Got it
Huawei Enterprise Support Community
Community Forums WLAN
Can't access the web plat...

Can't access the web platform on Huawei AC6005-8-PWR

Created: Nov 29, 2017 13:46:36Latest reply: Feb 1, 2018 21:53:15 4766 6 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hello there, everyone!


This post is about the issue that I can't access the web platform on Huawei AC6005-8-PWR. Please see more below.


Huawei AC6005-8-PWR


ISSUE DESCRIPTION


Can't access the web platform on Huawei AC6005-8-PWR. It always redirects to the login form.


VERSION


Huawei Versatile Routing Platform Software
VRP (R) software, Version 5.170 (AC6005 V200R007C20SPC300)
Copyright (C) 2011-2017 HUAWEI TECH CO., LTD
Huawei AC6005-8 Router uptime is 0 week, 0 day, 1 hour, 6 minutes


CONFIGURATION


#
 http secure-server ssl-policy default_policy
 http server enable
#
undo portal url-encode enable
#
ssl renegotiation-rate 1 
#
authentication-profile name default_authen_profile
authentication-profile name dot1x_authen_profile
authentication-profile name mac_authen_profile
 mac-access-profile mac_access_profile
 portal-access-profile portal_access_profile
 authentication-scheme radius
 accounting-scheme default
 radius-server DECK
authentication-profile name portal_authen_profile
authentication-profile name macportal_authen_profile
#
portal web-authen-server https ssl-policy default_policy
#
diffserv domain default
#
radius-server template default
 radius-server shared-key cipher %^%#1~t)!FS;aSC!;tPmz2$.@@wh5:W]I-kUC\FczAWH%^%#
radius-server template DECK
 radius-server shared-key cipher %^%#Kqy#MWBl!*:.s!Lt}3.=TyA@HWU(X7NCv&:cZKz)%^%#
 radius-server authentication 192.168.30.55 1812 weight 80
 radius-server accounting 192.168.30.55 1813 weight 80
 calling-station-id mac-format hyphen-split mode2 uppercase
radius-server ip-address 192.168.30.55 shared-key cipher %^%#Cdq['etV_D<N#u-L!NYQXDp;<+(v/'yb;VUO:xYQ%^%# 
#
pki realm default
 rsa local-key-pair default
 enrollment self-signed
#
ssl policy default_policy type server
 pki-realm default
 version tls1.0 tls1.1 
 ciphersuite rsa_aes_128_cbc_sha 
#
acl name WebTrustIPList 2999  
#
ike proposal default
 encryption-algorithm aes-256 
 dh group14 
 authentication-algorithm sha2-256 
 authentication-method pre-share
 integrity-algorithm hmac-sha2-256 
 prf hmac-sha2-256 
#
free-rule-template name default_free_rule
#
url-template name urlTemplate_0
 url https://authportal.deck.lc
 url-parameter ac-ip AC-IP ac-mac AC-MAC ap-ip AP-IP ap-mac AP-MAC redirect-url redirect-url ssid ssid user-ipaddress user-ipaddress user-mac user-mac sysname sysname
 url-parameter mac-address format delimiter : normal
#
web-auth-server DECK
 server-ip 192.168.30.55
 port 50100                               
 shared-key cipher %^%#9AFc<7Ol%({l>UCQ:+,Xhss.$wD*a-Lr!$.kDW;,%^%#
 url-template urlTemplate_0
#
portal-access-profile name portal_access_profile
 web-auth-server DECK direct
#
aaa
 authentication-scheme default
 authentication-scheme radius
  authentication-mode radius
 authorization-scheme default
 accounting-scheme default
  accounting-mode radius
 domain default
  authentication-scheme default
 domain default_admin
  authentication-scheme default
 local-user test password irreversible-cipher $1a$y[yd>7~v17$,LJ+#~SUU<DZb&DrZ6Z93{w,*#`C@~8WZ>VLA`8'$
