I used the info from this topic
[Individual per-passphrase Wifi VLANs using wpa_psk_file (no RADIUS required) ]
to allow vlan assignment by passphrase . It works great for 1 SSID . I have vlans 1 and 3 which get picked depending upon which passphrase I enter.
Does anyone have a similar setup that works ?
openwrt 23.05.0
This is sort of a double post but the original post shown above has grown quite lengthy . Sorry
I haven’t tried this technique yet, but one thought…
Are your networks all associated with a bridge device?
somehow the screenshot removed the config listing
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd79:b367:eccb::/48'
config device
option name 'br-lan'
option type 'bridge'
list ports 'eth1.1'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option gateway '10.10.10.1'
list dns '10.10.10.1'
list dns_search 'evinrude.net'
option ipaddr '10.10.10.7'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option vid '1'
option ports '0t 4 3 2 1 5t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '6t 5t'
option vid '3'
config interface 'lan3'
option proto 'none'
option device 'br-vlan3'
option type 'bridge'
config device
option type 'bridge'
option name 'br-vlan3'
list ports 'eth0.3'
config device
option type '8021q'
option ifname 'eth0'
option vid '3'
option name 'eth0.3'
and here is the wireless config
config wifi-device 'radio0'
option type 'mac80211'
option path 'platform/ahb/18100000.wmac'
option channel '1'
option band '2g'
option htmode 'HT20'
option cell_density '0'
config wifi-iface 'wifinet0'
option device 'radio0'
option mode 'ap'
option ssid 'tib1'
option encryption 'psk2'
option wpa_psk_file '/etc/hostapd.wpa_psk'
option vlan_file '/etc/hostapd.vlan'
option vlan_bridge 'dumy'
option dynamic_vlan '1'
config wifi-iface 'wifinet1'
option device 'radio0'
option mode 'ap'
option ssid 'tib2'
option encryption 'psk2'
option wpa_psk_file '/etc/hostapd.wpa_psk'
option vlan_file '/etc/hostapd.vlan'
option vlan_bridge 'dumy'
option dynamic_vlan '1'
the other 2 pieces
cat /etc/hostapd.wpa_psk
vlanid=1 00:00:00:00:00:00 phrase1
vlanid=3 00:00:00:00:00:00 phrase3
cat /etc/hostapd.vlan
3 wifivlan.3 br-vlan3
1 wifivlan.1 br-lan
all of that yields
brctl show
bridge name bridge id STP enabled interfaces
br-lan 7fff.a42bb0ad6a3c no wifivlan.1
eth1.1
br-vlan3 7fff.a42bb0ad6a3d no wifivlan.3
eth0.3
_bernd
November 19, 2023, 2:07pm
8
Afaik on devices with more then one CPU you have to tag all vlans on all CPUs.
Remove the option type 'bridge' line from below:
and delete this:
I don't know if that will fix the issue, but these changes are needed anyway.
Did that and you are correct , it didnt change the symptom . I think those 2 items were leftover from when I was struggling to get my vlans 1 and 3 setup
Glad it fixed at least one of the issues. And on that other thread -- maybe link back to this one so that if a future reader finds that thread, they will be able to see the details of the problematic configuration and subsequent solution for that issue.
By setting "auth_cache" to 0 or 1 for both ssids I can get authenticated on one or the ssids but never both
Never got any meaningful responses to this from someone who has it working .
