I’m saying that the scrip I posted wasn’t mine. It either came with the new hAP (which is off line while I’m sorting things) or when I updated the wAP or RB3011 to version 6.44.1. It ran on one of the systems when I first booted it. I found this post that says :
I hadn’t intended to reset the device to CAP mode. Reset it yes, but not to CAP.
The hAP is now being given an address by the RB3011. So that much is again working. Devices are connecting to the hAP, but now they are not getting an IP. The log shows;
Mar/30/2019 21:04:30 wireless,info B0:FC:0D:##:##:34@wlan2: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:04:32 wireless,info B0:FC:0D:##:##:34@wlan1: connected, signal strength -59
Mar/30/2019 21:04:41 wireless,info 24:4C:E3:##:##:75@wlan1: connected, signal strength -48
Mar/30/2019 21:04:41 wireless,info CC:F7:35:##:##:93@wlan2: connected, signal strength -60
Mar/30/2019 21:05:03 wireless,info B0:FC:0D:##:##:34@wlan1: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:05:05 wireless,info B0:FC:0D:##:##:34@wlan2: connected, signal strength -69
Mar/30/2019 21:05:12 wireless,info 24:4C:E3:##:##:75@wlan1: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:05:12 wireless,info CC:F7:35:##:##:93@wlan2: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:05:12 wireless,info 84:D6:D0:##:##:64@wlan1: disconnected, received disassoc: sending station leaving (8)
Mar/30/2019 21:04:02 wireless,info 84:D6:D0:##:##:64@wlan2: connected, signal strength -66
Mar/30/2019 21:04:12 wireless,info 84:D6:D0:##:##:64@wlan2: disconnected, received disassoc: sending station leaving (8)
I’ve checked that:
[paul@MikroTik hAP] /interface> /interface wireless print
Flags: X - disabled, R - running
0 name="wlan1" mtu=1500 l2mtu=1600 mac-address=B8:69:F4:##:##:EB arp=enabled interface-type=IPQ4019 mode=ap-bridge ssid="Bree_IoT"
frequency=auto band=2ghz-b/g channel-width=20mhz secondary-channel="" scan-list=default wireless-protocol=802.11
vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no
security-profile=default compression=no
1 R name="wlan2" mtu=1500 l2mtu=1600 mac-address=B8:69:F4:##:##:EC arp=enabled interface-type=IPQ4019 mode=ap-bridge ssid="Bree_IoT"
frequency=auto band=5ghz-a/n/ac channel-width=20mhz secondary-channel="" scan-list=default wireless-protocol=802.11
vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled
default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no
security-profile=default compression=no
[paul@MikroTik hAP] /interface bridge print
Flags: X - disabled, R - running
0 R name="bridge-wireless" mtu=auto actual-mtu=1500 l2mtu=65535 arp=enabled arp-timeout=auto mac-address=66:2F:4D:##:##:72
protocol-mode=none fast-forward=yes igmp-snooping=no auto-mac=yes ageing-time=5m vlan-filtering=no dhcp-snooping=no
1 R ;;; defconf
name="bridgeLocal" mtu=auto actual-mtu=1500 l2mtu=1598 arp=enabled arp-timeout=auto mac-address=B8:69:F4:##:##:E6
protocol-mode=rstp fast-forward=yes igmp-snooping=no auto-mac=no admin-mac=B8:69:F4:##:##:E6 ageing-time=5m priority=0x8000
max-message-age=20s forward-delay=15s transmit-hold-count=6 vlan-filtering=no dhcp-snooping=no
[paul@MikroTik hAP] /interface> /ip dhcp-server print
Flags: D - dynamic, X - disabled, I - invalid
# NAME INTERFACE RELAY ADDRESS-POOL LEASE-TIME ADD-ARP
0 X dhcp1 bridgeLocal dhcp 10m
Anyone? Should there even be anything set up under dhcp-server if I want the RB3011 to be the server? It doesn’t seem to make any difference is it is disabled or not.
if you post both configs again I may have time to look at it later tonight.
I think I found out why/how my system got set into CAPsMAN mode. I probably held the reset button down longer than 11 seconds.
