No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR Router Troubleshooting Guide

This Product Documentation provides guidance for maintaining AR Enterprise Router, covering common information collection and fault diagnostic commands, typical fault troubleshooting guide, and troubleshooting.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
When an AR Is Deployed as the LNS, RADIUS Is Used for Authentication and Accounting, and a User's PC Connects to the LNS Through L2TP Dial-up, Traffic Usage Information Is Not Contained in the Accounting Packet Reported When the User Goes Offline

When an AR Is Deployed as the LNS, RADIUS Is Used for Authentication and Accounting, and a User's PC Connects to the LNS Through L2TP Dial-up, Traffic Usage Information Is Not Contained in the Accounting Packet Reported When the User Goes Offline

This section provides a troubleshooting case for the following fault: In the scenario where an AR is deployed as the LNS, RADIUS is used for authentication and accounting, and a user's PC connects to the LNS through L2TP dial-up, traffic usage information is not contained in the accounting packet reported when the user goes offline.

Networking

Figure 25-26  Configuring remote users to initiate dial-up connections through an L2TP tunnel

LNS configurations:

#                                                                               
 l2tp enable                                                                    
#                                                                               
ip pool 1                                                                       
 network 172.16.0.0 mask 255.255.0.0                                         
 gateway-list 172.16.1.1                                                       
#                                                                               
aaa
 authentication-scheme default
 authentication-scheme ctlte
  authentication-mode radius                      
 authorization-scheme default
 accounting-scheme default
 accounting-scheme ctlte
  accounting-mode radius                
  accounting start-fail online
 domain default
 domain default_admin
 domain ctlte
  authentication-scheme ctlte
  accounting-scheme ctlte
  radius-server ctlte
 undo local-user admin
 local-user huawei password cipher %^%#{16f(*R7J'e%gjHTOvP.Ad@N+M#KM%>e6rSN[TF*%^%#
 local-user huawei privilege level 15
 local-user huawei service-type telnet terminal ssh ftp ppp web x25-pad bind 8021x http sslvpn                                                                                                      #                                                                               
interface Virtual-Template1                                                     
 ppp authentication-mode chap                                                   
 remote address pool 1                                                          
 ip address 172.16.1.1 255.255.0.0                                                                                     
#                                                                               
l2tp-group 1
 undo tunnel authentication                                                                    
 allow l2tp virtual-template 1 
#                                                                               
return

Fault Description

In the scenario where an AR is deployed as the LNS, RADIUS is used for authentication and accounting, and a user's PC connects to the LNS through L2TP dial-up, traffic usage information is not contained in the accounting packet reported when the user goes offline.

Fault Analysis

  1. On the LNS, run the display l2tp tunnel command. In the command output, verify that the L2TP tunnel and session have been established, indicating that the L2TP configuration is correct.
    [LNS] display l2tp tunnel
    
     Total tunnel : 1
     LocalTID RemoteTID RemoteAddress    Port   Sessions RemoteName
     2        14        172.29.255.25    1701   1        Benny-surface
  2. Obtain packet headers on the uplink interface of the LNS, as shown in Figure 2. According to the obtained packet headers, the accounting-stop packet does not contain the traffic usage information. The value of Acct-Session-Time is 4, indicating that the online duration of the user is 4 seconds. The analysis result indicates that accounting is based on the online duration but not traffic volume. Therefore, the accounting packet does not contain the traffic usage information. The function of collecting statistics on user traffic needs to be enabled in the authentication domain.
    Figure 25-27  Packet headers obtained on the interface

Procedure

Enable the function of collecting statistics on user traffic in the authentication domain.

<LNS> system-view
[LNS] aaa
[LNS-aaa] domain ctlte
[LNS-aaa-domain-ctlte] statistic enable

Conclusions and Suggestions

If an AR uses RADIUS for authentication and accounting, the statistic enable command needs to be executed to enable the function of collecting statistics on traffic of users in the authentication domain. Only after the function is enabled, the device can send collected traffic information to the server in accounting packets, and then the server can perform accounting by traffic volume for users.

Translation
Download
Updated: 2019-05-10

Document ID: EDOC1000079719

Views: 452251

Downloads: 4311

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next