Community discussions

MikroTik App
  4. RouterOS
  5. Wireless Networking

How to mesh with two Audience and RB5009?

Post Reply
 
synchro
just joined
Topic Author
Posts: 3
Joined: Wed Mar 27, 2024 2:32 am

How to mesh with two Audience and RB5009?

Wed Mar 27, 2024 2:59 am

Hi, I have a RB5009 and I bought 2 Audience APs.

What I would like to do is to have one Audience in the living room, directly connected to the RB5009, and another Audience in my bedroom, meshing with wireless backhaul.

In my router I have these packages:
Code: Select all
Columns: NAME, VERSION, BUILD-TIME, SIZE
# NAME      VERSION  BUILD-TIME           SIZE   
0 routeros  7.14.1   2024-03-08 12:50:23  11.6MiB
And these packages on my APs:
Code: Select all
Columns: NAME, VERSION, BUILD-TIME, SIZE
# NAME          VERSION  BUILD-TIME           SIZE     
0 wifi-qcom-ac  7.14.1   2024-03-08 12:50:23  2916.1KiB
1 routeros      7.14.1   2024-03-08 12:50:23  11.2MiB
I have CAPsMAN on RB5009 managing the two Audience and it works fine, but I can't find how to configure meshing.

Has anyone done something similar?

This is what I want to accomplish:
Captura de pantalla 2024-03-26 a las 23.26.14.png
I have a similar setup right now, but with Unifi APs, and I'm slowly ditching my Unifi devices.


Export from router:
Code: Select all
[admin@MikroTik] > /export 
# 2024-03-27 01:43:13 by RouterOS 7.14.1
# software id = GI7S-LL99
#
# model = RB5009UPr+S+
# serial number = HFF...
/interface bridge
add comment="LAN Local" ingress-filtering=no name=bridge_lan port-cost-mode=short vlan-filtering=yes
add comment="WLAN Bridge" name=wlan_bridge
/interface ethernet
set [ find default-name=ether1 ] poe-out=off
set [ find default-name=ether4 ] poe-out=off
set [ find default-name=ether7 ] disabled=yes poe-out=off
set [ find default-name=ether8 ] disabled=yes poe-out=off
set [ find default-name=sfp-sfpplus1 ] auto-negotiation=no name=sfp speed=2.5G-baseX
/interface vlan
add interface=sfp name=vlan6 vlan-id=6
add comment="IoT VLAN 10" interface=bridge_lan name=vlan10 vlan-id=10
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan6 name=pppoe-O2 user=pppoe_username
/interface list
add name=WAN
add name=LAN
/interface wifi security
add authentication-types=wpa3-psk disabled=no encryption=ccmp name="Default 2GHz"
add authentication-types=wpa3-psk disabled=no encryption=ccmp name="Default 5GHz"
/interface wifi configuration
add channel.band=5ghz-ac .width=20/40mhz country=Spain datapath.bridge=bridge_lan disabled=no mode=ap name="5 GHz+" security=\
    "Default 5GHz" security.ft=yes ssid="5+"
add channel.band=2ghz-n .width=20mhz country=Spain datapath.bridge=bridge_lan disabled=no mode=ap name="2.4 GHz" security=\
    "Default 2GHz" ssid="2.4"
add channel.band=2ghz-n .width=20mhz country=Spain datapath.bridge=bridge_lan disabled=no mode=ap name="2.4 GHz Copy" security=\
    "Default 2GHz" ssid="2.4 Uplink"
/interface wifi
add configuration="2.4 GHz" configuration.mode=ap .ssid="2.4" disabled=no name=WiFI_24_Bedroom radio-mac=<MAC_ADDRESS>:CC:66 \
    security="Default 2GHz"
add configuration="2.4 GHz" configuration.mode=ap disabled=no name=WiFI_24_Living_Room radio-mac=<MAC_ADDRESS>:C7:94 security=\
    "Default 2GHz" security.encryption=""
add configuration="5 GHz+" configuration.mode=ap disabled=no name=WiFi_5+_Bedroom radio-mac=<MAC_ADDRESS>:CC:68
add configuration="5 GHz+" configuration.mode=ap disabled=no name=WiFi_5+_Living_Room radio-mac=<MAC_ADDRESS>:C7:96
/interface wifi steering
add disabled=no name="Steering 5GHz" neighbor-group="dynamic-5-bc32efd1" rrm=yes wnm=yes
/interface wifi configuration
add channel.band=5ghz-ac .skip-dfs-channels=all .width=20/40mhz country=Spain datapath.bridge=bridge_lan disabled=no mode=ap name="5 GHz" \
    security="Default 5GHz" security.ft=yes ssid="5"
/interface wifi
add configuration="5 GHz" configuration.mode=ap disabled=no name=WiFi_5_Bedroom radio-mac=<MAC_ADDRESS>:CC:67
add configuration="5 GHz" configuration.mode=ap disabled=no name=WiFi_5_Living_Room radio-mac=<MAC_ADDRESS>:C7:95 \
    security.authentication-types="" .encryption=""
/ip pool
add comment="Local Services - 10.0.0.2 to 10.0.0.19" name="Local services" ranges=10.0.0.2-10.0.0.19
add comment="Local Devices - 10.0.0.20 to 10.0.10.254" name="Local devices" ranges=10.0.0.20-10.0.0.254
add comment="VLAN10 - [10.0.10.20 to 10.0.10.254]" name="VLAN10 Devices" ranges=10.0.10.20-10.0.10.254
/ip dhcp-server
add address-pool="Local devices" comment="LAN local" interface=bridge_lan lease-time=1d name=dhcp1
add address-pool="VLAN10 Devices" comment="IoT LAN" interface=vlan10 lease-time=1d name=dhcp2
/user group
add comment="mktxp prometheus export" name=mktxp policy=\
    read,api,!local,!telnet,!ssh,!ftp,!reboot,!write,!policy,!test,!winbox,!password,!web,!sniff,!sensitive,!romon,!rest-api
/interface bridge port
add bridge=bridge_lan interface=WiFI_24_Living_Room
add bridge=bridge_lan interface=WiFi_5_Living_Room
add bridge=bridge_lan interface=WiFi_5+_Living_Room
add bridge=bridge_lan interface=WiFI_24_Bedroom
add bridge=bridge_lan interface=WiFi_5+_Bedroom
add bridge=bridge_lan interface=WiFi_5_Bedroom
add bridge=bridge_lan interface=LAN
/ip firewall connection tracking
set udp-timeout=10s
/interface bridge vlan
add bridge=bridge_lan comment="IoT LAN" tagged=ether2,ether3,bridge_lan vlan-ids=10
/interface detect-internet
set detect-interface-list=all
/interface list member
add interface=pppoe-O2 list=WAN
add interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
/interface wifi cap
set certificate=none discovery-interfaces=bridge_lan
/interface wifi capsman
set ca-certificate=auto certificate=auto enabled=yes interfaces=bridge_lan package-path="" require-peer-certificate=no upgrade-policy=\
    require-same-version
/ip address
add address=10.0.0.1/24 comment="Private subnet" interface=bridge_lan network=10.0.0.0
add address=10.0.10.1/24 comment="IoT VLAN subnet" interface=vlan10 network=10.0.10.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=10m
/ip dhcp-server network
add address=10.0.0.0/24 comment=LAN dns-server=10.0.0.1,10.0.0.3 gateway=10.0.0.1
add address=10.0.10.0/24 comment=VLAN dns-server=10.0.10.1 gateway=10.0.10.1
/ip firewall address-list
add address=10.0.0.2-10.0.0.254 list=allowed_to_router
/ip firewall filter
add action=accept chain=input comment="Allow VLAN 10 access to router DoH UDP" dst-port=53 in-interface=vlan10 protocol=udp
add action=drop chain=input comment="Drop all input traffic from VLAN 10" src-address=10.0.10.0/24
add action=drop chain=forward comment="Drop all traffic from VLAN 10 to LAN local" dst-address=10.0.0.0/24 src-address=10.0.10.0/24
add action=accept chain=input comment="default configuration" connection-state=established,related
add action=accept chain=input src-address-list=allowed_to_router
add action=accept chain=input protocol=icmp
add action=drop chain=input
/ip firewall nat
add action=redirect chain=dstnat dst-port=53 protocol=udp
add action=redirect chain=dstnat dst-port=53 protocol=tcp
add action=masquerade chain=srcnat out-interface=pppoe-O2
/ip service
set telnet disabled=yes
set ftp address=10.0.0.0/24
set www disabled=yes
set ssh address=192.168.1.0/24 disabled=yes
set www-ssl address=10.0.0.0/24,192.168.216.0/24 certificate=Webfig disabled=no
set api disabled=yes
set winbox address=10.0.0.0/24
set api-ssl address=10.0.0.0/24
/system clock
set time-zone-name=Europe/Madrid
/system note
set show-at-login=no

