Fantastic thread overall. I've read the whole thing from start to finish and am a little unclear on a few questions:
Is there a full How-to document for this functionality posted somewhere on the Wiki yet?
Is it still necessary to replace
wpad-basic-wolfsslwith the full
wpad-wolfssl, or has this been rendered unecessary by later OpenWRT versions?
Is it true/correct that basically this feature won't work with WPA3 / SAE, and that there's not likely to be a fix for that due to the way SAE itself works?
(Fwiw: my setup is a single Unifi UAP-AC-LITE running OpenWRT 23.05.2, configured as a pure WAP AP with 3 VLANs, routing handled upstream by a separate Opnsense router/firewall/gateway.)
(ath79/generic, kernel 5.15.137)