filmov
tv
One WiFi, Multiple Networks! Segment your WiFi Network with Private Pre-Shared-Keys
Показать описание
Do you love segmenting your network into as many subnets and VLANs as possible? Do you have too many Wifi networks for all of your special flower IoT devices that can barely speak IP, let alone fend for themselves on the wild internet? You could use WPA EAP Enterprise Authentication, but good luck getting your smart toaster to log in. The solution I'm playing with is called Private Pre-Shared Keys, where each client can potentially have their own passphrase and VLAN assignment for the same SSID, and the client just has to support normal passphrase authentication.
Using this method, along with a RADIUS server to manage clients, we can individually assign settings per-client such as their own PSK, VLAN ID, and more!
For this video, I'm using a Mikrotik wAP AC with RouterOS 7.8. I'd like to try OpenWRT in the future, but as of the making of this video it's not quite ready.
Copies of my FreeRADIUS and RouterOS configurations can be found on my blog:
Feel free to chat with me more on my Discord server:
Timestamps:
00:00 - Introduction
01:19 - RouterOS WiFi Setup
04:15 - FreeRADIUS and RouterOS
08:28 - RADIUS Acceptance
12:02 - Per Client Settings
15:24 - Match by MAC OUI
17:12 - Privacy MAC Addresses
19:26 - AP Filtering
21:35 - Guest Wifi Client Isolation
22:50 - OpenWRT?
#wifi #security #networking
Using this method, along with a RADIUS server to manage clients, we can individually assign settings per-client such as their own PSK, VLAN ID, and more!
For this video, I'm using a Mikrotik wAP AC with RouterOS 7.8. I'd like to try OpenWRT in the future, but as of the making of this video it's not quite ready.
Copies of my FreeRADIUS and RouterOS configurations can be found on my blog:
Feel free to chat with me more on my Discord server:
Timestamps:
00:00 - Introduction
01:19 - RouterOS WiFi Setup
04:15 - FreeRADIUS and RouterOS
08:28 - RADIUS Acceptance
12:02 - Per Client Settings
15:24 - Match by MAC OUI
17:12 - Privacy MAC Addresses
19:26 - AP Filtering
21:35 - Guest Wifi Client Isolation
22:50 - OpenWRT?
#wifi #security #networking
Комментарии