Troubleshooting guide

ManualsBrandsAlaxala ManualsComputer equipmentAX1240S Series

3. Troubleshooting Functional Failures During Operation

No. Items to check and commands Action

4 Check the setting of the

authentication IPv4 access list.

[Fixed VLAN mode] [Dynamic VLAN mode]

 If an unauthenticated terminal sends certain types of packets

to destinations outside the Switch, make sure an

authentication IPv4 access list is set.

When both a standard access list and an authentication IPv4

access list are set for an authenticating port, make sure the

filtering conditions in the authentication IPv4 access list are

also set in the standard access list.

 Make sure a filtering condition for discarding IP packets (such

as deny ip) is not set in the standard access list or

authentication IPv4 access list for the authenticating port.

 Make sure any is not set for the destination IP address in the

filtering condition in the authentication IPv4 access list.

 For other cases, go to No. 10.

5 Use the show

web-authentication user

operation command to check

whether the user ID is registered.

 If the user ID is not registered, use the set

web-authentication user operation command to

registration, use the commit web-authentication

operation command to apply the information to the operation.

 For other cases, go to No. 6.

6 Check whether the entered

password is correct.

 If the password does not match, use the set

web-authentication passwd operation command to

change the password, or use the remove

web-authentication user operation command to delete

the user ID, and then use the set web-authentication

user operation command to register the user ID, password,

and VLAN ID again. After the change, use the commit

web-authentication operation command to apply the

information to the operation.

 For other cases, go to No. 10.

7 Use the show

web-authentication

statistics operation command

to check the communication status

with the RADIUS server.

 If the value displayed for TxTotal under [RADIUS frames]

is 0, check whether the following configurations are specified

correctly:

aaa authentication web-authentication default

web-authentication radius-server host or

radius-server host

 For other cases, go to No. 8.

8 Check whether the password and

user ID are registered on the

RADIUS server.

 If the user ID is not registered, register it on the RADIUS

server.

[Fixed VLAN mode]

 Check whether the RADIUS server's VLAN ID indicated by

NAS-Identifier matches the VLAN ID to which the

terminal to be authenticated belongs.

[Dynamic VLAN mode]

 Make sure the VLAN ID of the RADIUS server matches the

VLAN ID of the authenticating port specified in the

switchport mac vlan

configuration command.

 If a VLAN name has been registered on the RADIUS server,

make sure the target VLAN name matches the VLAN name

specified in the name

configuration command.