 local-user test privilege level 15
 local-user test service-type http
 local-user admin password irreversible-cipher %^%#p+{;TG4(J.'x6#Yi;u%%7If15,MC{'ks)(1}R))4DfSu0k#HSS*FdwN/Q"w#%^%#
 local-user admin privilege level 15
 local-user admin service-type ssh http
#
interface Vlanif1
 ip address 192.168.30.200 255.255.255.0
#
interface GigabitEthernet0/0/1
 port link-type access
#
interface GigabitEthernet0/0/2
#
interface GigabitEthernet0/0/3
#
interface GigabitEthernet0/0/4
#                                         
interface GigabitEthernet0/0/5
#
interface GigabitEthernet0/0/6
#
interface GigabitEthernet0/0/7
#
interface GigabitEthernet0/0/8
#
interface NULL0
#
 info-center timestamp log format-date
#
 undo snmp-agent 
#
 stelnet server enable 
 undo telnet server enable 
 undo telnet ipv6 server enable 
ssh server secure-algorithms cipher aes256_ctr aes128_ctr aes256_cbc aes128 3des
ssh server secure-algorithms hmac sha2_256 sha2_256_96 sha1 sha1_96 md5 md5_96
ssh server key-exchange dh_group14_sha1
ssh client secure-algorithms cipher aes256_ctr aes128_ctr aes256_cbc aes128 3des
ssh client secure-algorithms hmac sha2_256 sha2_256_96 sha1 sha1_96 md5 md5_96
ssh client key-exchange dh_group14_sha1
#
capwap source interface vlanif1
#
user-interface con 0
 authentication-mode password
 set authentication password cipher %^%#Xc-/O51@g2T6;:4)WfhFqV}L>9$b{M7f\4+_rQ6AoP154.US:'ls#'!p4xa>%^%#
 idle-timeout 240 0
user-interface vty 0
 authentication-mode aaa
 screen-length 36
 protocol inbound ssh
user-interface vty 1 4
 authentication-mode aaa                  
 protocol inbound ssh
user-interface vty 16 20
 protocol inbound all
#
port-group /
#
wlan
 traffic-profile name default
 security-profile name default
 security-profile name default-wds
  security wpa2 psk pass-phrase %^%#2Y*W+^f`CJvoONI>3aN3\sk`>\!T_(gV%,F.E|l-%^%# aes
  pmf optional
 security-profile name default-mesh
  security wpa2 psk pass-phrase %^%#w}JCED<i}KC|~[,oIOdNp=G&#B>f612k52Nhe)yB%^%# aes
 ssid-profile name default
 vap-profile name default
  authentication-profile mac_authen_profile
 wds-profile name default
 mesh-handover-profile name default
 mesh-profile name default
 regulatory-domain-profile name default
  country-code RU
 air-scan-profile name default
 rrm-profile name default
 radio-2g-profile name default
 radio-5g-profile name default
 wids-profile name default
 wireless-access-specification
 ap-system-profile name default
 port-link-profile name default
 wired-port-profile name default
 serial-profile name preset-enjoyor-toeap 
 ap whitelist mac 4cfa-cafe-e440
 ap-group name default
  radio 0
   vap-profile default wlan 1             
  radio 1
   vap-profile default wlan 1
 ap-id 1 type-id 56 ap-mac 4cfa-cafe-e440 ap-sn 21500829352SGA900614
  ap-group default
 provision-ap
#
device-profile profile-name @default_device_profile
 device-type default_type_phone
 enable
 rule 0 user-agent sub-match Android 
 rule 1 user-agent sub-match iPhone 
 rule 2 user-agent sub-match iPad 
 if-match rule 0 or rule 1 or rule 2
#
dot1x-access-profile name dot1x_access_profile
#
mac-access-profile name mac_access_profile
 mac-authen username macaddress format with-hyphen
#
 undo ntp-service enable
#
return


