Causes of client deauthentication immediately after authenticating
-
ACE formatted incorrectly in the RADIUS server examples:
-
from
,any
, orto
keyword missing. -
An IPv4 or IPv6 protocol number in the ACE exceeds 255.
-
An optional UDP or TCP port number is invalid, or a UDP/TCP port number is specified when the protocol is neither UDP or TCP.
-
An ACE in the ACL for a given authenticated client exceeds 80 characters.
-
-
A RADIUS-assigned ACL limit has been exceeded:
-
The TCP/UDP port-range quantity of 14 per slot or port group has been exceeded.
-
The rule limit has been exceeded.
-
-
An IPv6 ACE has been received on a port and either the
HP-Nas-Rules-IPv6
attribute is missing orHP-Nas-Rules-IPv6=2
is configured. See Nas-Filter-Rule-Options for more on this attribute.