Export from APs:
Code: Select all
[admin@MikroTik] > /export
# 2024-03-27 01:55:24 by RouterOS 7.14.1
# software id = BVUP-2TEH
#
# model = RBD25G-5HPacQD2HPnD
# serial number = HCZ...
/interface bridge
add admin-mac=<MAC_ADDRESS>:C7:92 auto-mac=no comment=defconf name=wlan_bridge
/interface wifi datapath
add bridge=wlan_bridge comment=defconf disabled=no name=capdp
/interface wifi
# managed by CAPsMAN
# mode: AP, SSID: 2.4, channel: 2467/n
set [ find default-name=wifi1 ] configuration.manager=capsman datapath=capdp disabled=no
# managed by CAPsMAN
# mode: AP, SSID: 5, channel: 5180/ac/Ce
set [ find default-name=wifi2 ] configuration.manager=capsman datapath=capdp disabled=no
# managed by CAPsMAN
# mode: AP, SSID: 5+, channel: 5660/ac/Ce
set [ find default-name=wifi3 ] configuration.manager=capsman datapath=capdp disabled=no
/interface bridge port
add bridge=wlan_bridge comment=defconf interface=ether1
add bridge=wlan_bridge comment=defconf interface=ether2
/interface wifi cap
set discovery-interfaces=wlan_bridge enabled=yes slaves-datapath=capdp
/ip dhcp-client
add comment=defconf interface=wlan_bridge
#error exporting "/ip/ssh" (timeout)
/system clock
set time-zone-name=Europe/Madrid
/system note
set show-at-login=no
You do not have the required permissions to view the files attached to this post.
Top
Post Reply

Who is online

Users browsing this forum: No registered users and 7 guests
  4. RouterOS
  5. Wireless Networking