I finally bite the CAPsMAN pill and made a CAPsMAN setup with:
rb5009ug+s+ (arm64) as VLANs, CAPsMAN server and Radius server connected to switch
CRS354-48P-4S+2Q+ as middle man with PoE
two RBcAPGi-5acD2nD access points powerd by switch
Wifi is configured as WPA2-EAP with Radius on router. It works flawless, I really love the CAPsMAN as command center.
Radius does the job beautiful and the granulation with access to wifi is marvellous.
Sadly I have device that need to be connected to network - but there is no LAN near it and the device itself lacks WiFi module.
It was never a issue to make a wifi brigde before… until I bite the capsman pill… according to mikrotik wiki and tests, Im unable to connect wifi bridge as normal.
I found out that the is “forbidden” apple named pseudobridge/pseudobridge clone.
I’m able to connect to mAP to wifi network via those two methods, and thru LAN to machine, I’m not sure if I got dhcp offer each time (on the machine) I tried but it looked its ok (with small hiccups (ap restart, user manager bind reset))
Each time I did get IP from proper DHCP Server from proper VLAN (which is based on user) I’m unable to ping that machine from any other client, router is being able to ping it, but not clients.
This is printer so its important to being able to ping/connect to.
Now im not sure what is the issue - I tried same mAP with notebook connected thru LAN and it works without issues.
I read that pseudobridge works only with one device (excluding the AP that is connected tru pseudobridge?) so I assume this should work: wifi <— mAP (thru pseudobride) eth0 ---- printer (tru lan)
I tried to mimic same network setup on my test bench and (without access to the printer) I was able to connect few “dumb” devices to network thru pseudobridge on mAP.
I even tried similar setup on different mikrotik device to check if mAP is working correct but end up with same results - getting IP address from DHCP on printer and not being able to access it thru client device.
Im unable to add different wifi network because CAPsMAN has already two networks configured
I’m not allowed to lower WPA2-EAP to anything lower (WPA2-PSK)
I’m unable to add cable network near the printer
I’m currently trying to get dedicated wifi module to printer but most of the sellers says its “rare” and out-of-stock most of the times.
If it the only way I can disable CAPsMAN if there is not other solution
After many hours and few attempts on-site I don’t know if I’m doing something wrong or it’s impossible in this setup or I’m messing something up with so funky configuration…
So any of you WiFizzards can point me in right direction ?
How it would be easier and faster? From looking on device you mention I don’t see anything that mAP Lite (RBmAPL-2nD) is missing, so how that would help with connecting with ?
The printer is almost next to wifi access point so the coverage issue/range is not the one I’m having.
If you mention this device so I can create another network just for that printer then I can’t do that.
Strange thing is that the printer bond with good ip address, and can reach router, router can access printer and thats all no client-router-printer traffic.
Also when anything else is connected to mAP Lite on very similar network (config is restored from router) laptop, amplituner, receipt printer, everything works fine and can be access from client side.
on mAP side the wifi interface and eth1 are bridge together so there was always same network on eth1 side as the network im connecting, and from fast searching about eoip it would be awesome solution if I was in different network or even different site.
Its just super strange that even if I get proper IP from proper dhcp (if vlan was issue I wouldn’t get IP address from dhcp that is sitting in that VLAN), yet clients from same vlan can’t access printer somehow…
The SXTsq Lite2 device is installed separately in the switch port, and only the mAP Lite is connected to it via wifi. It has a level 3 license so other devices will not be able to connect to this bridge. Authorization is at your discretion
to be honest I was hoping to confirm/denied that the setup I got should or shouldn’t connect to each other and why anything other than printer works find with that setup.
So from what I understand the solution for my issue is getting another device, and connect it point-to-point with map lite.
Yeah, thats one solution I came up with too, also I could just drop the CAPsMAN configuration and configure APs by hand and be able to add third wifi network just for that same thing - bucause at the time of designing wifi network number of networks that was needed was 2 and the limitation that came with CAPsMAN was not an issue.
I’m not familiar with pseudbridge that much - and reading that mikrotik team don’t really recommend using it only straighten my hope for this setup but still its very strange that i’m first person that hit the wifi-brige wall with CAPsMAN on infrastructure
That’s the other solution @holvoetn was telling you
On map lite exclude wlan interface from bridge, make EOIP interface between map lite and any other Mikrotik device on the network, add EOIP to bridge on both ends.