I would like to source all dot1x authentication requests for ports in the default/root vrf in a 7010T-48 Arista switch using the Management interface which is part of a separate VRF named Mgmt.
If I source a ping using the command “ping vrf Mgmt ” it is reachable 100% of the time, but authentication requests never make it to the radius server.
If I move the Management interface back to the default/root VRF (basically remove the command “vrf forwarding Mgmt” from the management interface”, then dot1x requests make it to the Radius server.
Does anyone know if this is a supported use/scenario? Or will I need to create a loopback interface or an SVI to source radius packets from the default/root vrf for dot1x auth requests?