I'm Testing Capsman (v1) on ROS6.23.
On the main Router Manager is configured and a RB951g is the AP.
All Client should use aVLan depending on their MAC Adress.
When a Client tries to connect I see the message "dhcp1 offering lease ....... without success"
Here are the important parts of the configuration. Any ideas?
Main Router
Code: Select all
/caps-man channel
add band=2ghz-b/g/n extension-channel=Ce frequency=2412 name=ch1-2ghz-20Ce \
width=20
/caps-man datapath
add client-to-client-forwarding=yes local-forwarding=no name=datapath1
/interface bridge
add name=br-v201
add name=br-v221
add name=br-v241
add name=br-v301
add name=br-vlan
/interface ethernet
set [ find default-name=ether4 ] l2mtu=1590 name=eth4-M-RB951
/interface vlan
add interface=br-vlan l2mtu=1586 name=v201-S vlan-id=201
add interface=br-vlan l2mtu=1586 name=v221-D vlan-id=221
add interface=br-vlan l2mtu=1586 name=v241-H vlan-id=241
add interface=br-vlan l2mtu=1586 name=v301-R vlan-id=301
/caps-man security
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm,tkip name=WPA \
passphrase=12345678
/caps-man configuration
add channel=ch1-2ghz-20Ce datapath=datapath1 mode=ap name=Privat rx-chains=\
0,1 security=WPA ssid=Privat tx-chains=0,1
/caps-man interface
#
add arp=enabled channel=ch1-2ghz-20Ce configuration=Privat datapath=datapath1 \
datapath.bridge=br-vlan disabled=no l2mtu=1600 mac-address=\
4C:5E:0C:58:CE:01 master-interface=none mtu=1500 name=cap-Martin \
radio-mac=4C:5E:0C:58:CE:01 security=WPA
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool1 ranges=10.35.34.101-10.35.34.199
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=br-v301 lease-time=3d name=\
dhcp1
/caps-man access-list
add action=accept comment=Ro-Laptop-WLan interface=all mac-address=\
4C:EB:42:98:82:E4 mac-address-mask=FF:FF:FF:FF:FF:FF private-passphrase=\
12345678 time=\
0s-1d,sun,mon,tue,wed,thu,fri,sat vlan-id=301 vlan-mode=use-tag
add action=accept comment=Roland-iPad3-WLan interface=all mac-address=\
14:10:9F:9A:23:D7 mac-address-mask=FF:FF:FF:FF:FF:FF private-passphrase=\
987654321 time=\
0s-1d,sun,mon,tue,wed,thu,fri,sat vlan-id=301 vlan-mode=use-tag
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/interface bridge port
add bridge=br-v201 interface=v201-S
add bridge=br-v221 interface=v221-D
add bridge=br-v241 interface=v241-H
add bridge=br-v301 interface=v301-R
add bridge=br-vlan interface=eth4-M-RB951
/ip accounting
set enabled=yes
/ip address
add address=10.35.34.254/24 interface=br-v301 network=10.35.34.0
/ip dhcp-server network
add address=10.35.34.0/24 dns-server=10.35.34.254 gateway=10.35.34.254 \
ntp-server=10.35.34.254
/ip dns
set allow-remote-requests=yes
/system identity
set name=CCR1036-254
Code: Select all
/interface bridge
add name=br-v201
add name=br-v221
add name=br-v241
add name=br-v301
add name=br-vlan_all
/interface wireless
# managed by CAPsMAN
# channel: 2412/20-Ce/gn(30dBm), SSID: Privat, CAPsMAN forwarding
set [ find default-name=wlan1 ] band=2ghz-b/g/n l2mtu=1600 mode=\
station-pseudobridge ssid=MikroTik wireless-protocol=nv2-nstreme-802.11
/interface ethernet
set [ find default-name=ether1 ] name=eth1-uplink
/interface vlan
add interface=eth1-uplink l2mtu=1594 name=v201-S vlan-id=201
add interface=eth1-uplink l2mtu=1594 name=v221-D vlan-id=221
add interface=eth1-uplink l2mtu=1594 name=v241-H vlan-id=241
add interface=eth1-uplink l2mtu=1594 name=v301-R vlan-id=301
/interface wireless security-profiles
set [ find default=yes ] authentication-types=\
wpa-psk,wpa2-psk,wpa-eap,wpa2-eap mode=dynamic-keys supplicant-identity=\
MikroTik wpa-pre-shared-key=12345678 wpa2-pre-shared-key=12345678
/interface bridge port
add bridge=br-v201 interface=v201-S
add bridge=br-v221 interface=v221-D
add bridge=br-v241 interface=v241-H
add bridge=br-v301 interface=v301-R
add bridge=br-vlan_all interface=eth1-uplink
/interface wireless cap
set certificate=request discovery-interfaces=br-v201 enabled=yes interfaces=\
wlan1
/ip accounting
set enabled=yes
/ip address
add address=10.35.34.202/24 interface=br-v301 network=10.35.34.0
/ip dns
set allow-remote-requests=yes
set name=RB951G-202