DEBUG


<AC6005>
Dec 27 2017 15:40:28.525.1+00:00 AC6005 HTTP/7/WEB_STATE:
 Receive data from socket port 443.
<AC6005>
Dec 27 2017 15:40:28.525.2+00:00 AC6005 HTTP/7/WEB_STATE:
  NOT exist:ConnectCount =1 ,szIpAddr=192.168.30.55,index =0
<AC6005>
Dec 27 2017 15:40:28.525.3+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_IsAttacker:VOS_ERR 
<AC6005>
Dec 27 2017 15:40:28.525.4+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_SaveRequest!
<AC6005>
Dec 27 2017 15:40:28.525.5+00:00 AC6005 HTTP/7/WEB_STATE:
 g_ulSessionWorkerTaskID: Need copy socket!
<AC6005>
Dec 27 2017 15:40:28.525.6+00:00 AC6005 HTTP/7/WEB_STATE:
 Copy socket success,source = 237, dest = 237!
<AC6005>
Dec 27 2017 15:40:28.525.7+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 11
<AC6005>
Dec 27 2017 15:40:28.525.8+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 200
<AC6005>
Dec 27 2017 15:40:28.535.1+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_WriteUserCallback(socketID:237):iRetVal = 161
<AC6005>
Dec 27 2017 15:40:28.535.2+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = -35
<AC6005>
Dec 27 2017 15:40:28.535.3+00:00 AC6005 HTTP/7/WEB_STATE:
 Task: 48,WEB SSL HandShaking.
<AC6005>
Dec 27 2017 15:40:28.535.4+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_SessionWorker_RcvData:ulCount=1
<AC6005>
Dec 27 2017 15:40:28.545.1+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 5
<AC6005>
Dec 27 2017 15:40:28.545.2+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 1
<AC6005>
Dec 27 2017 15:40:28.545.3+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 5
<AC6005>
Dec 27 2017 15:40:28.545.4+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 64
<AC6005>
Dec 27 2017 15:40:28.545.5+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 0
<AC6005>
Dec 27 2017 15:40:28.545.6+00:00 AC6005 HTTP/7/WEB_STATE:
 WEB_ReadUserCallback(socketID:237):VOS_Recv = 0
<AC6005>
Dec 27 2017 15:40:28.545.7+00:00 AC6005 HTTP/7/WEB_STATE:
 Session Worker Core Receive Headers Error.
<AC6005>
Dec 27 2017 15:40:28.545.8+00:00 AC6005 HTTP/7/WEB_STATE:
 Session Receive Header Data Error
<AC6005>
2017-12-27 07:40+00:00 AC6005 %NETCONF/4/LOGOUT(l)[0]:User test logout from 192.168.30.55
<AC6005>
Dec 27 2017 15:40:28.545.1+00:00 AC6005 HTTP/7/WEB_STATE:

 Session Receive Data Error,Need Delete Session


Thanks in advance for assisting me in my issue that I can't access the web platform on Huawei AC6005-8-PWR!

AC6005webconfiguration

Like (0) Dislike (0) Favorite(0) Share Report
Previous: HUAWEI Access Points Antenna Quick Start-Selection Policy
Next: [Wireless Access Points (FATAP) FAQs]--Others
Featured Answers

Best answer

(1) (0)
ptnof
Created Feb 1, 2018 21:53:15

Hey there!


accounting-scheme default
 accounting-mode radius

From aaa remove accounting radius, since it's being used by the domain default admin.

This happened to me yesterday☺

View more
  • x
  • convention:
All Answers
(0) (0)
2#
levide
levide Created Nov 29, 2017 13:51:11

logs show only:
2017-11-29 09:47+04:00 AC6005 %NETCONF/4/LOGOUT(l)[0]:User http logout from 192.168.30.55
2017-11-29 09:47+04:00 AC6005 %NETCONF/4/LOGOUT(l)[1]:User deck logout from 192.168.30.55
2017-11-29 09:47+04:00 AC6005 %NETCONF/4/LOGOUT(l)[2]:User deck logout from 192.168.30.55
View more
  • x
  • convention:
(0) (0)
3#
gululu
gululu Created Dec 12, 2017 06:09:03

please wait for help!
View more
  • x
  • convention:

levide
levide Created Dec 28, 2017 07:54:31 (0) (0)
i attach full config and debugging log
Dec 27 2017 15:40:28.545.8+00:00 AC6005 HTTP/7/WEB_STATE:
Session Receive Header Data Error 
(0) (0)
4#
WoodWood
WoodWood Created Dec 12, 2017 06:33:50

:)You can find corresponding TAC in this web site for technical support:http://e.huawei.com/en/service-hotline
View more
  • x
  • convention:
(0) (0)
5#
levide
levide Created Dec 28, 2017 07:52:57

Posted by user_2910347 at 2017-12-12 06:33 You can find corresponding TAC in this web site for technical support:http://e.huawei.com/en/serv ...
TAC waiting money =)
View more
  • x
  • convention:
(1) (0)
6#
ptnof
ptnof Created Feb 1, 2018 21:53:15

Hey there!


accounting-scheme default
 accounting-mode radius

From aaa remove accounting radius, since it's being used by the domain default admin.

This happened to me yesterday☺

View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.