[Problem Description]
Now the Mac authentication function is no problem, but when the server requires the user to take Portal authentication, it does not take effect.
[Problem Analysis]
If the device is configured with mac authentication, no matter which authentication method AAA decides, our device will first perform mac authentication request.
So , when the server requires the user to do portal authentication, the request server should respond with an authentication rejection. But through the trace view, the server respond an accept
Through this filter id , I understand that you want to let users cut the domain before going online, and then go through the Portal authentication process, but they are back to accept, our device thinks that mac authentication is successful, it will not go online.
The behavior of our device is fixed, mainly depends on how the AAA server responds to the Mac authentication request.