Dynamic VLANs while using Radius & WDS client (MAC80211 wireless repeater)

I am using a pair of Access Points configured with WDS (Master/Client).
Both of them are configured with VLAN support, 802.11x (WPA2-EAP) and radsecproxy which points to a remote freeradius server.

Dynamic VLANs work fine on my Master AP:

Feb 12 07:47:24 gw.home hostapd: wlan1: STA d4:a3:3d:c9:cd:04 IEEE 802.11: authenticated
Feb 12 07:47:24 gw.home hostapd: wlan1: STA d4:a3:3d:c9:cd:04 IEEE 802.11: associated (aid 1)
Feb 12 07:47:24 gw.home hostapd: wlan1: CTRL-EVENT-EAP-STARTED d4:a3:3d:c9:cd:04
Feb 12 07:47:24 gw.home hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Feb 12 07:47:25 gw.home radsecproxy[9331]: Access-Accept for user XXXXXX stationid D4-A3-3D-C9-CD-04 from x.x.x.x to 127.0.0.1 (127.0.0.1)
Feb 12 07:47:25 gw.home radsecproxy[9331]: replyh: passing Access-Accept to client 127.0.0.1 (127.0.0.1)
Feb 12 07:47:25 gw.home hostapd: wlan1: STA d4:a3:3d:c9:cd:04 RADIUS: VLAN ID 1
Feb 12 07:47:25 gw.home hostapd: wlan1: CTRL-EVENT-EAP-SUCCESS2 d4:a3:3d:c9:cd:04
Feb 12 07:47:25 gw.home hostapd: wlan1: STA d4:a3:3d:c9:cd:04 WPA: pairwise key handshake completed (RSN)
Feb 12 07:47:25 gw.home hostapd: wlan1: AP-STA-CONNECTED d4:a3:3d:c9:cd:04
Feb 12 07:47:25 gw.home hostapd: wlan1: STA d4:a3:3d:c9:cd:04 RADIUS: starting accounting session 8B795B2AA5CF13EF
Feb 12 07:47:25 gw.home hostapd: wlan1: STA d4:a3:3d:c9:cd:04 IEEE 802.1X: authenticated - EAP type: 25 (PEAP)

root@gw:~# brctl show

bridge name	bridge id		STP enabled	interfaces
br-vlan1		7fff.8c3bad4312a9	no		eth0.1
							wlan0
							wlan0.sta1
							wlan0.sta2
br-vlan3		7fff.8c3bad4312a8	no		eth0.3

On my Client AP I get the following error:

Feb 21 21:03:55 OpenWrt hostapd: wlan0-2: STA d4:a3:3d:c9:cd:04 IEEE 802.11: authenticated
Feb 21 21:03:55 OpenWrt hostapd: wlan0-2: STA d4:a3:3d:c9:cd:04 IEEE 802.11: associated (aid 1)
Feb 21 21:03:55 OpenWrt hostapd: wlan0-2: CTRL-EVENT-EAP-STARTED d4:a3:3d:c9:cd:04
Feb 21 21:03:55 OpenWrt hostapd: wlan0-2: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Challenge to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: Access-Accept for user XXXX D4-A3-3D-C9-CD-04 from x.x.x.x to 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt radsecproxy[21219]: replyh: passing Access-Accept to client 127.0.0.1 (127.0.0.1)
Feb 21 21:03:55 OpenWrt hostapd: wlan0-2: STA d4:a3:3d:c9:cd:04 RADIUS: Invalid VLAN 1 received from RADIUS server
Feb 21 21:03:55 OpenWrt hostapd: wlan0-2: STA d4:a3:3d:c9:cd:04 IEEE 802.1X: authentication failed - EAP type: 21 (TTLS)

root@OpenWrt:~# brctl show

bridge name	bridge id		STP enabled	interfaces
br-vlan1		7fff.de9fdb035a45	no		eth0.1
							wlan0-1
							wlan0

The issue was fiexd in a later version, this could be marked solved.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.