Hi,
We were trying forwarding of 802.1x eapol frame over Layer2 bridge, but observing 802.1x frame is not getting forwarded to other bridge member
[802.1x supplicant]
Topology:
Device1 Device2
Internet === eth0 Router-Mode eth1 ====== eth0 L2-Bridge ath1 ........... wifi client
br0 (802.1x enabled)
Device1 - x86 Machine running with openwrt
Device2 - Raspberry pi3b running with openwrt
(built openwrt image with packages PACKAGE_wpad, PACKAGE_hostapd, PACKAGE_wpad-mini enabled)
Latest version of openwrt was used.
We tried 2 methods
1) Bridge without vlan
- br0 is bridge interface with eth0 and ath1 interface
- when wifi client tries to connect Device2, it send 802.1x frames
- No 802.1x frames are seen on ath1 interface
Anything wrong here ?
2) Bridge with vlan [referred link : https://openwrt.org/docs/guide-user/network/wifi/wireless.security.8021x]
- created a bridge 'br-vlan' with 2 interfaces ath1.1 and eth0.1 [vlanid 1 was used]
- when wifi client tries to connect Device2, it send 802.1x frames
- Able observe 802.1x frames captured on wifi interface ath1.1 of bridge interface
- But, these frames are not forwarded to wired interface eth0.1
Any configuration is missing to ensure forwarding happens to other bridge member ? is
vlan is a must for forwarding of 802.1x frames within bridge members ?
Please suggest your input on this. Thanks in Advance.
Regards,
Global Edge Software Team