TodNeykos wrote

Can i have authentication on the wifi with a simple password and automatically limit the bandwidth of each client for example to 2mbps/0,5Mbps using the rate by ssid?

Simple password authentication can be enabled in the portal. If you rather mean encryption, you can set a WPA2 pre-shared key (this is not authentication, it's encryption).

Rate-limiting a client does neither depend on authentication schemes nor on encryption methods. You can rate-limit clients as soon as they have associated with the WLAN the first time.

Or if i set such a rate on that ssid i set the total bandwidth to that ssid (so that if 10 smartphones are connected, they globally share the 2/0,5 mbps?).

No. Rate limits assigned to a SSID define the default limits for each client which will associate with this SSID. Think as of default rate limits for every user. Thus, you would set default rate limits as the SSID rate limits assigned to every client using this SSID. If you want to further limit a specific client, you would set additional rate limits for this specific client. Note that you can only reduce rate limits on a per-user base if default (SSID) limits are in place, but you cannot increase those default limits on a per-user base. The controller will use the minimum rate limits of SSID and client limits if both are given.

 Second question: in that scenario (wifi with simple password) does the OC200 logs all the connected mac addresses with associated local ip and for how much time? (in case i need to give it to the police)

Omada controller saves a summary of all clients with their MAC address, but not with their IP. You can define how long to keep client statistics. Possible values are 7 days, 30 days, 60 days, 90 days, 180 days or 365 days.

Regarding the IP: why should an IP be given to the police? What could the police do with a private IP which is shared between many users over the time? Law enforcement can't investigate anyone because of a private IP, since those IPs do not appear anywhere outside the local network. Similar with the MAC. If they don't know the MAC from someone's device beforehand, they also can't investigate anyone because of the MAC. The MAC does also not appear anywhere outside the local network.

It's the MAC of your router resp. cable modem which appears in your ISP's network and an ISP can therefore investigate you using this MAC in the ISP's network. Similar with the IP: it's your router's IP which appears in the ISP's network and which is translated to a public IP appearing in the Internet. The ISP can investigate you using a public IP at a given time. All clients in your WLAN will use your public IP from the ISP's point of view.

Just out of curiosity: which country is it where law enforcement demands to hand out private IPs from devices inside a local network?

TodNeykos wrote

If i enforce the Facebook portal, people using smartphones can authenticate through the facebook app or do they need to enter user/password in a browser page?

According to the Omada Controller User's Guide they will be redirected to the Facebook page configured in the portal. Thus, no change for FB to sniff phone number or IMEI through their app. But they have the username of your clients and almost certainly the client's phone number in their database.

Is data miner FB still popular in Italy? In our country people left FB when papà e mamma send them friend requests ... 

TodNeykos wrote

if the customer uses a smartphone, can the checkin on the facebook page be done "by the yet authenticated facebook app"

I don't know, I never used Facebook nor FB authentication.