AC] web-auth-server test
[AC-web-auth-server-test] shared-key cipher test@123

  3. Check the Portal authentication configuration on the AC.

    <AC> display web-auth-server configuration 
  Listening port        : 2000 
  Portal                : version 2  
  Include reply message : enabled 
  Source-IP             : -  
  Server-Source         : - 
......

    The trace information shows that the Portal protocol version on the AC is different from that on the third-party server. The Portal server uses Portal protocol V1.0, but the AC supports only Portal protocol V2.0.

  4. The Portal protocol version cannot be changed on the Portal server. After the Portal protocol version on the AC is changed to V1.0 and V2.0, the problem is resolved.

    [AC] undo web-auth-server version

Suggestion and Summary

Currently, Portal V2.0 is widely used. To ensure normal communication, it is recommended that the default configuration of the device be used, that is, both Portal V1.0 and Portal V2.0 are supported.

Translation
简体中文
Download
Updated: 2023-12-01

Document ID: EDOC1000060368

Views: 1923760

Downloads: 6015

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :