On Wed, May 15, 2019 at 01:08:03PM -0700, Craig Pratt wrote: > I've been working on a project onboarding devices using hostapd's DPP > support. > > And while I'm able to easily associate a station with a VLAN using the > wpa_psk_file when onboarding using sta-psk (passing "conf=sta-psk" to " > dpp_auth_init"), it's not clear how one would associate a vlan with a sta > when onboarding using "conf=sta-dpp". > > Perhaps I need to look at the source, but does the wpa_psk_file allow for > non-PSK entries (e.g. DPP connector/net access key)? Or is there another > mechanism that I'm not aware of? (in the works perhaps?) In case of DPP AKM (conf=sta-dpp) and use of the DPP Connector, the best way of assigning stations to VLANs would be based on the groupId value in the Connector from the station, i.e., by having the Configurator determine which group the station should be in and having the AP(s) map the stations based on the groupId value to the appropriate VLAN. This is not supported in the current implementation, though. netAccessKey would be a unique identifier for the station as well, so if groupId cannot be used for this, mapping could be done based on the public netAccessKey. There is no support for that either currently. Anyway, I'd prefer the groupId-based mechanism to be implemented first. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
