First off this is something I'm trying to achieve. At the moment it's a huge work in progress.
The end goal is to be able to use the eap proxy (https://github.com/kangtastic/eap_proxy) on the utm box itself to authenticate the ONT to the gateway. The utm should then receive the public IP and manage all traffic between WAN and LAN.
This is roughly models after this thread - https://www.dslreports.com/forum/r31900599-ATT-TrueBridge-Mode-for-for-Ubiquity-Security-Gateway-USG
So far the first limitation is utm does not allow vlan 0 to be defined in the UI. This is not entirely a deal breaker as it's possible to define it in the shell. My wan port is on eth1.
# vconfig add eth1 0
This defines interface eth1.0 to vlan 0 .
I think the next step would be to configure it for dhcp.
Then the interface for the ONT gateway needs to be defined similarly. Lets say that's on eth2.0 .
The proxy would handles the eap authentication. Things get more interesting from here. The utm already has wan configured at eth1. Somehow eth1 and eth1.0 needs to be bridged so traffic can pass.
That's as far as I get with the framework on how to make this work. Thoughts, suggestions, maybe someone has already implemented this in a different way?
↧