Troubleshooting guide

ManualsBrandsAlaxala ManualsComputer equipmentAX2400S series

191

192

193

194

195

196

197

198

199

200

3. Troubleshooting Functional Failures During Operation

121

Table 3-62: Failure analysis method for MAC-based authentication

No. Items to check and commands Action

1 Check whether communication with the

terminal is possible.

• If authentication in local authentication method is not

possible, go to No. 2.

• If authentication in RADIUS authentication method is not

possible, go to No. 3.

• For other cases, go to No. 5.

2Use the

show mac-authentication

mac-address command to make sure the

MAC address and VLAN ID are registered.

• If the MAC address is not registered, use the

set

mac-authentication mac-address command to

• For other cases, go to No. 5.

3Use the

show mac-authentication

statistics command to check the

communication status with the RADIUS

server.

• If the value displayed for

TxTotal under [RADIUS

frames] is 0, check whether the aaa authentication

mac-authentication default group radius,

radius-server host, and mac-authentication

radius-server host configuration commands have

been set correctly.

• For AX3800S, AX3600S, and AX2400S series switches,

even if communication is restored from the no-response

state of the RADIUS server caused by the dead interval

functionality, an authentication error occurs. This is

because no authentication check is performed on the

RADIUS server during the time interval specified by the

authentication radius-server dead-interval

configuration command.

In this case, if the authentication failure due to no response

from the RADIUS server continues on for too long, change

the setting value of the

authentication

radius-server dead-interval configuration

command or execute the

clear mac-authentication

dead-interval-timer command. The authentication

operation by the first RADIUS server resumes.

• For other cases, go to No. 4.

4 Check whether the MAC address and

password are registered on the RADIUS

server.

• If the MAC address is not registered as the user ID of the

RADIUS server, register the MAC address on the RADIUS

server.

• If a MAC address is used as the password, set the MAC

address that has been set for the user ID.

• If a value common to the RADIUS server is set as the

password, make sure that the value matches the password

set in the

mac-authentication password configuration

command.

• For other cases, go to No. 5.