Forward 802.1x client packets to RADIUS


I'm running Fedora 23 as my host with KVM and VMware Workstation Pro 12. I'm running Cumulus VX in KVM. I need to see if I can configure it to forward 802.1x packets to my RADIUS server; Fortinet FortiAuthenticator. I can't find any commands or any examples. From this datasheet, it looks like 802.1x is supported:

http://www.penguincomputing.com/wp-content/uploads/2015/04/arctica-3200xl-cumulus-os.pdf

Thanks for your feedback!

1 reply

Userlevel 3
Chris,

It's best to check the Cumulus web site for the features which are supported on Cumulus Linux, not a switch vendor's WEB site. In this case they got it wrong. Cumulus Linux does not support 802.1x. At least not yet.

If all you want to do is forward 802.1x packets, you might be able to configure an ACL rule to match on Ethertype 0x888E. I'm not certain on this, as I haven't done it, but it's at least an avenue to pursue. But I suspect you'll need more than forwarding of 802.1x packets to your authenticator. You probably need to block all other traffic from non-authenticated hosts, and then allow traffic once authentication has occurred. It's an open platform and you can certainly code this up. But that's a lot more work than what you were probably expecting.

Scott

Reply