OPNsense Forum

Archive => 22.7 Legacy Series => Topic started by: dilbar on September 19, 2022, 12:22:48 pm

Title: Bridge/transparent/ interface passing dot1x
Post by: dilbar on September 19, 2022, 12:22:48 pm

Hi there,
I have OPNsense installed on Checkpoint chassis, igb0 and igb1 are bound as bridge interface. Need to protect traffic with IPS between users and environment. Users using dot1x auth cannot authenticate. Is there any setting to allow or disallow to do?. I see that EAPOL packet are coming to bridge interface.
Thanks.

Title: Re: Bridge/transparent/ interface passing dot1x
Post by: Patrick M. Hausen on September 19, 2022, 10:50:23 pm

You might need to take that question to the freebsd-net mailing list. I can tell you that the bridge interface does not support .1q. I would be surprised if it supported .1x, but I honestly don't know.

https://lists.freebsd.org/subscription/freebsd-net

Title: Re: Bridge/transparent/ interface passing dot1x
Post by: zeon on September 20, 2022, 12:45:03 am

.1q vlans won't be able to communicate over the bridge if only you mix tag/no tag on the bridge. Even if you need such a setup you could still to use ng_bridge instead.