Here is the RB3011 which is intended to be the DHCP Server and connection to the Gateway;
# apr/01/2019 17:13:13 by RouterOS 6.44.1
# software id = QSEQ-N8CZ
#
# model = RouterBOARD 3011UiAS
# serial number = 71A0065DE59E
/interface bridge
add admin-mac=6C:3B:6B:1C:E9:DC auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether1 ] comment="To Internet"
set [ find default-name=ether2 ] comment="To Switch"
set [ find default-name=ether3 ] disabled=yes
set [ find default-name=ether4 ] disabled=yes
set [ find default-name=ether5 ] comment="hAP ac2"
set [ find default-name=ether6 ] disabled=yes
set [ find default-name=ether7 ] disabled=yes
set [ find default-name=ether8 ] disabled=yes
set [ find default-name=ether9 ] disabled=yes
set [ find default-name=ether10 ] comment="To wAP"
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=dhcp always-broadcast=yes disabled=no interface=bridge name=\
defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
/ip cloud
set update-time=no
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
ether1
/ip dhcp-server lease
add address=192.168.88.11 client-id=1:3c:28:6d:d1:27:21 comment="Pixel 3 XL" \
mac-address=3C:28:6D:D1:27:21 server=defconf
add address=192.168.88.100 client-id=1:84:d6:d0:c:f:64 comment=\
"Echo (1st Gen)" mac-address=84:D6:D0:0C:0F:64 server=defconf
add address=192.168.88.101 comment="Echo Spot" mac-address=24:4C:E3:F9:36:75 \
server=defconf
add address=dhcp client-id=1:cc:f7:35:da:93:93 comment="Echo Show" \
mac-address=CC:F7:35:DA:93:93 server=defconf
add address=192.168.88.18 comment="Fire TV" mac-address=B0:FC:0D:F6:AD:34 \
server=defconf
add address=192.168.88.5 client-id=1:3c:2a:f4:27:87:88 comment=\
"Brother Printer" mac-address=3C:2A:F4:27:87:88 server=defconf
add address=192.168.88.30 client-id=1:2c:e:3d:3:e8:42 comment="Lisa's S7" \
mac-address=2C:0E:3D:03:E8:42 server=defconf
add address=192.168.88.3 client-id=1:b8:69:f4:f0:52:e6 comment="hAP ac2" \
mac-address=B8:69:F4:F0:52:E6 server=defconf
/ip dhcp-server network
add address=192.168.88.0/24 comment=defconf gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip dns static
add address=192.168.88.1 name=router.lan
/ip firewall address-list
add address=192.168.88.2-192.168.88.254 list=allowed_to_router
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
add action=accept chain=input comment="default configuration" \
connection-state=established,related
add action=accept chain=input src-address-list=allowed_to_router
add action=accept chain=input protocol=icmp
add action=drop chain=input
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh port=2200
set api disabled=yes
set winbox address=192.168.88.0/24
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes
/system clock
set time-zone-name=America/Los_Angeles
/system ntp client
set enabled=yes server-dns-names=time.google.com
/tool bandwidth-server
set enabled=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool mac-server ping
set enabled=no
Here is the hAP ac^2 which, for now should just be a wireless gateway back to the RB3011:
# mar/30/2019 23:59:59 by RouterOS 6.44.1
# software id = EWNV-K0BF
#
# model = RBD52G-5HacD2HnD
# serial number = A97A092ACFA8
/interface bridge
add name=bridge-wireless protocol-mode=none
add admin-mac=B8:69:F4:F0:52:E6 auto-mac=no comment=defconf name=bridgeLocal
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
set [ find default-name=ether3 ] speed=100Mbps
set [ find default-name=ether4 ] speed=100Mbps
set [ find default-name=ether5 ] speed=100Mbps
/interface wireless
set [ find default-name=wlan1 ] country="united states3" disabled=no \
frequency=auto mode=ap-bridge ssid=Bree_IoT wireless-protocol=802.11
set [ find default-name=wlan2 ] band=5ghz-a/n/ac country="united states3" \
disabled=no frequency=auto mode=ap-bridge ssid=Bree_IoT \
wireless-protocol=802.11
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
dynamic-keys supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.88.3-192.168.88.254
/ip dhcp-server
add address-pool=dhcp interface=bridgeLocal name=dhcp1
/system logging action
set 0 target=disk
add name=action1 target=memory
/interface bridge port
add bridge=bridgeLocal comment=defconf disabled=yes interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2
add bridge=bridgeLocal comment=defconf interface=ether3
add bridge=bridgeLocal comment=defconf interface=ether4
add bridge=bridgeLocal comment=defconf interface=ether5
add bridge=bridgeLocal interface=wlan2
add bridge=bridgeLocal interface=wlan1
/interface list member
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=wlan1 list=LAN
add interface=ether1 list=WAN
add interface=wlan2 list=LAN
add interface=bridgeLocal list=LAN
/interface wireless access-list
add mac-address=24:4C:E3:F9:36:75
add mac-address=2C:0E:3D:03:E8:42
add mac-address=84:D6:D0:0C:0F:64
add mac-address=B0:FC:0D:F6:AD:34
add mac-address=CC:F7:35:DA:93:93
/interface wireless cap
set bridge=bridgeLocal discovery-interfaces=bridgeLocal interfaces=\
wlan1,wlan2
/ip address
add address=192.168.88.1/24 interface=ether2 network=192.168.88.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=bridgeLocal
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.88.0/24 gateway=192.168.88.1 netmask=24
/ip firewall nat
add action=masquerade chain=srcnat disabled=yes out-interface-list=WAN
/ip route
add disabled=yes distance=1 gateway=192.168.88.1
/system clock
set time-zone-name=America/Los_Angeles
/system identity
set name="MikroTik hAP"
Hmmm. I dont see anything off the bat?
What mode is the HAPAC2 selected in quickset (AP-WISP?)
Perhaps your configuration is suffering from the ‘Trump Wall Effect’.. lmao, sorry couldnt resist its late.
Perhaps with fresh eyes tomorrow I may see something else.
Quick Set is using the Home AP Dual mode.
I’m off for a short trip and will get back to this later in the week.
Only other thing I can think of is you still have the old quickset static DNS setting to get rid of.
When you come back try the AP-Wisp default setup. hook up to main router on eth1.
Then all you need to do is configure the bridge and wireless I think.