I’m trying to bypass an ISP-issued gateway router with my CCR1009 7G (no switch chip), which involves redirecting EAP packets to the ISP hardware (for authentication).
On a Mikrotik router with a switch chip, the following switch rules would achieve this:
But since my CCR does not have a switch chip, is there any workaround that can be used to achieve this? Can “bridge filtering” be used for this purpose?
I tried. I created a bridge filter, and filtered by mac-protocol 0x888e. I can see the EAP packets coming from the ISP RG, but the problem is I can’t do anything with it. The filter only allows me to accept drop etc. I need to redirect those packets. I also tried the bridge NAT, which I believe is processed before the bridge filter, but it can’t see any packets with that mac protocol.
I’m considering buying a Mikrotik switch to do this.
Quick question: can SWOS’s web GUI achieve this feature? Or does it have to be a full blown RouterOS based switch?