dever23b
commented
4 years ago I just checked this repo to see if anyone had found a supported solution for this, because I'm trying to take another stab at it. I haven't figured out a permanent solution yet, but you're not alone. What I've figured out so far is that Unifi switches, by default, block the EAPOL packets, so this script isn't able to do its magic. The only supported (something in the Unifi controller that will survive reboots) configurations I've found assume that you're setting up EAP on your own network, with an authentication server you control.
The workaround I've come up with so far is to access the administration console directly on the switch and manually tweak things. Unfortunately, this type of tweaking will not survive a reboot: upon reboot, the switch will re-provision and lose the changes, so this isn't nearly suitable for a permanent fix.
That being said, hopefully this helps or helps someone else get started with a better solution. I've found that if you enable "EAPOL Flood Mode" in the switch, the switch will stop filtering EAP packets and allow this script to do its magic. I've brought this issue up with Ubiquity and their helpful response was to confirm what I already knew: "it's not possible in the GUI at this time." So, basically, "kick rocks."
To enable EAPOL Flood Mode: 1) SSH into the switch directly 2) telnet localhost 3) enable 4) configure 5) dot1x eapolflood
Command 5 is a toggle between "enable" and "disable".
abulgatz
jaysoffian
I have had eap_proxy working for a while on my ER-4, with eth0 going to the AT&T ONT and eth1 going to the AT&T gateway.
I've recently re-arranged my rack, and it would be nice if I could go from ER-4 eth0 -> Unifi switch -> AT&T ONT.
On my US-48-500W Unifi switch I created a new VLAN 4000 (att_ont) and assigned it as the native untagged VLAN to ports 47 and 48. My wiring is then:
However, this doesn't work. Any ideas why, or how to make it work?