Forward 802.1x client packets to RADIUS

  • 3
  • Question
  • Updated 2 years ago
I'm running Fedora 23 as my host with KVM and VMware Workstation Pro 12. I'm running Cumulus VX in KVM. I need to see if I can configure it to forward 802.1x packets to my RADIUS server; Fortinet FortiAuthenticator. I can't find any commands or any examples. From this datasheet, it looks like 802.1x is supported:

http://www.penguincomputing.com/wp-content/uploads/2015/04/arctica-3200xl-cumulus-os.pdf


Thanks for your feedback!
Photo of chris hallman

chris hallman

  • 90 Points 75 badge 2x thumb

Posted 2 years ago

  • 3
Photo of Scott Emery

Scott Emery, Official Rep

  • 980 Points 500 badge 2x thumb
Chris,

It's best to check the Cumulus web site for the features which are supported on Cumulus Linux, not a switch vendor's WEB site. In this case they got it wrong. Cumulus Linux does not support 802.1x. At least not yet.

If all you want to do is forward 802.1x packets, you might be able to configure an ACL rule to match on Ethertype 0x888E. I'm not certain on this, as I haven't done it, but it's at least an avenue to pursue. But I suspect you'll need more than forwarding of 802.1x packets to your authenticator. You probably need to block all other traffic from non-authenticated hosts, and then allow traffic once authentication has occurred. It's an open platform and you can certainly code this up. But that's a lot more work than what you were probably expecting.

Scott