Debugging Information
Solution
Nov 10 2010 16:02:35.760.1 Huawei TAC/
7/Event:
version:c0 type:AUTHEN_REPLY
seq_no:6 flag:UNENCRYPTED_FLAG
session_id:0x4ff8 length:6
pstPacketAll->ulDataLen:6
pstAuthenReply:ucStatus=2 ucflags=0
usServerMsgLen=0 usDataLen=0
status:AUTHEN_STATUS_FAIL
flag:REPLY_FLAG_ECHO
server_msg len:0 data len:0
server_msg: data:
The HWTACACS server returned an
authentication failure packet. The possible
causes of authentication failure are:
l
The router IP address and the shared key
are not configured on the HWTACACS
server.
l
The shared key configured on the
HWTACACS server is different from
the shared key configured on the
AR2200-S.
l
The user account is not configured on
the HWTACACS server, or the user
name format configured in the
HWTACACS server template is
different from that on the HWTACACS
server. For example, the AR2200-S
sends the user name without the domain
name but the HWTACACS server
requires the user name with the domain
name.
l
The password entered by the user is
different from the password configured
on the HWTACACS server.
If any of the preceding errors exist, modify
the configuration on the HWTACACS
server. After configuration modification,
check whether the user can pass the
authentication. If the fault persists, go to
step 5.
Step 5
Check the user type.
l
If the user is a Telnet user or an FTP user, rectify the fault according to "
to Log in to the Server Through Telnet
" or "The User Fails to Log in to the Server Through
FTP."
l
If the user is a network access user, rectify the fault according to "
."
Step 6
If the fault persists, collect the following information and contact Huawei technical support
personnel:
l
Results of the preceding troubleshooting procedure
l
Configuration file, log file, and alarm file of the AR2200-S
----End
Relevant Alarms and Logs
Huawei AR2200-S Series Enterprise Routers
Troubleshooting
10 Security
Issue 01 (2012-01-06)
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
277