I have a Linksys WRT54GL v1.1 router. I want to configure it to have a secondary guest WLAN. Since WEP is near "No security" I wanted a WPA security on it. Also I wanted to have one LAN port moved in the guest LAN. First I installed latest distributions of ToastMan and TeaMan - they did a great job implementing VLANs and multiSSID. Here what I found: Moving any port from VLAN0 wasn't just a walk in the park on my WRT54GL: http://www.linksysinfo.org/index.php?threads/can-you-really-modify-vlan0ports-in-nvram.35724/ After that first success, based on TeaMan tutorial http://code.google.com/p/tomato-sdhc-vlan/wiki/ExperimentalMultiSSID I was able to set a secondary bridge with dedicated DHCP server and link the guest WLAN and LAN4 (moved on a new VLAN) port to it. After I created the wl0.1, it showed in STATUS window and in VLAN-advanced (here you can move it from VLAN0 to another VLAN) just like in http://code.google.com/p/tomato-sdhc-vlan/wiki/VLANMultiSSID. Testing the client WLAN was successful for unsecured and then WEP. When I tried to get WPA running I found something interesting: even if I have NO SECURITY or WEP on my main WLAN, my WPA guest WLAN did not show on my laptop until I added Code: nvram set nas_alternate='1' Finally it appeared, but my joy was short: I wasn't able to connect to the guest WLAN. The good part was that main WLAN was still working fine (in every security setting). Obvious the VLAN part is working properly. Right now my target is to have 2 working WLANs linked to the same VLAN. So I make a step back and I tried a DD-WRT tutorial: http://www.pennock.nl/dd-wrt/Multiple_BSSIDs.html After installing DD-WRT v.24-SP2 and following the provided steps I was able to obtain to operational WLANs. The downside was that I was able to connect to the router. At least I found that the following code configure the WLANs security settings Code: # Properly setup NAS killall nas # Main: nas -P /tmp/nas.wl0lan.pid -H 34954 -l br0 \ -i "`nvram get wl0_ifname`" -A -m 4 -k "`nvram get wl0_wpa_psk`" \ -s "`nvram get wl0_ssid`" -w 2 \ -g "`nvram get wl0_wpa_gtk_rekey`" # Virtual interface #1: nas -P /tmp/nas.wl0.1lan.pid -H 34954 -l br1 \ -i wl0.1 -A -m 4 -k "`nvram get wl0.1_wpa_psk`" \ -s "`nvram get wl0.1_ssid`" -w 2 \ -g "`nvram get wl0.1_wpa_gtk_rekey`" I reload the factory defaults and I create from interface the guest WLAN: both WLANs are fully functional. The ps command showed me this: nas -P /tmp/nas.wl0lan.pid -H 34954 -l br0 -i eth1 -A -m 132 -k passwordmain -s SSIDguest -w 6 -g 3600 nas -P /tmp/nas.wl0.1lan.pid -H 34954 -l br0 -i wl0.1 -A -m 132 -k passwordguest -s SSIDguest -w 6 -g 3600 The commands for NAS are http://wiki.openwrt.org/oldwiki/wireless.nas. Now I reflashed my router with tomato, set my WLANs security on WPA and I rebooted. The ps command showed me also 2 running nas processes. And the command lines are also like those from DD-WRT. Here starts the funny part: if I try killall nas the second nas (for wl0.1) didn't want to die! Only with killall -KILL nas I was able to terminate it! I tested several times and the result is the same: the wl0.1 nas instance is not working. So my BIG question is: Did anyone was able to run 2 WPA2-AES WLANs simultaneously on a WRT54GL?