[NE Router-Troubleshooting] The Device Does not Respond to the Authentication Request Packet Sent by the Web Authentication Server

The device receives the authentication request packet from the Web authentication server. The Web authentication server, however, fails to receive a reply from the device.

Fault Analysis

1.     Run the debugging web packet command in the user view to view the debugging information about the Web module.

*0.890027513 BAS02 WEB/7/DEBUG:

packet received from socket( len = 52 Vrf = 0):

ver     : 2

type    : auth req

Method  : pap

SerialNo: 63489

ReqID   : 0

UserIP  : 10.1.1.1

ErrCode : 0

AttrNum : 2

*0.890027514 BAS02 WEB/7/DEBUG:

 02 03 01 00 f8 01 00 00 3d b2 ed 0a 00 00 00 02

 a1 04 35 5c cc b4 62 f2 40 d0 bc 3c 07 d9 70 8a

 01 0a 64 6f 6e 67 68 70 32 30 02 0a 64 6f 6e 67

 68 70 32 30

*0.890027514 BAS02 WEB/7/DEBUG:

The command output shows that the device receives the authentication request packet from the Web authentication server of portal version 2.0.

2.     Run the display web-auth-server configuration command on the device to view the configuration of the Web authentication server.

  Source interfce       : -

  Listening port        : 2000

  Portal                : version 1, version 2

  Display reply message : enabled

  ------------------------------------------------------------------------

           Server       Share-Password     Port  NAS-IP  Vpn-instance

  ------------------------------------------------------------------------

         10.2.2.2                              50100      NO

  ------------------------------------------------------------------------

  1 Web authentication server(s) in total

The displayed Portal item shows that the Web authentication server configured on the device also supports portal version 2.0. In addition, the IP address and port number of the Web authentication server configured on the device are the same as that of the actual Web authentication server. The shared key, however, is not configured. If the protocol between the device and the Web authentication server is portal version 2.0 or a later version, you must configure the shared key.

Procedure

1.     Run the system-view command to enter the system view.

2.     Run the web-auth-server server-ip key key command to configure the shared key for the Web authentication server. After the configuration, the device can communicate with the Web authentication server.

Summary

If the protocol between the device and the Web authentication server is portal version 2.0 or a later version, you must configure the shared key.