I have configured 802.1X RADIUS VLANs following https://openwrt.org/docs/guide-user/network/wifi/wireless.security.8021x
It seems that everything works, however I occationally get these log messages:
Sat Feb 4 03:11:57 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 IEEE 802.11: authenticated
Sat Feb 4 03:11:57 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 IEEE 802.11: associated (aid 1)
Sat Feb 4 03:11:57 2023 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-STARTED 7a:9e:d2:af:b4:61
Sat Feb 4 03:11:57 2023 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Sat Feb 4 03:11:57 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 RADIUS: VLAN ID 1
Sat Feb 4 03:11:57 2023 daemon.notice hostapd: wlan1: CTRL-EVENT-EAP-SUCCESS2 7a:9e:d2:af:b4:61
Sat Feb 4 03:11:57 2023 daemon.err hostapd: VLAN: vlan_add: ADD_VLAN_CMD failed for eth0: File exists
Sat Feb 4 03:11:58 2023 daemon.err hostapd: VLAN: br_addif: Failure determining interface index for 'vlan1'
Sat Feb 4 03:11:58 2023 daemon.err hostapd: VLAN: ifconfig_helper: ioctl(SIOCGIFFLAGS) failed for interface vlan1: No such device
Sat Feb 4 03:11:58 2023 kern.info kernel: [51518.679053] br-vlan1: port 2(wlan1.1) entered blocking state
Sat Feb 4 03:11:58 2023 kern.info kernel: [51518.684948] br-vlan1: port 2(wlan1.1) entered disabled state
Sat Feb 4 03:11:58 2023 kern.info kernel: [51518.691086] device wlan1.1 entered promiscuous mode
Sat Feb 4 03:11:58 2023 kern.info kernel: [51518.696299] br-vlan1: port 2(wlan1.1) entered blocking state
Sat Feb 4 03:11:58 2023 kern.info kernel: [51518.702083] br-vlan1: port 2(wlan1.1) entered forwarding state
Sat Feb 4 03:11:58 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 WPA: pairwise key handshake completed (RSN)
Sat Feb 4 03:11:58 2023 daemon.notice hostapd: wlan1: EAPOL-4WAY-HS-COMPLETED 7a:9e:d2:af:b4:61
Sat Feb 4 03:11:58 2023 daemon.notice hostapd: wlan1: AP-STA-CONNECTED 7a:9e:d2:af:b4:61
Sat Feb 4 03:11:58 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 RADIUS: starting accounting session EEB402F8A0DA8350
Sat Feb 4 03:11:58 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 IEEE 802.1X: authenticated - EAP type: 25 (PEAP)
Sat Feb 4 03:12:04 2023 daemon.info hostapd: wlan0: STA 7a:9e:d2:af:b4:61 IEEE 802.11: authenticated
Sat Feb 4 03:12:04 2023 daemon.info hostapd: wlan0: STA 7a:9e:d2:af:b4:61 IEEE 802.11: associated (aid 1)
Sat Feb 4 03:12:04 2023 daemon.notice hostapd: wlan1: Prune association for 7a:9e:d2:af:b4:61
Sat Feb 4 03:12:04 2023 daemon.notice hostapd: wlan1: AP-STA-DISCONNECTED 7a:9e:d2:af:b4:61
Sat Feb 4 03:12:04 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 RADIUS: stopped accounting session EEB402F8A0DA8350
Sat Feb 4 03:12:04 2023 daemon.notice hostapd: wlan0: CTRL-EVENT-EAP-STARTED 7a:9e:d2:af:b4:61
Sat Feb 4 03:12:04 2023 daemon.notice hostapd: wlan0: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=1
Sat Feb 4 03:12:04 2023 daemon.info hostapd: wlan0: STA 7a:9e:d2:af:b4:61 RADIUS: VLAN ID 1
Sat Feb 4 03:12:04 2023 daemon.notice hostapd: wlan0: CTRL-EVENT-EAP-SUCCESS2 7a:9e:d2:af:b4:61
Sat Feb 4 03:12:04 2023 daemon.err hostapd: VLAN: vlan_add: ADD_VLAN_CMD failed for eth0: File exists
