Fork me on GitHub
Advanced Wi-Fi platform State of the art technology
100% open source Make sure you know what Wi-Fi you're using!
OpenWISP Wireless, Everywhere

OpenWISP sample architectures

Typical OpenWISP installation: behind a firewall with NAT
Typical OpenWISP installation: behind a firewall with NAT

Click on the image to enlarge it.
The OpenWISP Firmware works even behind a firewall, even if NAT is used:
1. At boot time every OWF access point creates a setup VPN (openVPN) with the OWM server
2. OWF access point requests and downloads its configuration inside this setup VPN
3. The new configuration is deployed. For instance another VPN is created for WiFi users traffic encapsulation. The setup VPN remains up, so it is possible the monitoring and the administration of the access point (even if it’s behind a firewall/NAT).
4. Periodically the access point asks the OWM server if its configuration is changed and, if so, restarts form the point number 2.

WPA/WPA2 Enterprise (802.1x)
WPA/WPA2 Enterprise (802.1x)

Here we use two 802.1Q VLAN incapsulated into a single (layer 2) openVPN tunnel. One of this VLAN is for authenticated user traffic the other one for RADIUS traffic between authenticator and authentication server.
Multiple networks with different policies can be incapsulated in the same VPN connection. For instance it's possible to configure OpenWISP Manager to instruct the OpenWISP firmware to broadcasts a 802.1x network and an open Wi-Fi network at the same time.
Click on the image to enlarge it.

More examples to come...