Causes of client deauthentication immediately after authenticating
- ACE formatted incorrectly in the RADIUS server.
from
,any
, orto
keyword missing.An IPv4 or IPv6 protocol number in the ACE exceeds 255.
An optional UDP or TCP port number is invalid, or a UDP/TCP port number is specified when the protocol is neither UDP or TCP.
- A RADIUS-assigned ACL limit has been exceeded.
An ACE in the ACL for a given authenticated client exceeds 80 characters.
The TCP/UDP port-range quantity of 14 per slot or port group has been exceeded.
The rule limit of 3048 per slot or port group has been exceeded.
An IPv6 ACE has been received on a port and either the
HP-Nas-Rules-IPv6
attribute is missing orHP-Nas-Rules-IPv6=2
is configured. See Nas-filter-Rule attributes for more on this attribute.