Sat Feb 4 03:12:05 2023 daemon.err hostapd: VLAN: br_addif: Failure determining interface index for 'vlan1'
Sat Feb 4 03:12:05 2023 daemon.err hostapd: VLAN: ifconfig_helper: ioctl(SIOCGIFFLAGS) failed for interface vlan1: No such device
Sat Feb 4 03:12:05 2023 kern.info kernel: [51525.688197] br-vlan1: port 3(wlan0.1) entered blocking state
Sat Feb 4 03:12:05 2023 kern.info kernel: [51525.694012] br-vlan1: port 3(wlan0.1) entered disabled state
Sat Feb 4 03:12:05 2023 kern.info kernel: [51525.700328] device wlan0.1 entered promiscuous mode
Sat Feb 4 03:12:05 2023 kern.info kernel: [51525.705514] br-vlan1: port 3(wlan0.1) entered blocking state
Sat Feb 4 03:12:05 2023 kern.info kernel: [51525.711336] br-vlan1: port 3(wlan0.1) entered forwarding state
Sat Feb 4 03:12:09 2023 daemon.info hostapd: wlan0: STA 7a:9e:d2:af:b4:61 IEEE 802.11: disassociated
Sat Feb 4 03:12:13 2023 daemon.info hostapd: wlan0: STA 7a:9e:d2:af:b4:61 IEEE 802.11: deauthenticated due to local deauth request
Sat Feb 4 03:12:13 2023 kern.info kernel: [51533.829848] br-vlan1: port 3(wlan0.1) entered disabled state
Sat Feb 4 03:12:13 2023 kern.info kernel: [51533.839603] device wlan0.1 left promiscuous mode
Sat Feb 4 03:12:13 2023 kern.info kernel: [51533.844407] br-vlan1: port 3(wlan0.1) entered disabled state
Sat Feb 4 03:12:13 2023 daemon.err hostapd: VLAN: br_delif: Failure determining interface index for 'wlan0.1'
Sat Feb 4 03:12:34 2023 daemon.info hostapd: wlan1: STA 7a:9e:d2:af:b4:61 IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)
Sat Feb 4 03:12:34 2023 kern.info kernel: [51555.264924] br-vlan1: port 2(wlan1.1) entered disabled state
Sat Feb 4 03:12:34 2023 kern.info kernel: [51555.274569] device wlan1.1 left promiscuous mode
Sat Feb 4 03:12:34 2023 kern.info kernel: [51555.279322] br-vlan1: port 2(wlan1.1) entered disabled state
Sat Feb 4 03:12:34 2023 daemon.err hostapd: VLAN: br_delif: Failure determining interface index for 'wlan1.1'
My network looks like this
config interface 'VLAN1'
option device 'br-vlan1'
option proto 'dhcp'
config device
option name 'br-vlan1'
option type 'bridge'
list ports 'eth0.1'
and my wireless like this
config wifi-iface 'default_radio0'
option device 'radio0'
option mode 'ap'
option ssid 'SSID'
option auth_server '10.165.40.156'
option acct_secret 'SECRET'
option encryption 'wpa2'
option nasid 'ae36-750'
option ieee80211w '2'
option auth_secret 'SECRET'
option acct_server '10.165.40.156'
option ieee80211r '1'
option ft_over_ds '1'
option ft_psk_generate_local '1'
option dynamic_vlan '2'
option 'vlan_tagged_interface' 'eth0'
option 'vlan_bridge' 'br-vlan'
option 'vlan_naming' '0'
config wifi-iface 'default_radio1'
option device 'radio1'
option mode 'ap'
option ssid 'SSID'
option auth_server '10.165.40.156'
option acct_secret 'SECRET'
option encryption 'wpa2'
option nasid 'ae36-750'
option ieee80211w '2'
option auth_secret 'SECRET'
option acct_server '10.165.40.156'
option ieee80211r '1'
option ft_over_ds '1'
option ft_psk_generate_local '1'
option dynamic_vlan '2'
option 'vlan_tagged_interface' 'eth0'
option 'vlan_bridge' 'br-vlan'
option 'vlan_naming' '0'
Is there a misconfiguration, or is this expected?