Client Bridge Using 802.1x on Broadcom SoCs

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
Picchioni
DD-WRT User


Joined: 20 Sep 2006
Posts: 120

PostPosted: Mon Feb 12, 2018 2:36    Post subject: Client Bridge Using 802.1x on Broadcom SoCs Reply with quote
Hi All,
I currently have an R7000 (used as an AP only) that utilizes 802.1x (specifically EAP-TLS) for authentication and has been working like a charm for about a year. Some recent changes to my home network are requiring me to use a client bridge between 2 locations in my house vs a hard wired connection.

I've been attempting to get the 2nd R7000 to connect as a client bridge using 802.1x but so far have been unsuccessful. I can change the wireless network to WPA2-PSK and the 2nd R7000 connects without an issue, so the issues appear to be limited to 802.1x. There's no auth attempts against the freeradius server so it looks like the connection attempt is failing even before it attempts to authenticate. I've been looking at syslog messages to see if it can provide me any hints, but nothing useful.

I haven't found any forum posts that aren't incredibly dated surrounding this setup which isn't too surprising as it really isn't a common use case. But Sash mentioned in a thread from 2011 that Broadcom chipsets can't connect as clients to Enterprise networks/use 802.1x, and I'm wondering if that's still the case or have there been some advancements with that?

Has anyone attempted to setup something similar? Or is it possible to obtain some more verbose logging for the connection attempt that might provide some clues as to what's wrong? I'm using 34800M (2018/02/07) from Kong on both R7000's.

Thanks in advance!
Sponsor
Picchioni
DD-WRT User


Joined: 20 Sep 2006
Posts: 120

PostPosted: Sat Feb 24, 2018 1:27    Post subject: Reply with quote
Selfishly bumping on the off chance someone has some ideas.
_________________
Picch
jwh7
DD-WRT Guru


Joined: 25 Oct 2013
Posts: 2670
Location: Indy

PostPosted: Sat Feb 24, 2018 12:55    Post subject: Re: Client Bridge Using 802.1x on Broadcom SoCs Reply with quote
Picchioni wrote:
But Sash mentioned in a thread from 2011 that Broadcom chipsets can't connect as clients to Enterprise networks/use 802.1x, and I'm wondering if that's still the case or have there been some advancements with that?
I'd guess that is still the case, esp given your observation. The Broadcom driver is a proprietary blob, and they don't have incentive to add enterprise features to it.

Only idea I could suggest, if practical for you, is to dedicate a radio to the client bridge using WPA2-AES, then use the other radio on each R7000 for your 802.1x EAP-TLS. Even better would be to WDS them, but another obscure folk legend that nobody seems to confirm is that Broadcom ARM doesn't work w/ WDS...and/or just that Broadcom MIPS<->ARM doesn't work.

_________________
# NAT/SFE/CTF: limited speed w/ DD # Repeater issues # DD-WRT info: FAQ, Builds, Types, Modes, Changes, Demo #
OPNsense x64 5050e ITX|DD: DIR-810L, 2*EA6900@1GHz, R6300v1, RT-N66U@663, WNDR4000@533, E1500@353,
WRT54G{Lv1.1,Sv6}@250
|FreshTomato: F7D8302@532|OpenWRT: F9K1119v1, RT-ACRH13, R6220, WNDR3700v4
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum