Verifying the configuration, Troubleshooting radius, Radius authentication failure – H3C Technologies H3C S6300 Series Switches User Manual

59

Verifying the configuration

# Initiate an SSH connection to the switch, and enter the username aaa@bbb and password

ldap!123456. The user logs in to the switch. (Details not shown.)
# Verify that the user can use the commands permitted by the network-operator user role. (Details not

shown.)

Troubleshooting RADIUS

RADIUS authentication failure

Symptom

User authentication always fails.

Analysis

Possible reasons include:

•

A communication failure exists between the NAS and the RADIUS server.

•

The username is not in the format userid@isp-name, or the ISP domain is not correctly configured on
the NAS.

•

The user is not configured on the RADIUS server.

•

The password entered by the user is incorrect.

•

The RADIUS server and the NAS are configured with different shared keys.

Solution

To resolve the problem:

1.

Check the following items:

{

The NAS and the RADIUS server can ping each other.

{

The username is in the userid@isp-name format and the ISP domain is correctly configured on
the NAS.

{

The user is configured on the RADIUS server.

{

The correct password is entered.

{

The same shared key is configured on both the RADIUS server and the NAS.

2.

If the problem persists, contact H3C Support.

RADIUS packet delivery failure

Symptom

RADIUS packets cannot reach the RADIUS server.

Analysis

Possible reasons include:

•

A communication failure exists between the NAS and the RADIUS server.

•

The NAS is not configured with the IP address of the RADIUS server.