Title: 【Typical Case】Troubleshooting User Limit Exceeded Alarm on EG2100-P with Authentication Disabled [Print this page] Author: zhangqiao@ruiji Time: 2024-7-23 11:51 Title: 【Typical Case】Troubleshooting User Limit Exceeded Alarm on EG2100-P with Authentication Disabled Keywords:
EG2100-P, Ruijie Gateway, User limit exceeded Issue Description
Web authentication is disabled on EG2100-P, yet an alarm indicating that the number of authenticated users exceeds the limit is generated.
The following figure shows that web authentication is disabled.
The log shows that the web authentication module constantly reports that the numberof users exceeds the limit. Device Model and Firmware
Device Type
Device Model
Firmware Version
Ruijie Gateway
EG2100-P
EG_RGOS 11.9(6)B17P2
Troubleshooting
Verify the web authentication configuration to check if web authentication is enabled.
The following figure shows that web authentication is disabled.
2. Verify the information ofauthenticated users.
It is found that a significant number of authenticated users are in an initialstate, most of which use public IP addresses. It’s suspected that theauthentication port is opened, and is facing an attack from a public network.
3.Verify the authentication port number.
TCP port 8081 is the authentication port and is opened. It is suspected that TCP port 8081 has been opened due to certain configurations.
4. Verify the configuration file.
The following web authentication configurations are found.
5. Remove the web authentication configurations and check the port status again.
After the no web-auth template iportal command is executed, port 8081 isclosed. Further more, no new alarms regarding users exceeding limits are generated. Root Cause
Web authentication is disabled, yet the configuration remains, leaving TCP port 8081 open. This led to the device triggering an alarm for user limit exceeded due to attacks on port 8081 from the public network. Solution
Runthe following commands to remove web authentication configurations.
con
noweb-auth sta-preemption enable
noweb-auth template iportal
noweb-auth template eportalv1
en
wr
Welcome to Ruijie Community (https://community.ruijienetworks.com/)
