42 lines
1.7 KiB
ReStructuredText
42 lines
1.7 KiB
ReStructuredText
Private WLAN
|
|
============
|
|
|
|
It is possible to set up a private WLAN that bridges the WAN port and is separated from the mesh network.
|
|
Please note that you should not enable ``mesh_on_wan`` simultaneously.
|
|
|
|
The private WLAN is encrypted using WPA2 by default. On devices with enough flash and a supported radio,
|
|
WPA3 or WPA2/WPA3 mixed-mode can be used instead of WPA2. For this to work, the ``wireless-encryption-wpa3``
|
|
feature has to be added to ``GLUON_FEATURES``.
|
|
|
|
It is recommended to enable IEEE 802.11w management frame protection for WPA2/WPA3 networks, however this
|
|
can lead to connectivity problems for older clients. In this case, management frame protection can be
|
|
made optional or completely disabled in the advanced settings tab.
|
|
|
|
The private WLAN can be enabled through the config mode if the package ``gluon-web-private-wifi`` is installed.
|
|
You may also enable a private WLAN using the command line::
|
|
|
|
RID=0
|
|
SSID="privateWLANname"
|
|
KEY="yoursecret1337password"
|
|
|
|
uci set wireless.wan_radio$RID=wifi-iface
|
|
uci set wireless.wan_radio$RID.device=radio$RID
|
|
uci set wireless.wan_radio$RID.network=wan
|
|
uci set wireless.wan_radio$RID.mode=ap
|
|
uci set wireless.wan_radio$RID.encryption=psk2
|
|
uci set wireless.wan_radio$RID.ssid="$SSID"
|
|
uci set wireless.wan_radio$RID.key="$KEY"
|
|
uci set wireless.wan_radio$RID.disabled=0
|
|
uci set wireless.wan_radio$RID.macaddr=$(lua -e "print(require('gluon.util').generate_mac(3+4*$RID))")
|
|
uci commit
|
|
wifi
|
|
|
|
Please replace ``$SSID`` by the name of the WLAN and ``$KEY`` by your passphrase (8-63 characters).
|
|
If you have two radios (e.g. 2.4 and 5 GHz) you need to do this for radio0 and radio1.
|
|
|
|
It may also be disabled by running::
|
|
|
|
uci set wireless.wan_radio0.disabled=1
|
|
uci commit
|
|
wifi
|