[PacketFence-users] Moxa RKS-G4028 (Next-gen OS v4.x) integration experience

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi all,

I'm scoping a deployment of PacketFence for an OT network segmentation project. The wired access layer is built on Moxa industrial switches — specifically the RKS-G4028 series running Next-gen OS v4.x. Before committing to PacketFence as the NAC platform I'd like to hear from anyone who has done (or attempted) integration with this hardware.

Use case:

- 802.1X EAP-TLS authentication for service laptops (Windows in AD domain, certificates from Microsoft AD CS or other)

- Dynamic VLAN assignment via RADIUS (RFC 3580 Tunnel-* attributes)

- No captive portal, no BYOD in current scope

- Likely future need: RADIUS CoA for SIEM-driven quarantine

Specific questions:

1. Has anyone successfully integrated Moxa RKS-G4028 (or any Moxa managed switch on Next-gen OS v4.x) with PacketFence? If so, which switch module did you use — Generic, or something more specific?

2. Does Moxa Next-gen OS v4.x reliably honor RADIUS-assigned dynamic VLAN (Tunnel-Type=VLAN, Tunnel-Medium-Type=802, Tunnel-Private-Group-ID)? Public Moxa documentation is not explicit on this and I'd rather hear from someone who tested it than guess.

3. Does it support RADIUS CoA/Disconnect-Request (UDP 3799)?

4. Any gotchas with MAC Authentication Bypass (MAB) on this platform — particularly around how Moxa names the feature and whether reauthentication intervals work as expected?

5. SNMP integration — does PacketFence's SNMP-based port management work with Moxa MIBs out of the box, or does it require custom OIDs?

If nobody has direct experience with RKS-G4028 specifically, experience with other Moxa managed switches (EDS series, MRX) would also be useful — I'd like to understand whether Moxa as a vendor is generally workable with PacketFence or if I should be looking at alternatives.

Thanks in advance,

Daniel