Enterprise Security, VLAN support, and multiple SSIDs

[ptaylor]

I just powered up my Almond+ and can't see how to enable Enterprise security or VLANs...  I found the OpenWRT interface, but it appears not everything is in place to support Enterprise authentication.  I think the "wpad" package is needed, at the least...  I did a write up about 2 1/2 years ago on my blog about how to set up a OpenWRT box to do Enterprise Auth, including the FreeRadius setup and all.  (http://jackofallit.wordpress.com/2012/02/15/turn-a-60-120-router-into-an-enterprise-class-wireless-router-with-openwrt/)  Currently, I have another machine as my Radius server (Synology NAS), so I don't even need to run FreeRadius on the Almond+. 

Also, I'd like to set up a secondary SSID using a PSK that is not bridged to my main network, but has Internet access.  The purpose of this would be for devices that don't support Enterprise auth (like Nintendo hardware, the Nest thermostat, etc), and configure the firewall to allow devices on that subnet to get out to the Internet, but not to communicate to my main LAN network (where Enterprise auth is needed). 

Finally, I currently have another subnet (VLAN) which I'd like to have my VoIP devices connected to, so I can ensure they get priority...  (Though this may be possible in the Almond+ without a different VLAN.  If so, I'm all for it.)

Thanks,
Paul

[LGNilsson]

I'm afraid I can only help you with the middle question, go to Wireless Settings in the LCD, Guest Network and enable one or both. That'll achieve what you're trying to do.

We'll be releasing the OpenWRT source code at some point soon-ish and maybe you can use that to figure out the other stuff.

[edljedi]

What you are trying to do is pretty much exactly what I want to do with the addition of one thing. I'm wanting to set up a pair of WPA Enterprise (2.4 & 5) SSIDs, a pair of WPA2 PSK (2.4 & 5) SSIDs for guests that would be on a different vlan that would only go to the internet, and a WPA PSK (2.4) SSID for my one lone HP printer which can't connect any other way but needs to communicate with the rest of the internal network but be restricted (MAC, port, visibility, etc). I have a fortinet hardware managing my network and an existing RADIUS server. My VoIP goes through the fortinet hardware so don't need the A+ to deal with that. The A+ is going to be in AP mode.

I just powered up my Almond+ and can't see how to enable Enterprise security or VLANs...  I found the OpenWRT interface, but it appears not everything is in place to support Enterprise authentication.  I think the "wpad" package is needed, at the least...  I did a write up about 2 1/2 years ago on my blog about how to set up a OpenWRT box to do Enterprise Auth, including the FreeRadius setup and all.  (http://jackofallit.wordpress.com/2012/02/15/turn-a-60-120-router-into-an-enterprise-class-wireless-router-with-openwrt/)  Currently, I have another machine as my Radius server (Synology NAS), so I don't even need to run FreeRadius on the Almond+. 

Also, I'd like to set up a secondary SSID using a PSK that is not bridged to my main network, but has Internet access.  The purpose of this would be for devices that don't support Enterprise auth (like Nintendo hardware, the Nest thermostat, etc), and configure the firewall to allow devices on that subnet to get out to the Internet, but not to communicate to my main LAN network (where Enterprise auth is needed). 

Finally, I currently have another subnet (VLAN) which I'd like to have my VoIP devices connected to, so I can ensure they get priority...  (Though this may be possible in the Almond+ without a different VLAN.  If so, I'm all for it.)

Thanks,
Paul