< Home

CM/0/USER_ADDACLFAIL

Message

CM/0/USER_ADDACLFAIL:The ACL cannot be added for NAC users. Ensure that this ACL is supported by the NAC service or ACL resources are sufficient. ([STRING])

Description

A user fails to be authenticated through ACLs. Check whether the configured ACL supports authentication and whether ACL resources are sufficient.

Parameters

Parameter Name Parameter Meaning

[STRING]

User ID and MAC address.

Possible Causes

  • The delivered ACL is not supported according to the RADIUS attribute document.
  • The ACL failed to be delivered to the physical chip because of a bottom-layer chip error.
  • The ACL failed to be delivered to the physical chip due to insufficient ACL resources.

Procedure

  1. Run the display access-user user-id user-number command to check whether the authorized ACL is supported according to the RADIUS attribute document.

    • If not, deliver the ACL supported by the RADIUS attribute document to the user. Run the display access-user user-id user-number command to check whether the ACL is delivered successfully.
    • If so, ACLs fail to be delivered to the physical chip. Go to step 2.

  2. Run the display acl resource command to check whether ACL resources are sufficient.

    • If not, release ACL resources and then run the display acl resource command to check whether ACL resources are successfully released.
    • If so, ACLs fail to be delivered to the physical chip. Go to step 3.

  3. Collect log and configuration information, and contact technical support. You can collect diagnostic information using the display diagnostic-information command.
Parent Topic: CM
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >