GL-XE3000 Enterprise WPA2/WPA3-EAP

ckid · February 21, 2024, 2:13pm

I am trying to set this up according to this:

a) I have 2 to freeradius servers running and they work but the GL-XE3000 never even sends the request there.

One is local 127.0.0.1 and the other 192.168.8.104
I verified with
radtest user1 user1 192.168.8.104:1812 0 testing123
and
radtest user1 user1 127.0.0.1 :1812 0 testing123

that it works locally and from remote.

Image has wrong example IP. In Tests it is the correct one of course.

But when I connect with a client to the wifi the GL-XE3000 never even sends a request to any of the radius servers.

I also tried all marked options.

I tried 2Ghz and 5Ghz networks. Doesn’t work.

Basically all I want to achieve is a enterprise network accepting just username/password.

Simple EAP. Nothing fancy.

Can you help me or provide resources to fix this?

I am trying this already since over a week.

Thank you for your support!
I love your products . Own already 5+ devices from your company. They are the best!

SpitzAX3000 · February 21, 2024, 7:46pm

How did you confirm that the gl modem did not send a request to your freeraduis?

And btw the one that is listening on the local host interface of 127.x.x.x will never be reachable from the gl modem.

ckid · February 22, 2024, 7:25am

I am watching the Radius logs.

The 127.0.0.1 is running on the gl router itself. So it is reachable.

So I can clearly see the requests arriving and getting processed on both Radius servers from remote and local when triggering them manually.

SpitzAX3000 · February 22, 2024, 7:26am

You should have clarified that.

ckid · February 22, 2024, 7:27am

But yeah after clearing this up I hope for ideas

SpitzAX3000 · February 22, 2024, 7:55am

I ready that but I thought local on another machine not on the modem itself.

The radtest you executed in the gl device or from another machine?

Can you login into gl shell and enable radius debug logs ?

How did you install and configured freeradius on openwrt? You might be missing some configurations ?

How can you run two freeradius instances in the same port?! Can you run netstat -tuplna and check the ports?

ckid · February 22, 2024, 9:04am

I execute radtest locally on the GL , from my machine in the same network and from a remote machine over vpn. They all trigger the request and it arribves and the access is granted.

Yes, I am seeing these debug logs, both on the 192.168.8.104 and on the gl-radius.
Both show radtest working.

I basically follow this guide:

Now, rereading it I think I will focus now on

PEAP/MS-CHAPv2 testing specifically.

The strange thing is I have the setup working on a microtik router and that one sends the requests to the radius. Only works on Ubuntu and not on Windows/Android but that is another issue I guess. All i need is it working for an IoT device.

So the problem is, as you say, on the config of the GL router right now.

Not running on two ports. On two different machines.
One is a rocky9 vm, The other one is on the GL router installed via opkg.

The ports work. All that is ok and tested multiple time. And only one port 1812 of course.

The GL router is not sending any requests when a client tries to connect.
Also checked the system logs but nothing visible there regarding the wifi.

ckid · February 22, 2024, 11:49am

Little update:

I can connect to the Microtik-> Radius Variant without problems from Ubuntu 23.10.

Still no dice with GL Router.

Windows 11 Laptop, not working
Huawei Mate 10 Android , works
Huawei Mate P20 Android, works
MokoSmart 107 35D , not working → That’s the one I want to get working above all.
Ubuntu 23.10 works