Search

CN-121984751-A - Network access method, device, equipment and program product

CN121984751ACN 121984751 ACN121984751 ACN 121984751ACN-121984751-A

Abstract

The application provides a network access method, a device, equipment and a program product, wherein the method comprises the following steps: and the network control equipment controls the network access equipment to continue to provide the network access service with the original SSID after the authentication server is abnormal, so that the authenticated online terminal is kept online. When a terminal such as a terminal which is disconnected after the authentication server is abnormal or a new terminal is accessed to the network access equipment, the authentication server is replaced to authenticate the terminal, so that the network access can be normally performed under the condition that the authentication server is abnormal. The method realizes the automatic access of the new user to the network access equipment for network access after the abnormality of the authentication server, and avoids the problems such as large workload and the like caused by manually accessing the new user to the network access equipment after the abnormality of the authentication server.

Inventors

  • CHEN LE

Assignees

  • 新华三信息技术有限公司

Dates

Publication Date
20260505
Application Date
20260130

Claims (10)

  1. 1. A network access method, characterized in that the method is applied to a network control device, the method comprising: After detecting that the authentication server is abnormal, the method comprises the following steps: Controlling the connected network access equipment to continuously provide wireless access service according to the original access service identifier SSID so as to keep the authenticated online terminal online; The authentication request message is generated based on login information input by a newly added terminal when network access is needed, or is generated based on recorded login information of the terminal which passes authentication and is offline after abnormality occurs in the authentication server when the terminal is needed to be online again; And simulating the authentication server to return a response message corresponding to the authentication request message to the terminal so as to enable the terminal to be online and perform network access.
  2. 2. The method of claim 1, wherein the controlling the connected network access device to continue providing wireless access service according to the original access service identification SSID comprises: sending notice to connected network access equipment to instruct the network access equipment to continue to provide wireless access service according to the original access service identification SSID, or And prohibiting sending SSID switching notification to the connected network access equipment, wherein the SSID switching notification is used for instructing the network access equipment to switch the original access service identification SSID so as to provide wireless access service through the switched SSID.
  3. 3. The method of claim 1, wherein the returning, to the terminal, a response message corresponding to the authentication request message includes: Based on the login information carried by the authentication request message, the simulated authentication server sends an authentication success message to the terminal to respond to the authentication request message, or Recording a user name carried by the authentication request message, simulating an authentication server to generate a secret key and sending the secret key to the terminal, so that the terminal encrypts a password corresponding to the user name by using the secret key to obtain a ciphertext and sends the ciphertext to the network control equipment; And receiving the ciphertext transmitted by the terminal, decrypting the ciphertext by using the key, and transmitting an authentication success message to the terminal by the authentication simulating server.
  4. 4. The method of claim 1, wherein the simulating the response message corresponding to the authentication request message from the authentication server to the terminal further comprises: Generating a temporary authentication list item corresponding to the terminal, and sending authentication information in the temporary authentication list item to the network access equipment, wherein the authentication information is used for authenticating the terminal by the network access equipment.
  5. 5. The method of claim 1, wherein the simulating the response message corresponding to the authentication request message from the authentication server to the terminal further comprises: Generating a temporary authentication list item corresponding to the terminal and sending authentication information in the temporary authentication list item to the network access equipment, wherein the authentication information is used for authenticating the terminal by the network access equipment.
  6. 6. The method according to claim 1, wherein the method further comprises: After detecting that the authentication server returns to normal from abnormality, identifying an online target terminal which is online after the authentication server is abnormal and is registered to the authentication server; And negotiating with the authentication server whether to allow the online target terminal to continue online or not according to each online target terminal, if so, allowing the online target terminal to continue network access, otherwise, controlling the online target terminal to be offline.
  7. 7. The method of claim 6, wherein negotiating with the authentication server whether the on-line target terminal is allowed to continue on-line comprises: Transmitting the login information of the online target terminal to the authentication server so as to authenticate the login information by the authentication server, if authentication is successful, allowing the online target terminal to continue online, otherwise, prohibiting the online target terminal from continuing online, or And sending the user name in the login information of the online target terminal to the authentication server, receiving a key returned by the authentication server, encrypting a password corresponding to the user name by using the key to obtain a ciphertext and sending the ciphertext to the authentication server so that the authentication server authenticates the password based on the ciphertext, if the authentication is successful, allowing the online target terminal to continue online, and otherwise, prohibiting the online target terminal from continuing online.
  8. 8. The method according to any one of claims 6 or 7, wherein when the presence target terminal is allowed to continue to be on-line, the method further comprises modifying a temporary authentication entry corresponding to the presence target terminal to a formal authentication entry; And when the online target terminal is forbidden to continue online, deleting the temporary table entry corresponding to the online target terminal.
  9. 9. A network access apparatus for use in a network control device, said apparatus comprising: After detecting that the authentication server is abnormal, the method comprises the following steps: The control module is configured to control the connected network access equipment to continue to provide wireless access service according to the original access service identifier SSID so as to keep the authenticated online terminal online; The terminal authentication system comprises a receiving module, a receiving module and a terminal authentication module, wherein the receiving module is configured to receive an authentication request message forwarded by the network access equipment and used for terminal authentication, the authentication request message is generated based on login information input by a newly added terminal when network access is needed, or is generated based on recorded login information of the terminal when the terminal which passes authentication and is offline after the authentication server is abnormal; And the return module is configured to prohibit sending an access request message corresponding to the authentication request message to the authentication server, and simulate the authentication server to return a response message corresponding to the authentication request message to the terminal so as to enable the terminal to be on line and perform network access.
  10. 10. An electronic device comprising a processor and a machine-readable storage medium storing machine-executable instructions executable by the processor; The processor is configured to execute machine executable instructions to implement the method of any of claims 1-7.

