Issue Description :
Customer portal end user will auto logout after 10 minutes , both PC and Phone have this issue , please support it urgent .
Alarm Information :
Radius Login and Logout log show that portal users will be logout after 10-15 minutes .
Handling Process:
Check diagnostic-information , confirm whether have some configuration wrong .
Request customer arrange one remote access for troubleshooting , this is the fast way to location the root cause.
Check Agile Controller global parameter whether have some configuration wrong , check result all are normal .
Login AC device , check the user offline reason .we get the user offline reason is user sync failed .
Check the configuration again , we found customer configured user-sync interval 100 max-times 5” on web-auth-server .
please refer to below trace information.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:State from
UP(substate:BUTT) to DELETING(substate:BUTT). (cib=9197, event=CONN_DOWN)
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]HSB event:The result of Query MasterSlave State is 4!
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]HSB event:The result of Query MasterSlave State is 4!
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM NAC Pre Delete Common].
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:Process user arp table for np
broad (userid:9197, ulRet:0).
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM NAC PreDo With Deleting Flag]. (IsDot1x=0, IsPortBased=0,
PortbasedAuthenStatus=0, AuthenMac=4294967281)
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]Del Nac User Acl (IsV6User=0)
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]CM NAC MC UpdateUserAuthInfo(UserGroupChanged=0).
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG](srcDownModule=48, TID IPC WLAN=cd, AuthType=3)
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM WLAN Get User Mac Update Flag]VlanId=254, vlanType=0,
Result=1
[BTRACE][2017/10/24 01:22:28][WLAN_AC][xxxx-xxxx-1234]:[WSTA]
WLAN_WSTA_UpDateStaAccessVlan Same Vlan Return
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]User current vlan is 254 with type 0.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]Web sync users.(PortalSvrIndex=0, SvrIndex=0, SyncTimes=6)
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA_MAIN initiate CmCutReq event to AAA_ACCT_EX module.
CID:9197 Result:0 Info:1192466664
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:CM WLAN Get Ap Info, ApId =
7.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:CM WLAN Get Ap Info. Ap Info is
D4C8-B014-B640.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:AAA_ACCT_EX send accounting
request message to AAA module (userid:9197).
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA send AAA_SRV_MSG_ACCT_REQ message to AAA module.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AcctType:Stop AcctMethod:RADIUS
AcctSessionID:AC6605000000000002548bef83009197
ucIfTwoLevelAcct:255 RTAcctInterval:65535 AuthedPlace:3
RdsGroup:1 TacTempletID:16 CopyRdsGroup:65535
UpBytes:[0,266998] DnBytes:[0,619393]
UpPkts:[0,1633] DnPkts:[0,949]
AcctStartTime:1508778753 UTCAcctStartTime:4294967295
UTCAcctStopTime:4294967295
AcctStartSeconds:4294967295 AcctStopSeconds:4294967295
SessionLength:595
UserName:fawaz@baha.local MAC:xxxx-xxxx-1234 Domain:72
AccessType:web AuthenCode:WEB
IP:10.70.64.152 Priority:[255,255]
Slot:0 SubSlot:0 Port:0 Interface:152
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA send AAA_SRV_MSG_ACCT_REQ message to AAA module.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AcctType:Stop AcctMethod:RADIUS
AcctSessionID:AC6605000000000002548bef83009197
ucIfTwoLevelAcct:255 RTAcctInterval:65535 AuthedPlace:3
RdsGroup:1 TacTempletID:16 CopyRdsGroup:65535
UpBytes:[0,266998] DnBytes:[0,619393]
UpPkts:[0,1633] DnPkts:[0,949]
AcctStartTime:1508778753 UTCAcctStartTime:4294967295
UTCAcctStopTime:4294967295
AcctStartSeconds:4294967295 AcctStopSeconds:4294967295
SessionLength:595
UserName:fawaz@baha.local MAC:xxxx-xxxx-1234 Domain:72
AccessType:web AuthenCode:WEB
IP:10.70.64.152 Priority:[255,255]
Slot:0 SubSlot:0 Port:0 Interface:152
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA_MAIN initiate StopAcctReq event to AAA_ACCT module.
