access-user login session-limit reply

The RADIUS server does not limit the maximum number of access users using the same account. As long as the user name and password are correct, the users can be authenticated by the RADIUS server, and the RADIUS server returns a message with the content of the Reply-Message attribute to the device. If the user-max-session command is configured on the device, the maximum number of access users using the same account is limited according to the configured value after web users switch from the pre-authentication domain to the authentication domain. If the number of users using the same account has reached the upper limit, excess users fail to log in to the device even though the RADIUS authentication succeeds. By default, the device returns the error code 1 and a message with the content of the Reply-Message attribute received from the RADIUS server to the portal server as the device does in a RADIUS authentication reject scenario. The portal server cannot use error codes to distinguish the RADIUS authentication reject scenario from the scenario where the RADIUS authentication succeeds but the number of users using the same account has reached the upper limit. To allow the portal server to distinguish the two scenarios, you can run the access-user login session-limit reply command to configure the error code and message returned by the device to the portal server if web users switch from the pre-authentication domain to the authentication domain and the number of users using the same account has reached the upper limit.