Possible for one Wi-Fi SSID to have multiple subnets?

Can OpenWRT place devices connected to the same Wi-Fi SSID into different subnets? Let's use two smartphones as example devices. Phone A and phone B connect to the same Wi-Fi SSID. Can OpenWRT, based on phone A and phone B's MAC address, place phone A in subnet 192.168.1.0/24 while placing phone B in subnet 10.0.0.0/24? Is this possible with a single SSID?

https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#client_classifying_and_individual_options perhaps ?

1 Like

There is a relatively new way of having a single SSID with multiple passwords. This allows mapping of each password to a specific subnet/VLAN.... so in this case, Phone A would have a different password than Phone B.

2 Likes

No, you cannot use a single ESSID to bridge different wireless devices into different subnets.

Device specific DHCP options can change things like DNS/ NTP server (and yes, technically also the gateway), for individual devices, but that won't really help for the question at hand (for this to 'work', the wireless network would have to be on a dedicated subnet and route to the wired ones - or you do something really screwed up and horrible and run different networks on the (bridged) interface, don't go there, really, stop, don't).

A single SSID with multiple passwords is more of a poor man's IEEE 802.1x/ RADIUS workaround, while it can give you unique access credentials for each WLAN client, it still all bridges you to the same lan network.

Does this mean that it won't be possible to isolate Phone A and Phone B from each other if I implement a single SSID with multiple passwords as suggested @psherman?

Not necessarily. Aside from unique credentials for each station you can choose to put them into separate "VLANs" (actually bridges, preexisting or created with a VLAN-tagged interface on-the-fly) using the "vlan=..." parameter or a "wifi-vlan" UCI section.

1 Like