NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
WAX220 WPA2-Enterprise help with VLAN?
I have 3 WiFi networks configured like so: ESSID_1 - 5gz only - WPA2-Personal - VLAN 101 ESSID_2 - 2.4ghz only - WPA2-Personal - VLAN 107 ESSID_3 - 2.4ghz and 5ghz - WPA2-Personal + fast roamin...
Looks like the RADIUS traffic supposed to be directed the management VLAN goes massively wrong.
I didn't want to jump to any conclusions but if WPA2&3-Enterprise works for me once I get the chance to re-configure the WAX220 and my firewall to NOT use VLANs, then I think we might have a problem here đ€Ł
Provided the WAX220 plays nicely with freeradius's vlan assignment and properly isolates users to their VLANs, it could conceivably be a solution, but unfortunately not good enough for me, because:
What's the point in being able to have multiple ESSIDs on separate VLANs if I can't mix and match the security? In my case, I have several IoT devices that are incapable of dot1q and dot1x. If I disable all VLAN capability in the WAX220's configuration and rely on my radius server to assign users to VLANs, my assumption is that an ESSID with WPA2-Personal, for example, would probably work - but would be untagged - and would not adhere to my security requirements.
Also, if this is indeed some kind of bug. What's your best guess of whether netgear will address it, and in what kind of timeframe? Should I take this loss and pay up for a more capable brand?
MikeD1234 if you have a minute to put up a similar environment. Can reproduce it here on my v1.0.3.0 WAX220. Work for QA and engineering. Thank you!
Identical in the point that no RADIUS communication is initiated on the management VLAN. Not close enough to the device to check if there is junk data emitted instead.
Regards,
-Kurt
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