CID:9197 Result:0 Info:1242362916
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA send AAA_RD_MSG_ACCTSTOPREQ message to RADIUS module.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
CID:103 TemplateNo:1
SrcMsg:AAA_RD_MSG_ACCTSTOPREQ
PriyServer:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
Vrf:4294967295
SendServer:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
Vrf:4294967295
CID:9197 AcctType:2 UserName:fawaz@baha.local
AcctSessionID:AC6605000000000002548bef83009197
Interface:152 SessionLength:595 TerminateCause:10
Authentic:1
UpBytes:[0,266998] DnBytes:[0,619393]
UpPkts:1633 DnPkts:949 FramedIP:172376216
NASPortType:19 Phy:0/0/0 Vlan:254
Priority:255/255 Timestamp:1508779348 FramedProtocol:1
Domain: IPHostAddr:10.70.64.152 f0:27:65:1b:2c:5a
UpCIR:0 UpPIR:0 DnCIR:0 DnPIR:0
[BTRACE][2017/10/24 01:22:28][RADIUS][xxxx-xxxx-1234]:Receive stop accounting
request message from AAA module.
[BTRACE][2017/10/24 01:22:28][RADIUS][xxxx-xxxx-1234]:
Send a accounting request packet to radius server( server ip =
10.10.70.101).
[BTRACE][2017/10/24 01:22:28][RADIUS][xxxx-xxxx-1234]:
Server Template: 1
Server IP : 10.10.70.101
Protocol: Standard
Code : 4
Len : 315
ID : 115
[User-Name
] [7 ] [fawaz]
[NAS-IP-Address
] [6 ] [10.70.38.1]
[NAS-Port
] [6 ] [254]
[Framed-IP-Address
] [6 ] [10.70.64.152]
[NAS-Identifier
] [8 ] [AC6605]
[Acct-Status-Type
] [6 ] [2]
[Acct-Delay-Time
] [6 ] [0]
[Acct-Input-Octets
] [6 ] [266998]
[Acct-Output-Octets
] [6 ] [619393]
[Acct-Session-Id
] [34] [AC6605000000000002548bef83009197]
[Acct-Authentic
] [6 ] [1]
[Acct-Session-Time
] [6 ] [595]
[Acct-Input-Packets
] [6 ] [1633]
[Acct-Output-Packets
] [6 ] [949]
[Acct-Terminate-Cause
] [6 ] [10]
[BTRACE][2017/10/24 01:22:28][RADIUS][xxxx-xxxx-1234]:
[Acct-Input-Gigawords
] [6 ] [0]
[Acct-Output-Gigawords
] [6 ] [0]
[Event-Timestamp
] [6 ] [1508779348]
[NAS-Port-Type
] [6 ] [19]
[Calling-Station-Id
] [16] [66 30 32 37 2D 36 35 31 62 2D 32 63 35 61 ]
[NAS-Port-Id
] [36] [slot=0;subslot=0;port=0;vlanid=254]
[Called-Station-Id
] [26] [D4-C8-B0-14-B6-40:BU_EMP]
[Framed-Protocol
] [6 ] [1]
[HW-IP-Host-Address
] [32] [10.70.64.152 f0:27:65:1b:2c:5a]
[HW-Connect-ID
] [6 ] [9197]
[HW-AP-Information
] [16] [D4C8-B014-B640]
[HW-Access-Type
] [6 ] [3]
[BTRACE][2017/10/24 01:22:28][RADIUS][xxxx-xxxx-1234]:
Received a accounting response packet from radius server(server ip =
10.10.70.101).
[BTRACE][2017/10/24 01:22:28][RADIUS][xxxx-xxxx-1234]:
Server Template: 1
Server IP : 10.10.70.101
Server Port : 1813
Protocol: Standard
Code : 5
Len : 20
ID : 115
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA receive AAA_RD_MSG_ACCTSTOP_ACK message from RADIUS module.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
CID:103 TemplateNo:1
SrcMsg:AAA_RD_MSG_ACCTSTOPREQ
PriyServer::: Vrf:0
SendServer::: Vrf:0
SessionTimeout:0 RemanentVolume:0
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA send AAA_SRV_MSG_ACCT_ACK message to AAA module.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
Result:0 AcctType:2
IfSessionTimeout:0 SessionTimeout:0
IfRemanentVolume:0 RemanentVolume:0
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA send AAA_SRV_MSG_ACCT_ACK message to AAA module.
