CAPSMAN VLANS and Bridges....

efaden · August 21, 2014, 10:53pm

So I am trying to configure CAPSMAN and could use a little advice… I have an existing setup that works (each AP configured manually) which is what I am trying to replicate with CAPSMAN.

My goal is to have a single controller… and 3 RB912s. On each of the RB912s I need to have 2 Wireless Networks (Call them Wireless and GuestWireless). I would like to use the Local Forwarding mode to avoid loading the CAPSMAN server. The traffic coming from Wireless needs to go untagged, while the traffic from GuestWireless needs to be tagged with VLAN ID 1003.

The config for my APs I am trying to convert is below… basically it has three networks going to it… Untagged (should be the main wireless network), Tagged 1 (Management Network), and Tagged 1003 (Guest Network).

Any help is appreciated.

My wireless config for the three RB912s looks like:
/interface bridge
add l2mtu=1600 name=bridge-main
add l2mtu=1596 name=bridge-management
add l2mtu=1596 name=bridge-public
/interface ethernet
set [ find default-name=ether1 ] name=ether01
/interface vlan
add interface=bridge-management l2mtu=1596 name=vlan-management vlan-id=1
add interface=bridge-public l2mtu=1596 name=vlan-public vlan-id=1003
/interface wireless security-profiles
add eap-methods=“” management-protection=allowed name=guest-profile
supplicant-identity=“”
add authentication-types=wpa2-psk eap-methods=“” management-protection=
allowed mode=dynamic-keys name=main-profile supplicant-identity=“”
wpa2-pre-shared-key=123456
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-eC
disabled=no frequency=2412 l2mtu=1600 mode=ap-bridge name=wlan-main
security-profile=main-profile ssid=Wireless tdma-period-size=auto
wireless-protocol=802.11
add disabled=no l2mtu=1600 mac-address=4E:5E:0C:40:EE:19 master-interface=
wlan-main name=wlan-public security-profile=guest-profile ssid=
WirelessGuest wds-cost-range=0 wds-default-cost=0
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/interface bridge port
add bridge=bridge-main interface=ether01
add bridge=bridge-main interface=wlan-main
add bridge=bridge-management interface=vlan-management
add bridge=bridge-public interface=vlan-public
add bridge=bridge-public interface=wlan-public
/ip address
add address=10.1.1.12/24 interface=ether01-vlan-management network=10.1.1.0
/ip route
add distance=1 gateway=10.1.1.1

efaden · August 23, 2014, 11:34am

efaden:

So I am trying to configure CAPSMAN and could use a little advice… I have an existing setup that works (each AP configured manually) which is what I am trying to replicate with CAPSMAN.

My goal is to have a single controller… and 3 RB912s. On each of the RB912s I need to have 2 Wireless Networks (Call them Wireless and GuestWireless). I would like to use the Local Forwarding mode to avoid loading the CAPSMAN server. The traffic coming from Wireless needs to go untagged, while the traffic from GuestWireless needs to be tagged with VLAN ID 1003.

The config for my APs I am trying to convert is below… basically it has three networks going to it… Untagged (should be the main wireless network), Tagged 1 (Management Network), and Tagged 1003 (Guest Network).

Any help is appreciated.

My wireless config for the three RB912s looks like:
/interface bridge
add l2mtu=1600 name=bridge-main
add l2mtu=1596 name=bridge-management
add l2mtu=1596 name=bridge-public
/interface ethernet
set [ find default-name=ether1 ] name=ether01
/interface vlan
add interface=bridge-management l2mtu=1596 name=vlan-management vlan-id=1
add interface=bridge-public l2mtu=1596 name=vlan-public vlan-id=1003
/interface wireless security-profiles
add eap-methods=“” management-protection=allowed name=guest-profile
supplicant-identity=“”
add authentication-types=wpa2-psk eap-methods=“” management-protection=
allowed mode=dynamic-keys name=main-profile supplicant-identity=“”
wpa2-pre-shared-key=123456
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-eC
disabled=no frequency=2412 l2mtu=1600 mode=ap-bridge name=wlan-main
security-profile=main-profile ssid=Wireless tdma-period-size=auto
wireless-protocol=802.11
add disabled=no l2mtu=1600 mac-address=4E:5E:0C:40:EE:19 master-interface=
wlan-main name=wlan-public security-profile=guest-profile ssid=
WirelessGuest wds-cost-range=0 wds-default-cost=0
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/interface bridge port
add bridge=bridge-main interface=ether01
add bridge=bridge-main interface=wlan-main
add bridge=bridge-management interface=vlan-management
add bridge=bridge-public interface=vlan-public
add bridge=bridge-public interface=wlan-public
/ip address
add address=10.1.1.12/24 interface=ether01-vlan-management network=10.1.1.0
/ip route
add distance=1 gateway=10.1.1.1

Anyone?

efaden · August 28, 2014, 12:29am

efaden:

efaden:

So I am trying to configure CAPSMAN and could use a little advice… I have an existing setup that works (each AP configured manually) which is what I am trying to replicate with CAPSMAN.

My goal is to have a single controller… and 3 RB912s. On each of the RB912s I need to have 2 Wireless Networks (Call them Wireless and GuestWireless). I would like to use the Local Forwarding mode to avoid loading the CAPSMAN server. The traffic coming from Wireless needs to go untagged, while the traffic from GuestWireless needs to be tagged with VLAN ID 1003.

The config for my APs I am trying to convert is below… basically it has three networks going to it… Untagged (should be the main wireless network), Tagged 1 (Management Network), and Tagged 1003 (Guest Network).

Any help is appreciated.

My wireless config for the three RB912s looks like:
/interface bridge
add l2mtu=1600 name=bridge-main
add l2mtu=1596 name=bridge-management
add l2mtu=1596 name=bridge-public
/interface ethernet
set [ find default-name=ether1 ] name=ether01
/interface vlan
add interface=bridge-management l2mtu=1596 name=vlan-management vlan-id=1
add interface=bridge-public l2mtu=1596 name=vlan-public vlan-id=1003
/interface wireless security-profiles
add eap-methods=“” management-protection=allowed name=guest-profile
supplicant-identity=“”
add authentication-types=wpa2-psk eap-methods=“” management-protection=
allowed mode=dynamic-keys name=main-profile supplicant-identity=“”
wpa2-pre-shared-key=123456
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-eC
disabled=no frequency=2412 l2mtu=1600 mode=ap-bridge name=wlan-main
security-profile=main-profile ssid=Wireless tdma-period-size=auto
wireless-protocol=802.11
add disabled=no l2mtu=1600 mac-address=4E:5E:0C:40:EE:19 master-interface=
wlan-main name=wlan-public security-profile=guest-profile ssid=
WirelessGuest wds-cost-range=0 wds-default-cost=0
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/interface bridge port
add bridge=bridge-main interface=ether01
add bridge=bridge-main interface=wlan-main
add bridge=bridge-management interface=vlan-management
add bridge=bridge-public interface=vlan-public
add bridge=bridge-public interface=wlan-public
/ip address
add address=10.1.1.12/24 interface=ether01-vlan-management network=10.1.1.0
/ip route
add distance=1 gateway=10.1.1.1

Anyone?

Seriously? No one has a clue?

janisk · August 28, 2014, 6:11am

under data path, you can configure what you require. What bridge to use etc.