Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 7 replies
  • Subscribers 29 subscribers
  • Views 2843 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

802.1x Authentication/wpa_supplicant for XG

Jay Jay

Environment: Home use

My fiber ISP uses 802.1x for authentication.  On utm I can achieve this through the use of wpa_supplicant.  XG does not appear to contain any package manager to install additional modules.

What means are there to install this to the system?  If no means, what is the underlying OS?  Perhaps something can be compiled instead?



This thread was automatically locked due to age.
Parents
  • 0

    Yes...something that is easier to do on UTM because you have a little more access to the kernel.  I think Sophos would have to supply the 802.1x authentication, which, actually, is already contained in the software, I believe, at the wireless authentication level.

    They would have to supply this at the interface level, but they also would have to allow VLAN id 0.

    Eric

Reply
  • 0

    Yes...something that is easier to do on UTM because you have a little more access to the kernel.  I think Sophos would have to supply the 802.1x authentication, which, actually, is already contained in the software, I believe, at the wireless authentication level.

    They would have to supply this at the interface level, but they also would have to allow VLAN id 0.

    Eric

Children
  • 0 in reply to Eric Kasper

    This is most likely the case.

     

    FWIW, I understand why the OP is looking for this ability...

    <RANT>

    The nonsensical requirement to use AT&T's poorly engineered CPE devices to "authenticate" to their Uverse / Fiber network is one of the reasons I got rid of them.  I'll never understand their desire to hamper what would otherwise be a very good service with this.  I do know of people using their gear in Passthru / DMZ mode and things generally work, but sometimes that can get testy after a ATT CPE gear firmware upgrade.  Way to make something simple, complicated, ATT!

    </RANT>

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to Eric Kasper

    @Eric, I'm not sure how important that vlan0 tagging is.  At present, UTM is under esxi with the wan interface in pass through mode.  That is utm has full/direct access to the wan nic.  I didn't have to do anything related to vlan 0 tagging to get wpa_supplicant to authenticate or pass regular traffic.

     

    @Bruce,yes you are correct.  Att still living in the dark ages.  Maybe the gateway was needed with dsl/vdsl, but with fiber it's just another tracking device from what someone who's decompiled the firmware has found out.

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?