Hello, I currently have an RB961g-2HnD as a main router in a small hotel. The router has two separate bridges (public and private) on two different IP ranges to keep guest traffic separated. This has worked fine so far as I could just assign ports to different bridges as needed. A TP-Link AP that can do VLAN tagging works well with this system with two VLAN interfaces added to their representive bridges.
I’ve been trying to replace one of the APs with a hAP Lite and set it up with CAPsMAN, but after setup based on this tutorial, nothing happened. My questions in order of importance:
is the solution with to separate bridges good practice?
should CAPsMAN work in this scenario? (I’m guessing it should)
why didn’t the tutorial work in my case?
I have attached the network map for ease of understanding. The router I’m trying to replace is the top right corner one.
Nope. In recent ROS versions (that since version 6.42) good practice is to use single VLAN-enabled bridge.
It should if you configure it right.
There a few details to observe: on CAPsMAN device, you set up /caps-man manager interface and all CAP devices need to have connectivity to this interface. Then there’s /caps-man datapath configuration which is actually about CAP devices … it is possible to have both separate (e.g. over different VLANs), but in that case eth5 (on main router) has to become trunk connection. Or capsman manager interface has to be part of “public” VLAN (personally I wouldn’t do it though).
No idea … you didn’t provide configuration settings from both main router and newly configured CAP device.
Thank you, these are the valuable snippets of information I need. Since I’m not a full time sysadmin (hotel is a family business), I’m not up-to-date with everything. I’ll redo the routing on the main router and come back here if it still doesn’t work.
