AP telnet failure, appear AAA authentication failed
2023-09-28 16:47:52
Published
- 0 Followed
- 0Collected ,3102Browsed
Network Topology
WX3840H, R5441P01, online AP is WA6320
Problem Description
Failure to use telnet remote method, prompting AAA authentication failure.
Process Analysis
1. Confirm that the username and password are correct, and check that there are no problems with local user permissions.
local-user admin class manage
password hash xxxxxxxxxxxxxxxxxxxxxxxxxxx
service-type ssh telnet terminal http https
authorization-attribute user-role level-3
authorization-attribute user-role network-admin
line vty 0 16
authentication-mode scheme
user-role network-admin
user-role network-operator
2. Then debug telnet server and debug radius packet, found that the address of radius server is unreachable.
*Aug 26 01:59:03:101 2020 H3C RADIUS/7/EVENT:
Response timed out.
*Aug 26 01:59:03:101 2020 H3C RADIUS/7/EVENT:
Found request context, dstIP: 172.16.xxx.xxx; dstPort: 1812; VPN instance: --(public); socketfd: 28; pktID:175.
*Aug 26 01:59:03:101 2020 H3C RADIUS/7/EVENT:
Retransmitting request packet, currentTries: 2, maxTries: 3.
*Aug 26 01:59:06:101 2020 H3C RADIUS/7/EVENT:
3. Check the configuration has
domain default enable xxxx.com.en
The default domain has been changed to a business-related domain and needs to be changed back to system.
Solution
Change domain default enable ceri.com.cn to domain default enable system.