Manualsbrain.com
  1. Manuels
  2. Marques
  3. 3com
  4. WX3000
  5. Manuel D’Utilisation

3com WX3000 Manuel D’Utilisation

Télécharger
Page de 715
 
2-30 
Troubleshooting AAA 
Troubleshooting RADIUS Configuration 
The RADIUS protocol operates at the application layer in the TCP/IP protocol suite. This protocol 
prescribes how the device and the RADIUS server of the ISP exchange user information with each 
other.  
Symptom 1: User authentication/authorization always fails. 
Possible reasons and solutions
The user name is not in the userid@isp-name or userid.isp-name format, or the default ISP domain 
is not correctly specified on the device — Use the correct user name format, or set a default ISP 
domain on the device. 
The user is not configured in the database of the RADIUS server — Check the database of the 
RADIUS server, make sure that the configuration information about the user exists. 
The user input an incorrect password — Be sure to input the correct password. 
The device and the RADIUS server have different shared keys — Compare the shared keys at the 
two ends, make sure they are identical. 
The device cannot communicate with the RADIUS server (you can determine by pinging the 
RADIUS server from the device) — Take measures to make the device communicate with the 
RADIUS server normally. 
Symptom 2: RADIUS packets cannot be sent to the RADIUS server. 
Possible reasons and solutions
The communication links (physical/link layer) between the device and the RADIUS server is 
disconnected/blocked — Take measures to make the links connected/unblocked. 
None or incorrect RADIUS server IP address is set on the device — Be sure to set a correct 
RADIUS server IP address. 
One or all AAA UDP port settings are incorrect — Be sure to set the same UDP port numbers as 
those on the RADIUS server. 
Symptom 3: The user passes the authentication and gets authorized, but the accounting information 
cannot be transmitted to the RADIUS server. 
Possible reasons and solutions
The accounting port number is not properly set — Be sure to set a correct port number for RADIUS 
accounting. 
The device requests that both the authentication/authorization server and the accounting server 
use the same device (with the same IP address), but in fact they are not resident on the same 
device — Be sure to configure the RADIUS servers on the device according to the actual situation. 
Troubleshooting HWTACACS Configuration 
See the previous section if you encounter an HWTACACS fault.