I have created ax CAPsMAN configuration example for those who use vlan filtering on bridge and have set trunk and access ports whit secure frame types (Like these examples from doc pages - https://help.mikrotik.com/docs/display/ ... +switching). Existing example in Mikrotik documentation is for different kind of approach and will not work for this type of configuration. This is my lab devices config dump - hex s is used as server, hap ax lite as AP. These files are for config inspection, not step-by-step tutorial. 7.10 folder contains config for current stable version and 7.11 for latest beta and on wards. Difference is one important improvement from Mikrotik side:
"wifiwave2 - automatically add WiFi interfaces to appropriate bridge VLAN when wireless clients with new VLAN IDs connect;".
It means you no longer need to create separate datapaths per vlan on AP side, it is done automatically (finally).
https://cloud.harijs.id.lv/index.php/s/sYAwSFbaCyJiGFx
Created new examples for mixed environments, read included readme file:
https://cloud.harijs.id.lv/index.php/s/WE2iEPGdNYapgAm
ac/ax CAPsMAN v2 configuration example
Last edited by maigonis on Mon Mar 25, 2024 8:53 pm, edited 5 times in total.
-
-
gigabyte091
Forum Guru
- Posts: 1205
- Joined:
- Location: Croatia
Re: ax CAPsMAN configuration example
This is great news, I will test it to on my test setup also. Thank you for sharing.
Did you try to untag some of the eth ports on AP, i had problem with that also... It won't work, everything messes up...
Did you try to untag some of the eth ports on AP, i had problem with that also... It won't work, everything messes up...
Re: ax CAPsMAN configuration example
Looks like you don't use out-of-the-box CAPS mode on the CAPS. Is this because you are using a trunk port in between the CAPsMAN and the CAPS?
Re: ax CAPsMAN configuration example
@gigabyte091 At home I have ax3 and cap ax, on both I have set rest of ports untagged. Look up example in documentation, its quite easy to do whit this configuration base.
@erlinden I don't use default config in general on any of Mikrotik devices I have and manage. But also this config requires big changes anyway.
@erlinden I don't use default config in general on any of Mikrotik devices I have and manage. But also this config requires big changes anyway.
-
-
gigabyte091
Forum Guru
- Posts: 1205
- Joined:
- Location: Croatia
Re: ax CAPsMAN configuration example
At my config, and I use default CAP config ports are untagged for mgmt network but if i try to untag them for some other VLAN i get that VLAN on port but wifi is broken then. I will try with your setup
Re: ax CAPsMAN configuration example
This configuration example is only for those, who have setup full vlan network whit trunk and access ports, all traffic tagged. You should use Mikrotik documentation example and try to use latest beta.At my config, and I use default CAP config ports are untagged for mgmt network but if i try to untag them for some other VLAN i get that VLAN on port but wifi is broken then. I will try with your setup
-
-
gigabyte091
Forum Guru
- Posts: 1205
- Joined:
- Location: Croatia
Re: ax CAPsMAN configuration example
Good to know, will test with your example on my test setup, before i used capsman i had setup with trunk to the APs. No hybrid ports like i have now.
Re: ax CAPsMAN configuration example
Test and see, but I suggest learning and doing full vlan setups.Good to know, will test with your example on my test setup, before i used capsman i had setup with trunk to the APs. No hybrid ports like i have now.
-
-
gigabyte091
Forum Guru
- Posts: 1205
- Joined:
- Location: Croatia
Re: ax CAPsMAN configuration example
Don't really know what do you mean, right now I have 5 VLAN's and I'm not using default VLAN for anything. Two switches, trunk to the router, previous AP had all vlans tagged, no hybrid ports, but now im using capsman in original form
Re: ax CAPsMAN configuration example
It means config like these examples: https://help.mikrotik.com/docs/display/ ... +switchingDon't really know what do you mean, right now I have 5 VLAN's and I'm not using default VLAN for anything. Two switches, trunk to the router, previous AP had all vlans tagged, no hybrid ports, but now im using capsman in original form
Re: ax CAPsMAN configuration example
I also see a lot of people struggling whit local WiFi interface provision to capsman configuration (for example if you have ax3 and cap ax, and you want to use one of APs as server). You don't have to setup local wifi interface to use capsman server, but need to provision from "Radios" tab manually. As you provision that local interface it will be managed by provision configuration same way as remote WiFi interfaces. Also kvr is working, interfaces show up in the same neighbor group (at least on 7.12beta1).
https://cloud.harijs.id.lv/index.php/s/wyYyjqZPJ37ZfGE
PS: Config examples are plain concept test on my home lab (hap ax lite + hap ax lite lte6), no vlans used here, but adoption should be easy to my previously posted config.
https://cloud.harijs.id.lv/index.php/s/wyYyjqZPJ37ZfGE
PS: Config examples are plain concept test on my home lab (hap ax lite + hap ax lite lte6), no vlans used here, but adoption should be easy to my previously posted config.
