WEB
WEB/4/PORTALSERVER_DOWN
Procedure
- Run the display server-detect state command to check whether the Portal server can work properly and whether the Portal service can be used properly.
- If the Portal server works properly, check the network connectivity between the Portal server and device. If the network connection is disconnected, restore the network connection.
- If the Portal server cannot work properly, restore the Portal server to the normal state.
- Collect log information and configuration information, and then contact technical support personnel.You can collect diagnostic information using the display diagnostic-information command.
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL
Message
Type 1:
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to execute 'free-rule acl acl-name [STRING1]' due to insufficient resources in slot [ULONG1].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to execute 'free-rule acl [ULONG2]' due to insufficient resources in slot [ULONG1].)
Type 2:
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to execute 'free-rule acl acl-name [STRING1]' in slot [ULONG1].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to execute 'free-rule acl [ULONG2]' in slot [ULONG1].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to delete free rule, template name [STRING2] rule id [ULONG3] slot id [ULONG1].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to add free rule, template name [STRING2] rule id [ULONG3].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to delete free rule, template name [STRING2] rule id [ULONG3].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to add web server ip, slot [ULONG1] template name [STRING2].)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to delete web server ip, slot [ULONG1] template name [STRING2].)
Type 3:
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to execute 'free-rule acl acl-name [STRING1]' in slot [ULONG1], because the UCL group index is greater than the upper limit.)
WEB/4/AUTHENTICATION_FREERULE_ACL_FAIL: (Fail to execute 'free-rule acl [ULONG2]' in slot [ULONG1], because the UCL group index is greater than the upper limit.)
Parameters
Parameter Name | Parameter Meaning |
---|---|
[STRING1] |
Indicates the ACL name. |
[STRING2] |
Indicates Portal server template name. |
[ULONG1] |
Indicates the slot ID. |
[ULONG2] |
Indicates the ACL number. |
[ULONG3] |
Indicates the free rule number. |
Procedure
- if type 1 log is generated, run the display acl resource slot slot-number command to check whether ACL resources are sufficient.
- If not, release ACL resources and then run the display acl resource slot slot-number command to check whether ACL resources are successfully released.
- If so, collect log and configuration information, and contact technical support personnel. You can collect diagnostic information using the display diagnostic-information command.
- If type 2 log is generated, collect log and configuration information, and contact technical support personnel. You can collect diagnostic information using the display diagnostic-information command.
- If type 3 log is generated, run the ucl-group group-index [ name group-name ] command to create the UCL group with the specified group index.
WEB/6/WEB_USER_QUIETTABLE_ADD
Message
WEB/6/WEB_USER_QUIETTABLE_ADD: The user is added to quiet-table.(IP:[IPADDR];VPN-Instance:[STRING])
Parameters
Parameter Name | Parameter Meaning |
---|---|
[IPADDR] | IP address of the Portal authentication user. |
[STRING] | VPN instance that the Portal authentication user belongs to. |
Possible Causes
After the quiet function is enabled, the number of authentication failures for the Portal authentication user exceeds the threshold within a configured quiet period.
There is a difference of no more than 15 seconds between the configured quiet period and the actual quiet period that takes effect.
WEB/6/WEB_USER_QUIETTABLE_DEL
Message
WEB/6/WEB_USER_QUIETTABLE_DEL: The user is deleted from quiet-table.(IP:[IPADDR];VPN-Instance:[STRING])
Parameters
Parameter Name | Parameter Meaning |
---|---|
[IPADDR] | IP address of the Portal authentication user. |
[STRING] | VPN that the Portal authentication user belongs to. |
WEB/6/WEB_ACL_RESOURCE_LACK
Procedure
- Run the display acl resource command to check whether ACL resources are sufficient.
- If not, release ACL resources and then run the display acl resource command to check whether ACL resources are successfully released.
- If so, ACLs fail to be delivered to the physical chip. Go to step 2.
- Collect log information and configuration information, and then contact technical support personnel.You can collect diagnostic information using the display diagnostic-information command.
WEB/6/WEB_ACL_HTTP_REG_FAIL
Message
WEB/6/WEB_ACL_HTTP_REG_FAIL: Failed to enable the external Portal server connection function: Protocol([STRING]),Port([ULONG]),SSL Policy([STRING])
Parameters
Parameter Name | Parameter Meaning |
---|---|
Protocol |
Protocol type. |
Port |
Port number. |
SSL Policy |
SSL policy. |
WEB/6/WEB_POST_LENGTH
Procedure
- Check whether POST authentication request packets are constructed
to initiate an attack.
- If so, locate the attack source and rectify the fault.
- If not, go to step 2.
- Collect log information and configuration information, and then contact technical support personnel.You can collect diagnostic information using the display diagnostic-information command.
WEB/4/WEB_REQID_PREFIX
WEB/6/USER_EVENT_WEB_PROC
Message
WEB/6/USER_EVENT_WEB_PROC: portal authentication procedure. (DeviceMac=[DeviceMac], UserMac=[UserMac], UserIP=[UserIp], UserName=[UserName], Result=[Result], Msg=[Msg], TIME=[TIME], AUTHID=[AUTHID])