CAPsMAN - bind by mac to 2.4 GHz network

kekraiser · November 22, 2022, 10:24am

My current CAPsMAN setup has 2.4 GHz and 5 GHz netowrks shared same SSID, just a common practices. Everything worked well for years, including devices that only support 2.4 GHz. But now I have a device that only works on 2.4 GHz and it cannot connect to my Wi-Fi for some reasons. When I disable 5 GHz in CAPsMAN provisions, and SSID will only works with 2.4 GHz, then everything works well and device connected successfully.

Obviously, I can give different SSID for 2.4 GHz and 5 GHz networks, but it won’t be as pretty as it used to be, and I want to avoid this hack. Also I have a lot of Wi-Fi devices that must be reconfigured in case of SSID change.

Is there a way to configure CAPsMAN somehow, that when my device is trying to connect - it will be forcely connected to 2.4 GHz network only?

Thank you.

erlinden · November 22, 2022, 10:44am

Let’s first focus on the problem: what is the logging saying?
Can we check the CAPsMAN config (as well): /caps-man export (make sure to remove any personal data.

kekraiser · November 23, 2022, 8:02am

No any info about device connection attempts in logs.

I contacted the manufacturer of the device, he said that the device should work in my case, but it seems to be defective and sent a replacement.

Anyway, question is still interesting, I think.

Ca6ko · November 23, 2022, 8:14am

This problem can be solved with the access lists. there you can list the interfaces to which the device with the given MAC can connect

erlinden · November 23, 2022, 8:48am

Assuming the MAC address is static (which isn’t when it comes to wireless interfaces).

Still waiting for your config, kekraiser

kekraiser · November 23, 2022, 9:02am

In my case MAC is static. BTW, many wireless devices has setting “Make my MAC static” or empty field for static MAC.

# nov/23/2022 10:54:02 by RouterOS 6.49
# software id = %REMOVED%
#
# model = CCR1009-7G-1C-1S+
# serial number = %REMOVED%

/caps-man channel
add band=2ghz-b/g/n name=2GHz
add band=5ghz-a/n/ac name=5GHz
/caps-man datapath
add bridge=main client-to-client-forwarding=yes local-forwarding=yes name=main
add bridge=guest client-to-client-forwarding=no local-forwarding=no name=guest
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm name=main passphrase=%REMOVED%
add authentication-types=wpa2-psk encryption=aes-ccm name=guest passphrase=%REMOVED%
/caps-man configuration
add channel=2GHz country=ukraine datapath=main mode=ap name=main-2GHz rx-chains=0,1,2,3 security=main ssid=%REMOVED% tx-chains=0,1,2,3
add channel=5GHz country=ukraine datapath=main mode=ap name=main-5GHz rx-chains=0,1,2,3 security=main ssid=%REMOVED% tx-chains=0,1,2,3
add channel=2GHz country=ukraine datapath=guest mode=ap name=guest-2GHz rx-chains=0,1,2,3 security=guest ssid="%REMOVED% Guest" tx-chains=0,1,2,3
add channel=5GHz country=ukraine datapath=guest mode=ap name=guest-5GHz rx-chains=0,1,2,3 security=guest ssid="%REMOVED% Guest" tx-chains=0,1,2,3
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=main
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=b,g,gn master-configuration=main-2GHz name-format=prefix-identity name-prefix=2.4GHz slave-configurations=guest-2GHz
add action=create-dynamic-enabled hw-supported-modes=a,an,ac master-configuration=main-5GHz name-format=prefix-identity name-prefix=5GHz slave-configurations=guest-5GHz

kekraiser · November 23, 2022, 9:09am

I cant select all 2.4 interfaces in access list rule window, only one. In the bottom I see “all”, “any”, “static”, and other group-like options. Can I create something like this for all 2.4 GHz interfaces by regex, or something else?

Ca6ko · November 23, 2022, 11:53am

I did not see any reason in your configuration why the device would connect to the wrong interface.
To work with the access list you first need to add all the necessary interfaces to a new list of interfaces, e.g. 2GHz. And then select the required list of interfaces in the access list.
The interface is automatically added to the list of interfaces in the datapath. You should then make a separate one for 2.4. Or manually add to the required of interfaces list
PS You have absolutely no WiFi network configured via capsman. The automatic setup selection works very badly.
You have to manually configure and distribute the channels, channel width and power individually for each point. I recommend that you don’t unnecessarily use wifi standards from the previous millennium A and B. Using them slows down the network considerably.
I can help you if needed.

kekraiser · November 23, 2022, 2:45pm

Me too. However, as mentioned above, the device manufacturer acknowledged about the connectivity issue and sent a replacement, considering my device is faulty.

Oh, now I found it: Interfaces → Interface List tab → Lists button. So puzzle is complete now, and I can use my new “2.4 GHz interfaces list” in CAPsMAN Access List tab. Thank you!

Hmm, I think I configure it properly… Never experienced with network slowdowns, automatic configuration of channels, width and power worked without issues. In “CAP Interface” tab I see that CAPsMAN choose right and non-conflicting (not intersecting) frequencies for all eight AP and for each band (2.4 GHz or 5 GHz).

But, if you have something to improve my configuration - tell me, I’m very interested.

gotsprings · November 24, 2022, 3:34am

If it works with the 5 turned off… It’s probably not gonna work right with the 5 turned on. The ACL will keep it from connecting… But more likely it’s the fact that the device even hears the SSID in 2 bands.

Make another SSID, have caps-man reprovision that new SSID on virtual APs. Then disable the 5 GHZ of the virtual AP.