Hi there,
I’m eventually replicating my cAP AC to cAP AX.
I put devices in different VLANs depending on MAC using ACLs.
With the new PPSK feature this is no longer necessary.
Once I got to grips with the new menu, the migration was straightforward.
There is just one thing. In the old setup, it was not necessary to allow the respective VLAN to enter the bridge.
So e.g.
/interface bridge vlan
add bridge=bridge-VLANs comment="GUEST WLAN" tagged=ether1,bridge-VLANs vlan-ids=11
.
so in the past it was simply
/interface bridge vlan
add bridge=bridge-VLANs comment="GUEST WLAN" tagged=ether vlan-ids=11
.
and datapath.local-forwarding = yes in CAPsMAN.
- Is that necessary with CAPsMANv2 setup?
- any additional security measures necessary to ensure that only VLAN-MGTM devices can touch the CAP?
thank you
stefan