Code: Select all
/interface ethernet switch vlan
add independent-learning=yes ports=ether1,switch1-cpu switch=switch1 vlan-id=90
add independent-learning=yes ports=ether2,ether3,ether4,ether5,switch1-cpu switch=switch1 vlan-id=100
/interface ethernet switch vlan
add independent-learning=yes ports=ether1,switch1-cpu switch=switch1 vlan-id=90
add independent-learning=yes ports=ether2,ether3,ether4,ether5,switch1-cpu switch=switch1 vlan-id=100
Why not leave it open?security setting are WPA/WPA2/WPA3
Learning is...It's a real headache at times, isn't it?
/export file=anynameyoulike
/interface bridge port
add bridge=bridge1 interface=ether5 pvid=10
# optional
/interface bridge vlan
add bridge=BR1 tagged=bridge1 untagged=ether5 vlan-ids=10
Pretty sure you created an export, just in case this happens!? Especially after previous event...I really hope this doesn't mean I once again have to set up everything from scratch.
/export file=anynameyoulike
And after 19 years you decided to create an account just to post this message...sure.I have been playing with Mikrotik OS since 2005.
/export file=anynameyoulike
Do you have VLAN ID 1 configured?Can have someone any solution for this?
/export file=anynameyoulike
add action=accept chain=input comment="admin access" in-interface=Bridge-LAN \
src-address=192.168.0.0/24
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" disabled=yes \
dst-address=127.0.0.1
set-inform http://[IP address of controller]:8080/inform
Have you set fixed Admin MAC Address on the bridge for these devices?All my static leases for other Mikrotik devices got messed up after update to 7.16.
/export file=anynameyoulike
Then it might be helpfull to share your (wireless) configSame iPhone, upgraded to iOS 18; nothing changed with WiFi on ax^3.
/interface wifi export
/export file=anynameyoulike
What do you mean with mixed languages?I remember some Apple devices (at least in the past) could have issues with mixed languages on APs within the same SSID domain.
/system logging rulesCan someone point me to instructions for enabling wireless debug logging?
/export file=anynameyoulike
/export file=anynameyoulike
/export file=anynameyoulike
Actually, ICMP traffic is accepted. It is used for more then ping only.If I recall correctly however, ping (ICMP) is allowed inbound by default. I prefer to block this via firewall rule.
/export file=anynameyoulike
/export file=anynameyoulike
/export file=anynameyoulike
Depends on how you want it to work exactly. Fyi, legacy supports CAPsMAN forwarding, wifi-qcom(-ac) doesn't.Can someone help?
Add a drop rule on the forward chain that drops everything else:And how can i disable the port for everyone else
add action=drop chain=forward
better?Gentlemen, what is the difference between firmware V6 and V7, which is better?
/export file=anynameyoulike
Thanks gotsprings !The only thing I see in your config that jumps out at me is the independent-learning value.
/export file=anynameyoulike
/export file=anynameyoulike
Is it acceptable to you? That is all that matters.So, "down a couple of times" during a period of years can be considered acceptable, right?
The topic name might give an indicationWell, then start by describing the issue you need to resolve first.
/export file=anynameyoulike
Why use WPA (when you can use open)?Giving this a go! Disabled it on 5Ghz interface and switched back from WPA2/3 to WPA/WPA2.
https://help.mikrotik.com/docs/display/ ... ionexample:How do I enable the capsman server on one of the AX2? I dont see a Capman option to enable it and set certificate options.
/export file=annameyoulike
Sure, no problem. It would be really great to have the config of the cAP ac as well, just to compare.As I mentioned in the article above, I really don't understand it very well, but maybe I can write the config details here as soon as possible and get ideas from you. Thank you.
/export file=anynameyoulike
CAPsMAN:Standalone AP or using CAPsMan?
The disadvantage of upgrading manually is that you could miss an additional package.Then I found out you have to install QCOM package. So might try updating again.
/export file=anynameyoulike
Are you stating that on the same port and with same protocol OpenVPN will work while Wireguard does (sometimes) not?If the IPS is blocking the ports , and even if you play with 443 that will not help to establish connections. Not sure why is that,
Here in the documentation you can find it:I have found out several topics as well in cookbook, but it seems that it will be not for my setup, so I have to read and find something else.
wAP ax will be a very small device and is coming very very soon (question of days or weeks)
wAP ax will be a very small device and is coming very very soon (question of days or weeks)
/export file=anynameyoulike
/export file=anynameyoulike
/export file=anynameyoulike
/ip/upnp print
/ip/upnp/interfaces print
/ip firewall filter
add action=accept chain=input dst-port=8291 in-interface=ether1 protocol=tcp
Did you do port forwarding on the NAT device as well?Yes it is behind NAT and does not have a public IP address.
encryption=ccmp,gcmp,ccmp-256,gcmp-256
/export file=anynameyoulike
If you want some feedback, just share the config:What reasons could there be for the “Link downs” of a 5Ghz meter to trigger?
/export file=anynameyoulike
That would involve the users as wellI hope the manufacturer will be able to fix all the errors and shortcomings of hAP ax3 with updates.
/export file=anynameyoulike
Can you eleborate this? I'm onto the beta in my home environment (I know, just a small network). Haven't had any strange CAPsMAN things, at least for me it is working not any less stable than the stable version.if u want to get to the trouble, then use the new CapsMan
/export file=anynameyoulike
/ip/firewall export
or
/export file=anynameyoulike
/ip dns
set allow-remote-requests=yes
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=ether1 type=external
/ip dns
set cache-size=20480KiB
Sure (comes with 7.13 and up), but it won't be able to manage its own wireless interfaces.can wifi capsman be run on a mipsbe device?