I have problems to connect a CAP to CAPsMAN using VLAN. I have the following setup which I assume quite common in principle:
main router RB2011UiAS-2HnD with uplink to Internet
os version 6.32.2
vlan vlan-10-mgmt on ether6
192.168.177.1/24 bound to vlan-10-mgmt
dhcp server on vlan-10-mgmt
CAPsMAN enabled, auto, certificates generated
2nd router hAP lite
os version 6.32.2
vlan vlan-10-mgmt on ether1
bridge bridge-mgmt with ports ether3 and vlan-10-mgmt
192.168.177.2/24 bound to vlan-10-mgmt
the routers are connected by cable main router ether6 to 2nd router ether1
ping between routers, dhcp and internet uplink work fine over vlan-10-mgmt
acces to both routers with winbox from ether3 on 2nd router works
when I enable CAP for wlan1 on 2nd router no connection is established between CAP and CAPsMAN on main router. I tried both, L2 over discovery interface vlan-10-mgmt and L3 providing CAPsMAN IP address directly. I see regular incoming packets in log of main router:
in:vlan-10-mgmt out:(none), src-mac … , proto UDP, 192.168.177.2:42119->192.168.177.1:5246, len 48
but there are no answer packets
I did some more checks. I added a direct cable connection without any vlan. The behaviour did not change. Log level debug for wireless and caps does not show any entry on main router. On 2nd router the log entries just show the not successful search for a CAPsMAN.
Screenshot1.jpg
Screenshot2.jpg
So it seems that either 2nd router has a bug and sends a malformed request, or main router has a bug and does not respond. Could MikroTik give a hint, if they tested this combination at all? Are there any recommendations for the next steps to find the solution?
Finally I could solve the issue. Shame on me, but somehow I did not enable the wireless-cm2 package on the main router. Maybe I mixed it up with wireless-fp package which was enabled instead. A little bit misleading was the fact, that the CAPsMAN menu entry was available and the manager could be configured but nevertheless it was my error.