Bridge/transparent/ interface passing dot1x

Started by dilbar, September 19, 2022, 12:22:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 19, 2022, 12:22:48 PM
Hi there,
I have OPNsense installed on Checkpoint chassis, igb0 and igb1 are bound as bridge interface. Need to protect traffic with IPS between users and environment. Users using dot1x auth cannot authenticate. Is there any setting to allow or disallow to do?. I see that EAPOL packet are coming to bridge interface.
Thanks.
September 19, 2022, 10:50:23 PM #1
You might need to take that question to the freebsd-net mailing list. I can tell you that the bridge interface does not support .1q. I would be surprised if it supported .1x, but I honestly don't know.

https://lists.freebsd.org/subscription/freebsd-net
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
September 20, 2022, 12:45:03 AM #2
.1q vlans won't be able to communicate over the bridge if only you mix tag/no tag on the bridge. Even if you need such a setup you could still to use ng_bridge instead.
Print
Go Up Pages1
User actions