search

MonkWho / pfatt

Enable true bridge mode for AT&T U-Verse and pfSense (this is a fork of an original repository https://github.com/aus/pfatt. Since it is not available anymore, I'll do my best to maintain a copy for people that still need a bypass)
449 stars 175 forks source link

Is RG_ETHER_ADDR needed in supplicant mode? #66

Open owenthewizard opened 2 years ago

owenthewizard commented 2 years ago

I use the attached script (slightly modified) for supplicant mode on OPNsense 21.7.1, and I just use EAP_SUPPLICANT_IDENTITY for everything. Everything works fine. 99-opnatt.txt

bigjohns97 commented 2 years ago

Would like to know the answer to this as well, I didn't extract my certs I purchased them.

owenthewizard commented 2 years ago

Would like to know the answer to this as well, I didn't extract my certs I purchased them.

You purchased them? So you paid someone to extract them for you? Sounds like you got scammed.

bigjohns97 commented 2 years ago

Would like to know the answer to this as well, I didn't extract my certs I purchased them.

You purchased them? So you paid someone to extract them for you? Sounds like you got scammed.

LOL

zimmra commented 2 years ago

I too would like to know this, or if RG_ETHER_ADDR should be the same as EAP_SUPPLICANT_IDENTITY

I also purchased certificates (not a scam @owenthewizard , it's relatively common and it works great for me on Unifi)

I can deduce that EAP_SUPPLICANT_IDENTITY should be matching the certificates I received, what I don't know is if RG_ETHER_ADDR should also be this mac address, or if it should match my actual AT&T gateway

aholmes55 commented 1 year ago

I can deduce that EAP_SUPPLICANT_IDENTITY should be matching the certificates I received, what I don't know is if RG_ETHER_ADDR should also be this mac address, or if it should match my actual AT&T gateway

EAP_SUPPLICANT_IDENTITY should match the certificates. RG_ETHER_ADDR should be the mac address of your current AT&T-provided residential gateway.

owenthewizard commented 1 year ago

I can deduce that EAP_SUPPLICANT_IDENTITY should be matching the certificates I received, what I don't know is if RG_ETHER_ADDR should also be this mac address, or if it should match my actual AT&T gateway

EAP_SUPPLICANT_IDENTITY should match the certificates. RG_ETHER_ADDR should be the mac address of your current AT&T-provided residential gateway.

That is the conventional wisdom yes, but I use EAP_SUPPLICANT_IDENTITY for both even though my certificates are not from my assigned RG, and everything still works.