I have one WLAN running an AP and a VAP - one as a hotspot and one for permanent connections.

Clearly I can't have encryption on the Hotspot but want encryption for the permanent customers to prevent their being snooped.

However it seems that I can't have both - any attempt to connect to the permanent customer's VAP with encryption running fails. If I switch the encryption setting in the wireless interface to 'default' I can connect with the station also set to 'default', but with both VAP and station set to the encryption profile the station connects and is almost instantly booted off again. Yes, the security profile is identical.

Should I create two VAPs on the same WLAN, - one with a default security setting and the other the permanent's encryption, or can't two security profiles be run on one WLAN at all?

Thanks

I have one WLAN running an AP and a VAP - one as a hotspot and one for permanent connections.

Clearly I can't have encryption on the Hotspot but want encryption for the permanent customers to prevent their being snooped.

However it seems that I can't have both - any attempt to connect to the permanent customer's VAP with encryption running fails. If I switch the encryption setting in the wireless interface to 'default' I can connect with the station also set to 'default', but with both VAP and station set to the encryption profile the station connects and is almost instantly booted off again. Yes, the security profile is identical.

Should I create two VAPs on the same WLAN, - one with a default security setting and the other the permanent's encryption, or can't two security profiles be run on one WLAN at all?

Thanks

Hi ;
Did you create a new security profile ? , try to create a new security profile and use it with the VAP .
also you could make the security key per user , in other word you could put a key for each user you want and not a single key to all users .
with best regards .

Thank you Ahmed.

No, it's a standardised security profile across the network. It works on every other link. The only difference in this case is the dual AP - one encrypted and one not. So it would seem that you can't have one VAP running encryption and one not, or presumably you can't have two different security profiles on VAPs, although the OS appears to provide for it.

I don't really want to start using individual keys - sounds like a recipe for mayhem.

You can easily do it by creating two VAP on for hotspot and on for standard users, create two new security profiles (one with WEP and other without) then assign those security profiles to proper VAPs, and leave the defualt profile alone

cheers
Michal

Thanks Michal. That works.

Hi ;
I think i told you to create more than security profile to use them with VAP .
with best regards.

Hi ;
I think i told you to create more than security profile to use them with VAP .
with best regards.

Thank you Ahmed, you did.

Hi Again ;
you are welcomed .
i am here in this forum to gain help from members and to provide help to all with what i know for MT .
if you see that this article gave you what you are looking for and that no need for more replies please write to forum to lock this article .
with best regards .

Hi Again ;

if you see that this article gave you what you are looking for and that no need for more replies please write to forum to lock this article .
with best regards .

I would like confirmation of what it seems I've learned from this thread, which is -

1) if you put a security profile on a WLAN interface that profile is also imposed on every VLAN or VAP, PPP, VPN or whatever else that runs on that interface regardless of the security profile selected in the VLAN etc. configuration, which means that

2) if you want or need to run two or more different security profiles on the same WLAN you must leave the WLAN itself unencrypted - so be careful what else you do with it.

Yes?