组网及说明

设备型号：H3C S7503X-M-G
设备版本：Release 7748P01

问题描述

现场使用inode进行802.1x认证，发现反复重连，最后报“连接失败，请于管理员联系”

过程分析

查看配置无问题，设备与radius服务器通信无问题
通过查看debugging dot1x all、debugging radius all信息发现

*Jun 13 19:48:41:463 2023 IN_NET_Core_SW RADIUS/7/EVENT: Processing AAA request data.
*Jun 13 19:48:41:463 2023 IN_NET_Core_SW RADIUS/7/EVENT: PAM_RADIUS: Sent authentication request successfully.
*Jun 13 19:48:41:463 2023 IN_NET_Core_SW DOT1X/7/EVENT: AAA processed authentication request: Result=Processing, UserMAC=d8c4-97ab-92c6, VLANID=60, Interface=GigabitEthernet1/0/0/10.
*Jun 13 19:48:41:468 2023 IN_NET_Core_SW RADIUS/7/EVENT: Reply SocketFd recieved EPOLLIN event.
*Jun 13 19:48:41:468 2023 IN_NET_Core_SW RADIUS/7/EVENT: Received reply packet succuessfully.
*Jun 13 19:48:41:468 2023 IN_NET_Core_SW RADIUS/7/EVENT: Found request context, dstIP: 192.168.0.179, dstPort: 1812, VPN instance: --(public), socketFd: 86, pktID: 5.
*Jun 13 19:48:41:468 2023 IN_NET_Core_SW RADIUS/7/ERROR: Reply packet: Invalid packet authenticator.
*Jun 13 19:48:41:468 2023 IN_NET_Core_SW RADIUS/7/ERROR: The reply packet is invalid.
*Jun 13 19:48:45:438 2023 IN_NET_Core_SW RADIUS/7/EVENT: Response timed out.
*Jun 13 19:48:45:438 2023 IN_NET_Core_SW RADIUS/7/EVENT: Found request context, dstIP: 192.168.0.179; dstPort: 1812; VPN instance: --(public); socketfd: 86; pktID:5.
*Jun 13 19:48:45:439 2023 IN_NET_Core_SW RADIUS/7/EVENT: Retransmitting request packet, currentTries: 2, maxTries: 3.

解决方法

如上报错为radius服务器密钥与设备侧共享密钥不一致导致，现场重新修改imc和radius下的密钥后问题解决。