Hello,
I’m trying to setup capsman for my home network. I used 2 access points (psy, salon) and 1 (main) router running capsman. I have an issue that one of devices keep reconnecting to the router (other is working perfectly fine):
09:07:01 caps,info Salon-2G: selected channel 2462/20/gn(30dBm) (fixed)
09:07:01 caps,info Salon-5G: selected channel 5180/20-Ceee/ac/P(23dBm) (fixed)
09:07:01 caps,info 5C:CF:7F:68:75:C6@Salon-2G connected, signal strength -52
09:07:16 caps,info 5C:CF:7F:68:75:C6@Salon-2G disconnected, interface disabled
09:07:40 caps,info [::ffff:192.168.1.19:57664,Join,CAP-744D28613558] joined, provides radio(s): 74:4D:28:61:35:5D,74:4D:28:61:35:5E
09:07:40 caps,info Salon-2G: selected channel 2462/20/gn(30dBm) (fixed)
09:07:40 caps,info Salon-5G: selected channel 5180/20-Ceee/ac/P(23dBm) (fixed)
09:07:41 caps,info 5C:CF:7F:68:75:C6@Salon-2G connected, signal strength -55
09:08:14 caps,info 5C:CF:7F:68:75:C6@Salon-2G disconnected, interface disabled
09:08:45 caps,info C8:19:F7:EA:73:D0@Main-2G connected, signal strength -62
09:08:47 caps,info [::ffff:192.168.1.19:59381,Join,CAP-744D28613558] joined, provides radio(s): 74:4D:28:61:35:5D,74:4D:28:61:35:5E
09:08:47 caps,info Salon-2G: selected channel 2462/20/gn(30dBm) (fixed)
09:08:47 caps,info Salon-5G: selected channel 5180/20-Ceee/ac/P(23dBm) (fixed)
09:08:48 caps,info C8:19:F7:EA:73:D0@Main-2G disconnected, extensive data loss
09:08:48 caps,info 5C:CF:7F:68:75:C6@Salon-2G connected, signal strength -54
09:09:03 caps,info 5C:CF:7F:68:75:C6@Salon-2G disconnected, interface disabled
09:09:19 caps,info C8:19:F7:EA:73:D0@Main-2G connected, signal strength -69
09:09:26 caps,info [::ffff:192.168.1.19:48095,Join,CAP-744D28613558] joined, provides radio(s): 74:4D:28:61:35:5D,74:4D:28:61:35:5E
09:09:26 caps,info Salon-2G: selected channel 2462/20/gn(30dBm) (fixed)
09:09:26 caps,info Salon-5G: selected channel 5180/20-Ceee/ac/P(23dBm) (fixed)
09:09:27 caps,info 5C:CF:7F:68:75:C6@Salon-2G connected, signal strength -55
09:10:00 caps,info 5C:CF:7F:68:75:C6@Salon-2G disconnected, interface disabled
This is my capsman configuration:
/caps-man channel
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=disabled frequency=2412 name=channel1
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=disabled frequency=2437 name=channel2
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=disabled frequency=2462 name=channel3
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5180 name=channel54
add band=5ghz-a/n/ac control-channel-width=20mhz frequency=5200 name=channel55
/interface bridge
add name=br_lan protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full mac-address=E0:91:F5:F3:AC:16
set [ find default-name=ether2 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether3 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether4 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
set [ find default-name=ether5 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full
/interface wireless
# managed by CAPsMAN
# channel: 2412/20/gn(30dBm), SSID: wifinetworkname, CAPsMAN forwarding
set [ find default-name=wlan1 ] antenna-gain=0 country=no_country_set frequency-mode=manual-txpower ssid=MikroTik
/caps-man datapath
add bridge=br_lan client-to-client-forwarding=yes name=datapath1
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm name=security1 passphrase=xxxxxxx
/caps-man configuration
add country=no_country_set datapath=datapath1 distance=indoors mode=ap name=wifinetworkname rx-chains=0,1,2 security=security1 ssid=wifinetworkname tx-chains=0,1,2
add country=poland datapath=datapath1 distance=indoors mode=ap name=wifinetworkname-5g rx-chains=0,1,2 security=security1 ssid=wifinetworkname-5g tx-chains=0,1,2
/caps-man interface
add channel=channel1 configuration=wifinetworkname datapath=datapath1 disabled=no l2mtu=1600 mac-address=4C:5E:0C:CF:33:D9 master-interface=none name=Main-2G radio-mac=4C:5E:0C:CF:33:D9
add channel=channel2 configuration=wifinetworkname datapath=datapath1 disabled=no l2mtu=1600 mac-address=C4:AD:34:37:41:1F master-interface=none name=Psy-2G radio-mac=C4:AD:34:37:41:1F security=\
security1
add channel=channel3 configuration=wifinetworkname datapath=datapath1 disabled=no l2mtu=1600 mac-address=74:4D:28:61:35:5D master-interface=none name=Salon-2G radio-mac=74:4D:28:61:35:5D security=\
security1
