Posted: Tue Oct 07, 2014 22:34 Post subject: VAP / multiple BSSID count
I'm building a little network for my comrades and myself and now I guess I hit a (hopefully only gui based) border.
I'd like to establish a VAP for every user so they/I can change the key without every other user having to reset their wifi settings and also putting everyone into a vlan through that.
But I noticed that on two different routers, E4200 with kingkong build 22200M and RT-N16 with initial flash image SVN14896, mega SVN24160 and mega SVN24461 (so I guess it isn't caused by a specific build), I can only add up to three VAPs.
Is it only a limit enforced by dd-wrt to protect from overusing or maybe a limitation of the broadcom chipsets?
I even tried setting up wl0.4 for testing purposes manually by adding the necessary nvram variables and it shows up in the web gui perfectly fine, but it isn't working. Obviously, the wl0.4 device isn't created, but I wasn't able to do it by myself with ifconfig and wl.
There, I am at my wit's end.
Please tell me that it is possible to add more VAPs, and how. I am quite experienced using the console and linux in general, but dd-wrt keeps me within bounds sometimes.
I'd like to avoid setting up multiple routers to get more than four (RT-N16, because I can add/exchange external antennas without soldering) BSSIDs.
There won't be much traffic on the wifis, mostly phones and tables without ethernet adapters, of course, and I need the VAPs to seperate them into vlans.
Interesting. If there were a limit I never would have guessed it would have been just three. I use the RT-N16 quite often and I'm usually just setting up a "Guest" interface that user's connect to. Definitely get why you want to have a VAP for each user but I wonder if that's "by design" to limit the number of VAPs
If the only goal were to have different passwords/keys for each user, you could use WPA2 Enterprise with FreeRADIUS or any other RADIUS implementation. No need for different VAPs then. Every user could have his own username/password and/or certificate and change that on the RADIUS server if needed.
As VLANs are not very intuitive to configure via GUI or console (at least for me), I have given up on them. And there's also a VID limitation on some(most?) routers. You can only use ID 1-15, not the whole range.