Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Mon Mar 04, 2024 12:00 Post subject: Re: Using 1 SSID only but multiple username
Ti-Rick wrote:
I want to be able to use only 1 SSID but having multiple username to access it. Each user would then be assign to a certain VLAN. For example...
....
1. Multiple user names: Enable FreeRadius
2. Instead of using different VLAN, use diffent virtual wirelsss interface (VAP) aka Guest Wifi _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
Alright, so assuming I'll go with a router that can manage a few virtual wireless interface (VAP)
Here's what I need...
- a router that manage 20 differents VAP. If that's not possible, at least 10 so I can use only 2 routers
- Can I configure each VAP with a certain DHCP range ? For example...
- VAP01 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.161.100 to .150
- VAP02 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.162.100 to .150
- VAP03 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.163.100 to .150
...
- VAP20 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.180.100 to .150
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Mon Mar 04, 2024 17:18 Post subject:
Ti-Rick wrote:
- Can I configure each VAP with a certain DHCP range ? For example...
- VAP01 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.161.100 to .150
- VAP02 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.162.100 to .150
- VAP03 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.163.100 to .150
...
- VAP20 = IP ADDRESS AVAILABLE FROM DHCP BETWEEN 10.106.180.100 to .150
You can unbridge each VAP, then setup a DHCP server for each of them!! Start with one VAP to test this method! You might need help. _________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!
First, I did enable the JFFS2 Support "Internal Flash Storage" located in ADMINISTRATION / MANAGEMENT, then I turn to ENABLE FreeRadius located in SERVICES but it won't generate the certificate.
Can the router act as the FreeRadius Server or we need an computer or USB key plug on the router? If the router can actually be used as a server, does the router needs internet access in order to generate the certificate? I'm currently working on it without any internet access.
I've looked everywhere on the site but I can't find any tutorial about "FreeRadius". Do you know where I can't find some ?
The only ones I've founded was some hyperlinks that no longer works and they were pointing to differents websites.
Joined: 26 Mar 2013 Posts: 1858 Location: Hung Hom, Hong Kong
Posted: Wed Mar 06, 2024 4:23 Post subject:
Ti-Rick wrote:
First, I did enable the JFFS2 Support "Internal Flash Storage" located in ADMINISTRATION / MANAGEMENT, then I turn to ENABLE FreeRadius located in SERVICES but it won't generate the certificate.
Can the router act as the FreeRadius Server or we need an computer or USB key plug on the router? If the router can actually be used as a server, does the router needs internet access in order to generate the certificate? I'm currently working on it without any internet access.
I've looked everywhere on the site but I can't find any tutorial about "FreeRadius". Do you know where I can't find some ?
I have never used FreeRadius in DD-WRT. The only DD-WRT-related guide I found via Google:
The SSL certificate thing is another possibly difficult topic. I also dunno Freeradius need one. I think DD-WRT got a stock certificates "/etc/ssl/ca-bundle.crt" !
BTW, if you can set up multiple VAPs with different WPA2 passkeys, maybe you don't need FreeRadius' multiple username support. The differnent passkeys can already identify users.
Update:
Oh well, DD-WRT does NOT have the radtest command.
Code:
# which radtest
# radtest
-sh: radtest: not found
_________________ Router: Asus RT-N18U (rev. A1)
Drink, Blink, Stretch! Live long and prosper! May the Force and farces be with you!