3. Troubleshooting Functional Failures in Operation

Table 3-51: Checking Web Authentication Configuration

No.

Check Point

Troubleshooting Steps

 

 

 

1

Setting of Web authentication configuration

Confirm that the following configuration commands are set correctly:

 

 

<common setting>

 

 

aaa accounting web-authentication default

 

 

start-stop group radius

 

 

aaa authentication web-authentication default

 

 

group radius

 

 

web-authentication system-auth-control

 

 

<when dynamic vlan mode is set>

 

 

web-authentication auto-logout

 

 

web-authentication max-timer

 

 

web-authentication max-user

 

 

web-authentication vlan

 

 

<when static vlan mode is set>

 

 

web-authentication ip address

 

 

web-authentication port

 

 

web-authentication static-vlan max-user

 

 

web-authentication web-port

 

 

When you use IP8800/S3600 or IP8800/S2400, confirm the settings by

 

 

using the following commands.

 

 

authentication arp-relay

 

 

authentication ip access-group

 

 

web-authentication redirect enable

 

 

web-authentication redirect-mode

2

IP address setting for VLAN interface

Using dynamic vlan mode, confirm that the IP address is correctly set

 

 

to each VLAN interface:

 

 

Pre-authentication VLAN

 

 

Post-authentication

 

 

 

3

Setting of DHCP relay agent

When using the external DHCP server and L3 switches in dynamic vlan

 

 

mode, check that DHCP relay agent between the following VLANs is

 

 

set correctly.

 

 

Between pre-authentication VLAN and server VLAN

 

 

Between post-authentication VLAN and server VLAN

 

 

 

4

Filter setting

When using L3 switches in dynamic vlan mode, confirm that the

 

 

following inter-VLAN filter is set correctly.

 

 

Between pre-authentication VLAN and post-authentication VLAN:

 

 

Set the filter to disable all IP communications.

 

 

Between post-authentication VLAN and pre-authentication VLAN:

 

 

Set the filter to relay Web browser communication only.

 

 

Certain packets may have been discarded by filtering, or packets may

 

 

have been discarded through bandwidth monitoring, discarding control,

 

 

or shaper of the QoS control.

 

 

Check to see if the conditions of filtering and QoS control in the

 

 

configuration have been set up correctly and if bandwidth monitoring,

 

 

discarding control, or shaper has been set up appropriately for system

 

 

operation. For the procedure, see "3.23.1 Checking Filtering/QoS

 

 

Setting Information."

 

 

 

95

Page 157
Image 157
NEC IP8800/S2400 manual Checking Web Authentication Configuration, Check Point Troubleshooting Steps, Setting Information

IP8800/S6700, IP8800/S3600, IP8800/S6600, IP8800/S6300, IP8800/S2400 specifications

The NEC IP8800 series comprises a range of advanced networking solutions designed for various applications ranging from enterprise networking to service provider environments. This series includes models such as the IP8800/S2400, IP8800/S3600, IP8800/S6300, IP8800/S6600, and IP8800/S6700, each with its unique set of features and capabilities aimed at delivering robust performance, security, and scalability.

The IP8800/S2400 is an entry-level switch tailored for small to medium enterprises. It features a compact design and high port density, making it ideal for network edge applications. The model supports both Layer 2 and Layer 3 switching capabilities, enabling efficient traffic management. With its robust security features, including access control lists and support for VLANs, the IP8800/S2400 ensures secure connectivity.

Moving to the IP8800/S3600, this switch is designed for data center environments and offers high throughput with advanced routing capabilities. It is equipped with high-capacity 10G and 40G Ethernet ports, facilitating faster data transfer rates. The S3600 supports various protocols such as MPLS and Segment Routing, enhancing its ability to manage complex network architectures. Its energy-efficient design also helps reduce operational costs.

The IP8800/S6300 is tailored for high-performance networking scenarios, featuring a flexible architecture that supports both traditional and cloud-based services. With extensive QoS capabilities, the S6300 optimizes traffic flow and manages bandwidth efficiently, ensuring high-quality service delivery. Its virtualization support allows for easier integration into modern, software-defined networking environments.

The IP8800/S6600 provides a comprehensive solution for service providers and large enterprises, boasting high scalability and modularity. This model supports advanced features such as network slicing and the ability to handle high-density 100G interfaces. Its robust management tools, including centralized control and automation capabilities, simplify network operations significantly.

Finally, the IP8800/S6700 represents the pinnacle of the series, designed for mission-critical applications requiring the utmost reliability and performance. It supports advanced analytics, AI-driven insights, and comprehensive telemetry, enabling proactive network management. With high availability features and extensive redundancy options, the S6700 ensures continuous operation, making it ideal for core network functions.

In summary, the NEC IP8800 series offers a versatile range of switches that combine advanced technologies, high performance, and robust security features, catering to various networking needs across different industries. Each model is designed to provide not only superior connectivity but also the flexibility and scalability required in today’s fast-paced digital landscape.