Jakob,
this is an interesting and pretty easy scenario, however I'll try this in my lab tomorrow... will get back to you soon.
as you mentioned you are getting authentication and I can see the entry is present under FWauth table, I hope you already enabled webauth on particular interface, where this source-ip is authenticating.
can you also give me the output of following operational command, run some debug commands and past logs,
operational command:
show network-access requests statistics
please enable following traceoptions,
- set security firewall-authentication traceoptions flag all
- set access firewall-authentication traceoptions flag all
- set system processes general-authentication-service traceoptions flag all
once you enable above traceoptions, do commit and open two more telnet sessions on device, on shell prompt:
first windown, run
- tail -f /var/log/fwauthd
second window, run
- tail -f /var/log/authd
then perform authentication, you can see real-time loging on both windows, please paste both logs here.
thanks
Raheel Anwar