[Bug] Omada Controller, EAP245 AP not sending Access-Request to Radius Server
Dear Team,
We have observed a bug with the EAP245 Firmware configured to Authenticate the WiFi Users using Mac Based Authentication Radius Profile with Dynamic VLAN Assignment.
When a user tries connecting to the WiFi SSID the AP properly sends a "Access-Request" and the Radius Server successfully authenticate the request and gives a "Access-Accept" packet to the AP with VLAN ID and we observe that Connection is assigned the VLAN Properly but if the client disconnects the WiFi and Tries to connect back within 5 seconds the AP successfully allow that user connection with no vlan assigned back and also don't send a "Access-Request" again to the Radius Server seems it uses some kind of cache but looses the information about the Assigned VLAN ID and if user tries connecting back after about 1 minute it properly asks the Radius Server about the authentication and properly assign the defined VLAN ID.
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Dear @Nitin-Lohchab,
Nitin-Lohchab wrote
We have observed a bug with the EAP245 Firmware configured to Authenticate the WiFi Users using Mac Based Authentication Radius Profile with Dynamic VLAN Assignment.
When a user tries connecting to the WiFi SSID the AP properly sends a "Access-Request" and the Radius Server successfully authenticate the request and gives a "Access-Accept" packet to the AP with VLAN ID and we observe that Connection is assigned the VLAN Properly but if the client disconnects the WiFi and Tries to connect back within 5 seconds the AP successfully allow that user connection with no vlan assigned back and also don't send a "Access-Request" again to the Radius Server seems it uses some kind of cache but looses the information about the Assigned VLAN ID and if user tries connecting back after about 1 minute it properly asks the Radius Server about the authentication and properly assign the defined VLAN ID.
Thank you for your valued feedback!
Sorry for the delayed response. The issue you reported in this post has been fixed in the 5.0.4 firmware.
Please upgrade the firmware for confirmation. Cheers!
- Copy Link
- Report Inappropriate Content
Dear @Nitin-Lohchab,
Nitin-Lohchab wrote
We have observed a bug with the EAP245 Firmware configured to Authenticate the WiFi Users using Mac Based Authentication Radius Profile with Dynamic VLAN Assignment.
When a user tries connecting to the WiFi SSID the AP properly sends a "Access-Request" and the Radius Server successfully authenticate the request and gives a "Access-Accept" packet to the AP with VLAN ID and we observe that Connection is assigned the VLAN Properly but if the client disconnects the WiFi and Tries to connect back within 5 seconds the AP successfully allow that user connection with no vlan assigned back and also don't send a "Access-Request" again to the Radius Server seems it uses some kind of cache but looses the information about the Assigned VLAN ID and if user tries connecting back after about 1 minute it properly asks the Radius Server about the authentication and properly assign the defined VLAN ID.
Thank you for your valued feedback!
Sorry for the delayed response. The issue you reported in this post has been fixed in the 5.0.4 firmware.
Please upgrade the firmware for confirmation. Cheers!
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Dear @Nitin-Lohchab,
Nitin-Lohchab wrote
Dear Fae Thankyou for your reply. I have upgraded the firmware to the newer version using the Custom Firmware option and everything is working fine in the newer firmware as required. Thankyou for fixing this bug in the newer firmware.
Thank you for your valued feedback! Glad to hear that your concern was resolved finally.
For some reason this version was not showing when using the Check for Update option via the Omada Controller.
To speed up the firmware upgrade progress, the EAP245 V3 5.0.4 firmware was released to the official website directly bypassing the cloud. So you didn't find this new firmware by the Check for Update option. This firmware will be released to the cloud shortly by the way.
- Copy Link
- Report Inappropriate Content
Dear Fae,
I think we're having same issues with our EAP225-Wall and EAP235-Wall. We also use Radius based VLAN assignment and sometimes some users get in the wrong VLAN1.
When I trigger a reconnect via the webinterface, the devices mostly get in their designated VLAN.
Is it possible that this bug is also in the older firmware versions of these other access points?
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 1000
Replies: 4
Voters 0
No one has voted for it yet.