802.1X VLAN Assignment with Omada-Controller
Hi,
i've started to change my network to new TP-Links devices as shown above. All devices are adopted by a Linux-Docker based Omada-Controller.
I tried to enable Radius-based authentification with 802.1X and configured Omada as shown here:
Using a Freeradius Dockercontainer, i can see that the Radiusserver is answering with correct Parameters:
Wed Feb 1 08:40:49 2023
Packet-Type = Access-Accept
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = "100"
Reply-Message = "Hello, testkamera"
Timestamp = 1675237249
But the Switch isn't changing the VLAN for the configured an 802.1X activated Port. I can see, that the connected device is still asking for a IP in the Management-VLAN.
Then i tested with a Radius-Server for Windows, TekRADIUS. It's the same behavior:
01.02.2023 14:07:12.634 - RadAuth reply to : 172.xx.xx.xxx:53550 (Success)
Size : 73
Identifier : 171
Attributes :
Tunnel-Medium-Type = 6
Tunnel-Type = 13
Tunnel-Private-Group-ID = 100
User-Name = testkamera
I have deleted the Switch from Omada and configured the switch locally as described here:
Now, the Switch is asking the Radius-Server for access like before, but then its changing the VLAN as shown in the answerpaket. Both Portbased Authentificaten and MAB are running fine.
I have tried almost all possible Configurations in Omada, but the 802.1x-enabled Ports stays in the Management-VLAN (or the preconfigured VLAN).
I hope somebody can assist me with my problem. Thank you.
Regards, Daniel