You do not have the required permissions to view the files attached to this post.
Re: ax CAPsMAN configuration example
@maigonis Thank you for sharing the config !
On your hAP ax lite, I see on only-vlan tagged frame will be accepted on the bridge.
My question is : since hAP ax lite have more than 1 ports, what if you want to have, let's say desktop on ether 3 with vlan10, your printer on ether4 with vlan20 ? Have you got a working config ?
On your hAP ax lite, I see on only-vlan tagged frame will be accepted on the bridge.
My question is : since hAP ax lite have more than 1 ports, what if you want to have, let's say desktop on ether 3 with vlan10, your printer on ether4 with vlan20 ? Have you got a working config ?
Re: ax CAPsMAN configuration example
Have a look here: https://help.mikrotik.com/docs/display/ ... +switching . When learning vlans most important part is to follow tag - it can be added, removed, or modified (also stacked, aka q-in-q) in frames header when flowing thru network interfaces.@maigonis Thank you for sharing the config !
On your hAP ax lite, I see on only-vlan tagged frame will be accepted on the bridge.
My question is : since hAP ax lite have more than 1 ports, what if you want to have, let's say desktop on ether 3 with vlan10, your printer on ether4 with vlan20 ? Have you got a working config ?
Re: ax CAPsMAN configuration example
@maigonis, thank you for the reply !When learning vlans most important part is to follow tag
The link above is mainly for switch and routers. Maybe it was not clear in my last post. My question is on CAP (hAP ax lite):
Your config on CAP has a bridge, and only eth1 is on this bridge(as a trunk port).
Code: Select all
/interface bridge
add frame-types=admit-only-vlan-tagged name=bridge1 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1Is there a solution on this use case ?
Last edited by tangent on Thu Aug 24, 2023 3:38 am, edited 1 time in total.
Reason: Fixed quote tag; trimmed quote
Reason: Fixed quote tag; trimmed quote
Re: ax CAPsMAN configuration example
False. The quoted config is about bridge - "the router-facing port of switch". You may want to read about multiple bridge personalities in this nice article: viewtopic.php?t=173692 ... the term I used in previous sentence is taken from this article.In this case, you have to config eth2-eth4 as an access port and it can only take in untagged traffic, as your bridge1 only take vlan-tagged traffic,Code: Select all/interface bridge add frame-types=admit-only-vlan-tagged name=bridge1 vlan-filtering=yes
Meaning that with setting above it is perfectly possible to have some bridged ports configured as access ports or hybrid ports.
Re: ax CAPsMAN configuration example
[/quote]
Meaning that with setting above it is perfectly possible to have some bridged ports configured as access ports or hybrid ports.
[/quote]
@mkx, thank you !
I tried a lot but all in vain. Do you have the idea on , let's say, with above settings unchanged, I want to add another port (from CAP) eth2 to the bridge1, and want to assign pvid 20 to eth2, how to config ?
CAP is hAP ax2 with wifiwave2 CAPsMAN on Router CCR. both on v7.10.2
Edit: FYI, I just got reply from the support and it seems for now, it is not possible.
quote
Plug and play bridging is not possible, with WifiWave2 device, as currently bridge-modes are not available, rendering wireless vlan configuration to be tricky.
unquote
Meaning that with setting above it is perfectly possible to have some bridged ports configured as access ports or hybrid ports.
[/quote]
@mkx, thank you !
I tried a lot but all in vain. Do you have the idea on , let's say, with above settings unchanged, I want to add another port (from CAP) eth2 to the bridge1, and want to assign pvid 20 to eth2, how to config ?
CAP is hAP ax2 with wifiwave2 CAPsMAN on Router CCR. both on v7.10.2
Edit: FYI, I just got reply from the support and it seems for now, it is not possible.
quote
Plug and play bridging is not possible, with WifiWave2 device, as currently bridge-modes are not available, rendering wireless vlan configuration to be tricky.
unquote
Re: ac/ax CAPsMAN configuration example
Updated configs to ac/ax mixed env.
Who is online
Users browsing this forum: No registered users and 8 guests