Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
NE 40 configuration Mac a...

NE 40 configuration Mac authentication and portal authentication but portal authentication is not working

Latest reply: Oct 30, 2018 07:37:57 1557 14 17 0 0
display all floors 1#

[Problem Description]

Now the Mac authentication function is no problem, but when the server requires the user to take Portal authentication, it does not take effect.


[Problem Analysis]


If the device is configured with mac authentication, no matter which authentication method AAA decides, our device will first perform mac authentication request.

So , when the server requires the user to do portal authentication, the request server should respond with an authentication rejection. But through the trace view, the server respond an accept

NE 40 configuration Mac authentication and portal authentication but portal authentication is not working-2775357-1

 

Through this filter id  , I understand that you want to let users cut the domain before going online, and then go through the Portal authentication process, but they are back to accept, our device thinks that mac authentication is successful, it will not go online.


The behavior of our device is fixed, mainly depends on how the AAA server responds to the Mac authentication request.

This article contains more resources

You need to log in to download or view. No account? Register

x
  • x
  • convention:

Like (17) Dislike (0) Favorite(0) Share Report
Previous: Would like to share the introduction series of VxLAN to you--VxLan overview
Next: How to reset AT password ?
No.9527
Created Oct 15, 2018 00:54:36

MAC address authentication controls network access permissions of a user based on the access interface and MAC address of the user. The user does not need to install any client software. The user name and password are the MAC address of the user device. After detecting the MAC address of a user for the first time, a network device starts authenticating the user. This post was last edited by No.9527 at 2018-10-31 07:01.
View more
  • x
  • convention:
Torrent
Created Oct 15, 2018 06:28:26

I am very interested for this post, which is very helpful to our daily troubleshooting. I always have similar problems in my daily work, but I do not know how to deal with them. Now I have a clear idea. Thank you very much for your sharing. Hope you can update continue like this
what's more can you share the details commonds how to configure this? thanks very much!
This post was last edited by Torrent at 2018-10-22 05:44.
View more
  • x
  • convention:
lizhi94
Created Oct 15, 2018 07:00:45

This post is very useful to me. Thank you very much for your sharing.:)
View more
  • x
  • convention:
yjhd
Created Oct 15, 2018 07:30:49

when me read this case, i think it is very useful for us, but maybe it nned to decribe more detail. This post was last edited by yjhd at 2018-10-31 09:19.
View more
  • x
  • convention:
GongXiaochuan
Created Oct 16, 2018 00:44:44

can you please description more details of the solution, thank you

This post was last edited by GongXiaochuan at 2018-10-30 05:32.
View more
  • x
  • convention:
lizhi94
Created Oct 16, 2018 04:08:29

I have required a lot of knowledge,which enquires me to gohead for excellent level . This is a rare sticker that has been rare for a hundred years! Heaven has eyes, let me see such a wonderful post in the eugenic year.
Thank you very much for your sharing. Hope you can update continue like this :)
View more
  • x
  • convention:
Skay
Created Oct 16, 2018 07:08:32

Thanks for your sharing ,In MAC address-prioritized Portal authentication, when the Portal server needs to authenticate a user terminal, the device first sends the user terminal's MAC address to the Portal server for identity authentication. If the authentication fails, the Portal server pushes the Portal authentication page to the terminal. The user then enters the user name and password for authentication. The RADIUS server caches a terminal's MAC address and associated SSID during the first authentication for the terminal. If the terminal is disconnected and then connected to the network within the MAC address validity period, the RADIUS server searches for the SSID and MAC address of the terminal in the cache to authenticate the terminal.
View more
  • x
  • convention:
Finn92
Created Oct 19, 2018 02:03:37

thank you , but i have a question  , how to choose which kind of authentication when we have multiple authentication ?

I am very interested for this sharing , which is very helpful to our daily work. I have the similar problems in my daily troubleshooting, but I do not know how to deal with them. Now I have a clear idea. Thank you very much for your post. Hope you can update continue like this , thank you very much .

This post was last edited by Finn92 at 2018-10-31 08:40.
View more
  • x
  • convention:
No.9527
Created Oct 19, 2018 03:28:33

MAC address authentication controls network access permissions of a user based on the access interface and MAC address of the user. The user does not need to install any client software. The user name and password are the MAC address of the user device. After detecting the MAC address of a user for the first time, a network device starts authenticating the user. This post was last edited by No.9527 at 2018-10-31 07:02.
View more
  • x
  • convention:
12
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.