add channel=channel54 configuration=wifinetworkname-5g datapath=datapath1 disabled=no l2mtu=1600 mac-address=74:4D:28:61:35:5E master-interface=none name=Salon-5G radio-mac=74:4D:28:61:35:5E security=\
security1
/interface list
add exclude=dynamic name=discover
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=192.168.1.2-192.168.1.150
add name=dhcp_pool1 ranges=192.168.1.2-192.168.1.150
/ip dhcp-server
add address-pool=dhcp_pool1 disabled=no interface=br_lan lease-time=6h10m name=dhcp1
/user group
set full policy=local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,password,web,sniff,sensitive,api,romon,dude,tikapp
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man manager interface
add disabled=no forbid=yes interface=ether1
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=wifinetworkname name-format=identity slave-configurations=wifinetworkname-5g
/interface bridge port
add bridge=br_lan hw=no interface=ether3
add bridge=br_lan hw=no interface=ether2
add bridge=br_lan hw=no interface=ether4
add bridge=br_lan hw=no interface=ether5
add bridge=br_lan interface=wlan1
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface list member
add interface=wlan1 list=discover
add interface=br_lan list=discover
add interface=Main-2G list=discover
add interface=Psy-2G list=discover
add interface=Salon-5G list=discover
add interface=Salon-2G list=discover
/interface wireless cap
#
set caps-man-addresses=127.0.0.1 certificate=request discovery-interfaces=br_lan enabled=yes interfaces=wlan1
/ip address
add address=192.168.1.1/24 interface=br_lan network=192.168.1.0
/ip dhcp-client
add disabled=no interface=ether1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server lease
add address=192.168.1.100 mac-address=90:1B:0E:33:E3:4C
add address=192.168.1.141 client-id=1:0:9:b0:9:9a:bd mac-address=00:09:B0:09:9A:BD
add address=192.168.1.76 comment=solaredge mac-address=00:27:02:1A:F1:F6
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=8.8.8.8 gateway=192.168.1.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input dst-port=5246,5247 protocol=udp src-address=127.0.0.1
add action=accept chain=input dst-port=80 in-interface=ether1 protocol=tcp
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1 src-address=192.168.1.0/24
add action=dst-nat chain=dstnat dst-port=80 in-interface=ether1 protocol=tcp to-addresses=192.168.1.100 to-ports=8383
add action=dst-nat chain=dstnat dst-port=443 in-interface=ether1 protocol=udp to-addresses=192.168.1.100 to-ports=443
add action=dst-nat chain=dstnat dst-port=6881 in-interface=ether1 protocol=tcp to-addresses=192.168.1.100 to-ports=6881
add action=dst-nat chain=dstnat dst-port=6881 in-interface=ether1 protocol=udp to-addresses=192.168.1.100 to-ports=6881
add action=dst-nat chain=dstnat dst-port=443 in-interface=ether1 protocol=tcp to-addresses=192.168.1.100 to-ports=443
add action=dst-nat chain=dstnat dst-port=4500 in-interface=ether1 protocol=udp to-addresses=192.168.1.100 to-ports=4500
add action=dst-nat chain=dstnat dst-port=500 in-interface=ether1 protocol=udp to-addresses=192.168.1.100 to-ports=500
add action=dst-nat chain=dstnat dst-port=5000-5200 in-interface=ether1 protocol=tcp to-addresses=192.168.1.100 to-ports=5000-5200
add action=dst-nat chain=dstnat dst-port=5000-5200 in-interface=ether1 protocol=udp to-addresses=192.168.1.100 to-ports=5000-5200
add action=dst-nat chain=dstnat dst-port=8080-8082 in-interface=ether1 protocol=tcp to-addresses=192.168.1.100 to-ports=8080-8082
/ip service
set telnet disabled=yes
set ftp disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Warsaw
/system identity
set name=Main
And this is cap configuration of the devices that keeps disconnecting:
# apr/22/2020 09:14:18 by RouterOS 6.46.5
/interface bridge
add name=bridge1
/interface wireless
# managed by CAPsMAN
# channel: 2462/20/gn(27dBm), SSID: mrowisko, CAPsMAN forwarding
set [ find default-name=wlan1 ] ssid=MikroTik
# managed by CAPsMAN
# channel: 5180/20-Ceee/ac/P(20dBm), SSID: mrowisko-5g, CAPsMAN forwarding
set [ find default-name=wlan2 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add bridge=bridge1 interface=all
/interface wireless cap
#
set caps-man-addresses=192.168.1.1 certificate=request discovery-interfaces=ether3 enabled=yes interfaces=wlan1,wlan2
/ip dhcp-client
add disabled=no interface=bridge1
/system clock
set time-zone-name=Europe/Warsaw
/system identity
set name=Salon
Do you have any ideas how to fix this?