Hello,
Is it at all possible to have a single SSID but have more then one password associated with it?
I ask because the idea came about of have a way for guest to access our wifi so they can get internet, but not be able to access our network.
I mean that if it’s possible that the password is the one who dicide wich VLAN client can get.
use multiple ssids + vlans. the rest will just make your life harder, when stuff doesn’t work on user side.
Please read this thread:
http://forum.mikrotik.com/t/dpsk-dynamic-wpa2-psk-support/125511/1
I understand what you are trying to achieve but have to ask, Why?
Just spin a second WLAN up and let them have a “-Guest” of your main SSID.
I understand that I will need a guest VLAN, but how can I have two passwords for the same SSID, where each password determines which VLAN the client connects to?
//Nizar
You can only achieve that by setting password and vlan id per client MAC address. As you probably won’t know all your guest’s devices, you would have to set up an access rule for each of your private devices. I wouldn’t recommend it, a second SSID is most likely the better solution.
In short you can’t have the same SSID with 2 different passwords on the same wireless chip. On the interface you set the security profile.
A dual band router you can set the same SSID with different security profiles BUT if a device strays from one band to the other then it will get an error and drop out.
I think this can be achieved with RADIUS authentication.
https://wiki.mikrotik.com/wiki/Manual:RADIUS_Client
just follow the link in #3. I use it in the same way for my untrusted iot devices. It is not a solution for a guest network imo.