Description

Network access method, device, equipment and program product Technical Field The present application relates to the field of communications technologies, and in particular, to a network access method, apparatus, device, and program product. Background In networking applications, when an authentication server, such as a Remote Authentication (RADIUS) server, is abnormal, such as a failure or unreachable, etc., once a new User is online, the new User needs to be manually accessed to a network access device, such as manually selecting an access network for the new User, such as an access point under a wireless network architecture (i.e., an access Service identifier provided by a network control device or a master-slave gateway). The method is also applied to the condition that the network access equipment is manually accessed for the new user when the authentication server is abnormal in the optical fiber to room (Fiber to The Room, FTTR) scene. Disclosure of Invention The application provides a network access method, a device, equipment and a program product, which are used for avoiding the problems such as large workload and the like caused by manually accessing a new user into network access equipment after an authentication server is abnormal. The application provides a network access method, which is applied to network control equipment, and comprises the following steps: After detecting that the authentication server is abnormal, the method comprises the following steps: Controlling the connected network access equipment to continuously provide wireless access service according to the original access service identifier SSID so as to keep the authenticated online terminal online; The authentication request message is generated based on login information input by a newly added terminal when network access is needed, or is generated based on recorded login information of the terminal which passes authentication and is offline after an authentication server is abnormal when the terminal needs to be online again; and the simulated authentication server returns a response message corresponding to the authentication request message to the terminal so as to enable the terminal to be online and perform network access. Optionally, controlling the connected network access device to continue to provide the wireless access service according to the original access service identifier SSID includes: Sending notice to the connected network access equipment to instruct the network access equipment to continue to provide wireless access service according to the original access service identification SSID, or And prohibiting sending SSID switching notification to the connected network access equipment, wherein the SSID switching notification is used for instructing the network access equipment to switch the original access service identifier SSID so as to provide wireless access service through the switched SSID. Optionally, the response message corresponding to the authentication request message returned to the terminal includes: Based on the login information carried by the authentication request message, the simulated authentication server sends an authentication success message to the terminal to respond to the authentication request message, or Recording a user name carried by the authentication request message, simulating an authentication server to generate a key, and sending the key to the terminal, so that the terminal encrypts a password corresponding to the user name by using the key to obtain a ciphertext and sending the ciphertext to the network control equipment; and receiving the ciphertext transmitted by the terminal, decrypting the ciphertext by using the key, and transmitting an authentication success message to the terminal by the simulated authentication server. Optionally, the response message corresponding to the authentication request message returned by the authentication simulating server to the terminal further includes: Generating a temporary authentication list item corresponding to the terminal, and sending authentication information in the temporary authentication list item to the network access equipment, wherein the authentication information is used for authenticating the terminal by the network access equipment. Optionally, the response message corresponding to the authentication request message returned by the authentication simulating server to the terminal further includes: generating a temporary authentication list item corresponding to the terminal, and sending authentication information in the temporary authentication list item to the network access equipment, wherein the authentication information is used for authenticating the terminal by the network access equipment. Optionally, the method further comprises: after detecting that the authentication server returns to normal from abnormality, identifying an online target terminal which is online after the authentication server is abn