RADIUS Authentication with VLans on same inteface



  • Hey All,

    Hope this is the right section as it appears to possibly be an issue with the AP or some setting i'm not trying.. So I have two interfaces, LAN/WAN, with 3 VLans setup on the LAN Interface. The LAN Interface (192.168.0.55) is connected to a netgear prosafe gs116ev2 (192.168.0.56) with VLans 20 (WiFi, 192.168.20.56), 30, and 40 configured. I installed the FreeRADIUS package on PFSense and wanted to try using RADIUS authentication for WiFi. I configured the interfaces on FreeRadius to be * on port 1812. When i configure the WiFi AP to be on the same subnet or VLan as the LAN interface, i am able to authenticate to the radius server. When I configure the WiFi AP with it's LAN IP as 192.168.20.56, and the NAS/Client as 192.168.20.56, I am unable to authenticate, and it generates no logs. I have setup port mirroring on both the trunk/tagged and the untagged port that the AP is plugged into, and I am not seeing any RADIUS traffic in Wireshark when the AP is on the 20 VLan, but I do obviously see the traffic when it is not on the 20 VLan.

    Thoughts?

    Thanks!

    Chris



  • You're feeding pfSense a trunk with all VLANs tagged or is that switch in L3 mode and does routing?


Log in to reply