I have been looking at the 2.9 manual, and I am not clear on whether you could setup a virtual AP, and then enable WPA only for the particular VAP.
Therefore, first time clients could connect with no encrytion and once validated they would be given the PSK to use for future connections using the WPA encrpyted AP.
I do not see anywhere that you could assign which adapter to apply the encryption on. Any ideas?