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
Result:0 AcctType:2
IfSessionTimeout:0 SessionTimeout:0
IfRemanentVolume:0 RemanentVolume:0
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:
AAA_MAIN initiate AcctSuccess event to AAA_ACCT_EX module.
CID:9197 Result:0 Info:1191848460
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:AAA_ACCT_EX send cut command
ack message to UCM module (userid:9197).
[BTRACE][2017/10/24 01:22:28][AAA][xxxx-xxxx-1234]:User make accounting request
success (userid:9197).
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:CM receive
AAA_UCM_CUT_CMD_ACK from AAA module (msg code: 192 userid:9197).
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]
[CM NAC State Deleting Entity]LeavingFlag=67108864.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]UserGroupID = 65535 UclGroupID = 65535.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG](srcDownModule=48, TID IPC WLAN=cd, AuthType=3)
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM WLAN Get User Mac Update Flag]VlanId=254, vlanType=0,
Result=0
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]NotifyTM PreAuthFlag = 255, Cib AccessType = 22.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]NotifyTM UserGroup = 65535, UclGroup = 65535.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]RemarkDscp = 255 Remark8021p = 255 DnRemark8021p = 255
DnRemarkDscp = 255.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM NAC Get QosInfo From Nac] CM send QoS to TM.
UserName=,Valid=0,Cir=0,Pir=0,FlowMappingProfileIndex=0,FlowQueueProfileIndex=0
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM Get MCIB Info]DetectVlanId=254, Cib GateWay=0xffffffff.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
UserGroup:65535 UclGroupId:65535, aclNum:65535
[BTRACE][2017/10/24 01:22:28][TM][xxxx-xxxx-1234]:
[TM DBG]SrcNode = 0, DstNode = 0.
[TM DBG] Rev CM_SET(MsgCode=197) from UCM. Slot:0 SourceIndex:9197
Command:DEL_CIB Slot:0 LocalCid:8471
[BTRACE][2017/10/24 01:22:28][TM][xxxx-xxxx-1234]:
TM send authorization para info to Ap:
AclID = 65535,65535 UpRateLimitValue = -1 DownRateLimitValue = -1 Mac =
xxxx-xxxx-1234
Isolated = 0 InterIsolated = 0 VLAN = 65535 UserGroup = 65535 UclGroup = 65535
Optype = 1 UserUpFlag = 0 PushFlag = 255 AccessType = 22
IsPortBased = 0 UserVlanType = 255 AuthenUserAddCIB = 0 IfIndex = 152 IpAddr =
10.70.64.152 VrfIndex = 0 Cid = -1 PortalLayer3Flag = 0
AckIndex = 1738 preauthfalg = 255 httpflag = 255 denyallflag = 255
UpFlowstatistics = 0 DownFlowstatistics = 0
[BTRACE][2017/10/24 01:22:28][TM][xxxx-xxxx-1234]:Send setting CIB message To
SAM
[BTRACE][2017/10/24 01:22:28][TM][xxxx-xxxx-1234]:Send setting CIB message To
SAM
[BTRACE][2017/10/24 01:22:28][TM][xxxx-xxxx-1234]:TM send ack message to CM
module, result: Delete CIB OK
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:CM receive
SRV_MSG_CIB_SET_ACK from TM module (msg code: 198 userid:9197).
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG]
[CM NAC State Deleting Entity]3. Event = 25.
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM NAC Finish Deleting]. (IsDot1x=0, IsPortBased=0,
PortbasedAuthenStatus=0, AuthenMac=4294967281)
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:
[CM DBG][CM Clean ReAuthorize Info] Finished
[BTRACE][2017/10/24 01:22:28][CM][xxxx-xxxx-1234]:User connection down
(userid:9197).
Root Cause:
Customer configured command “user-sync interval 100 max-times 5” on web-auth-server . The user-sync command enables Portal authentication user information synchronization. If communication is interrupted because the network between the device and Portal server is disconnected or the Portal server is faulty, online Portal authentication users cannot go offline. Therefore, user information on the device and on the Portal server may be inconsistent and accounting may be inaccurate.
Solution:
As usual , we dont suggest configure this command .
After execute “undo user-sync” under web-auth-server , cut off the online user , tell the customer re-login and begin test , after observing two days , this issue disappear .
Suggestions:
As usually , we don’t suggest configure this command under web-auth-server .
This post was last edited by Skay at 2018-09-12 01:25.
