Dear Turris Team,
I’ve recently being playing with 802.1x wired authentication and created and positively tested for that purpose a dedicated hostapd configuration on different linux stations with the objective of implementing an authenticator for my network , however I couldn’t manage to make the required setup to work on my Turris Omnia 2020. After some investigations I found out that for some reason the EAP packets being sent by the supplicants to the Turris Omnia are not being received at all despite firewall rules seems to be okay. Not sure whether this is a software configuration issue or a Turris Omnia hardware limitation.
Does anybody have any guess and could help me with this issue?
Many thanks in advance.
2 Likes
I’m seeing this as well. I had my Turris Omnia setup for an EAP proxy (ISP requires 802.1x certificate authentication, so the EAP proxy allows the ISP’s router to authenticate the connection). A recent-ish update (within the past 2 months) broke that.
Looking at tcpdump, it seems like the switch on the lan ports drops all incoming 802.1x packets. I’m able to receive them on the eth2 “lan” port. I haven’t verified if outgoing packets work.
As an update: I worked around this problem by using a USB ethernet adapter to connect to the ISP’s router, and now I can completely bypass it again. I’m using the goeap_proxy software to proxy the 802.1x/EAP packets.
1 Like