Comment by bburky

Is that the same feature as vlanid= in openwrt's wpa_psk_file? https://openwrt.org/docs/guide-user/network/wifi/basic#wpa_p...

I was leaning towards using this configuration for splitting devices into VLANs while using one SSID. Yeah, dynamic VLAN+per device PSK would be best, but I'm probably happy enough with a shared PSK per VLAN to isolate a guest or IoT network. Would this VLAN isolation have prevented this attack? At least to prevent an attacker from jumping between VLANs? (I assume shared PSK per VLAN might be vulnerable to attacking client isolation within the VLAN?)