Hi,

I figured out an authentication issue on EAP610 V3 according RADIUS authentication. This is my setup:

RADIUS on VLAN 10 (subnet 192.168.10.0/24)

management VLAN 19 (subnet 192.168.19.0/24)

So, the EAP got an ip address on its management interface like 192.168.19.x, so managent VLAN has been enabled on Omada controller and configured correctly. The RADIUS got an ip address like 192.168.10.x and is reachable from the management subnet.

After the EAP is adopted and configured completely by the controller the first time, authentication against the RADIUS works fine. After a reboot, EAP ist no longer able to reach the RADIUS. This is also the case, when I disable management VLAN on EAP, so its interface gots an id address from VLAN 10. Authentication fails.

I also have an EAP225-outdoor (v3, FW 5.0.8). This device has absolutely no problem regarding RADIUS, neither after a reboot.

So, I did some packet captures on the EAP610 as well as on the EAP225 and found a difference in the RADIUS requests:

EAP225 sends the request as followed:

AVP: t=NAS-IP-Address(4) l=6 val=192.168.19.x

EAP610 sends the request this way:

AVP: t=NAS-IP-Address(4) l=6 val=192.168.0.254

I have no idea, why EAP610 uses the subnet 192.168.0.0/24. There is no such subnet in my network at all.

Anybody else having this issue? This not the only issue I have with this EAP, but that's a story for another post...