Hi Everyone, I’m seeking assistance with 802.1x security support using OpenBSD 7.3 as a firewall/router.
Here’s a depiction of my setup: I am attempting to use 802.1x security on a client VM. **RADIUS Server VM (Ubuntu OS)** ------ connected -------- **Authenticator VM (Ubuntu OS)** --------------connected ----- **(vic0) OpenBSD Router (vic1)** --- **Client VM (Ubuntu)** When the OpenBSD Router is not present, everything functions correctly. With OpenBSD router, When 802.1x security is disabled, pinging between all VMs works, and the interface is able to connect. On OpenBSD: - I have created a bridge. - Added two interfaces, vic0 and vic1, into bridge0. - Allowed `net.ip.inet.forwarding=1`. - In pf.conf added 'pass all' one rule only. The RADIUS Server authenticates the client request. The Authenticator VM passes the packets to the server using the hostapd utility. On the client, I am using a UI-based method to set up the 802.1x security. My question is: Why are EAPOL packets not being forwarded by the OpenBSD Router? Am I missing something? Please suggest any options if you have any ideas. Regards Yogendra
