Hi all,

I'm trying to used Free Radius on pfSense to support 802.1X MAC address VLAN assignment with TL-SG3248X switches. It looks like the MAC auth from the TP link switch doesn't send in a format that is supported by the RAIDUS services. The RADIUS is expecting "00-11-22-33-AA-BB" user / password type format but the switch seems to be sending a format like the following "00112233aabb" and not sure if the password is blank or matches the MAC address of the device plugging into the port.

Any attempt to match what it looks like the switch is sending all fails or Radius test client seems to not accept it anything aside from user / password. I'm not sure if the test client will send a proper 802.1X format either. 

If anyone has a working setup please let me know what you did for configuration or reference to a good howto. 

Thanks!

Example of config / error log:

Freeradius configuration files are similar to this:

00-11-22-33-AA-BB Cleartext-Password := "00-11-22-33-AA-BB"
    
    Tunnel-Type = VLAN,
    Tunnel-Medium-Type = IEEE-802,
    Tunnel-Private-Group-ID = "100"

The log output has the following in firewall and also using packet capture:

(5) Login incorrect (Failed retrieving values required to evaluate condition): [00112233aabb/<via Auth-Type = eap>] (from client TPL-Switch01 port 1 cli 00-11-22-33-aa-bb)