[SilverstarX]

Hello fellows,

I'm building a little network for my comrades and myself and now I guess I hit a (hopefully only gui based) border.
I'd like to establish a VAP for every user so they/I can change the key without every other user having to reset their wifi settings and also putting everyone into a vlan through that.

But I noticed that on two different routers, E4200 with kingkong build 22200M and RT-N16 with initial flash image SVN14896, mega SVN24160 and mega SVN24461 (so I guess it isn't caused by a specific build), I can only add up to three VAPs.

Is it only a limit enforced by dd-wrt to protect from overusing or maybe a limitation of the broadcom chipsets?
I even tried setting up wl0.4 for testing purposes manually by adding the necessary nvram variables and it shows up in the web gui perfectly fine, but it isn't working. Obviously, the wl0.4 device isn't created, but I wasn't able to do it by myself with ifconfig and wl.
There, I am at my wit's end.

Please tell me that it is possible to add more VAPs, and how. I am quite experienced using the console and linux in general, but dd-wrt keeps me within bounds sometimes.
I'd like to avoid setting up multiple routers to get more than four (RT-N16, because I can add/exchange external antennas without soldering) BSSIDs.
There won't be much traffic on the wifis, mostly phones and tables without ethernet adapters, of course, and I need the VAPs to seperate them into vlans.

Thanks in advance for any reply.

[80sguitartist]

Interesting. If there were a limit I never would have guessed it would have been just three. I use the RT-N16 quite often and I'm usually just setting up a "Guest" interface that user's connect to. Definitely get why you want to have a VAP for each user but I wonder if that's "by design" to limit the number of VAPs

[SilverstarX]

Thank you 80sguitartist for your reply.

But my question is still unanswered.
Can somebody please tell me how to set up more than three VAPs?

Thank you.

[athurdent]

If the only goal were to have different passwords/keys for each user, you could use WPA2 Enterprise with FreeRADIUS or any other RADIUS implementation. No need for different VAPs then. Every user could have his own username/password and/or certificate and change that on the RADIUS server if needed.
As VLANs are not very intuitive to configure via GUI or console (at least for me), I have given up on them. And there's also a VID limitation on some(most?) routers. You can only use ID 1-15, not the whole range.

[SilverstarX]

Yes, I know that. But in that case, I can't put them into seperate vlans afaik. And devices like the ps4 aren't capable of 802.1x.

I got my head wrapped around vlans, so no problem for me, and 15 IDs are enough for my setup.

So the only thing is the VAP count.
Where are the brains? Brainslayer? eko? redhawk0?

[SilverstarX]

Bump

Would like to hear something. Isn't it possible? Is it? How?

[Jonathan]

Sorry to dredge up an old thread, but has there been any thought regarding increasing the number of VAPs per band? It's still set at three (four total SSIDs per band) after all these years...

I have more than four VLANs on my network, and would like to be able to access them without having to divide them up among multiple access points.

[Jonathan]

As a follow-on to this, does anyone know what the process might be to manually add additional VAP/BSSIDs? If the GUI isn't going to be modified, I'm curious how to do it by command line.

In the NVRAM, there are quite a few settings for each virtual interface. Obviously, those can be duplicated (with slight modifications) for additional interfaces, but I suspect that won't be enough. Would an additional startup "ifconfig" adding more interfaces also be necessary? What else would be involved?

[SilverstarX]

Hey Jonathan,
I was very surprised to get a new reply notification on this topic after the years
Like you, I am still interested in this topic as it would have some use cases where more VAPs are possible.

I didn't try it in more recent versions but as I said in the opening post, I wasn't able to create more by console with nvram and wl / ifconfig. That being said doesn't mean it is impossible, just I wasn't capable.

Sadly, nobody said if it is a driver / chipset / kernel / whatever restriction or if we just didn't take a step.

[Jonathan]

Thanks, SilverstarX.

I have to believe it's a firmware/settings issue - I've read elsewhere on the forums that the limit was arbitrarily set by DD-WRT programming, probably to keep the GUI page from getting out of control. Still hoping for a non-multiple-access-point solution.

[Per Yngve Berg]

A workaround is to have one SSID that is open and without encryption.
After you have connected to the AP, use a VPN client that connect to one VPN server for each VLAN.