I have a RB/112 with a CM9 mini PCI and am using a vertically polarized PacWireless 19dbi ROO2 on my client device.

The settings on the client station device are:
station, 5GHZ, SSID defined, antenna a, WPA PSK; which should at least allow me to connect to the desired AP.

In the client station I am able to scan and see 3 P-2-P 5GHZ links but can’t manage to see the 5GHZ AP’s on the same tower in the same scan output, in addition to the P-2-P 5GHZ links I see the MAC belonging to the client station in the scan.

One of the P-2-P links are pointed 180degrees opposite of the client station unit.

The AP sectors are 16dbi 120 degree vertically polarized and when I check the association list within the AP network manager I can see the MAC of the client station unit , why can’t I see the AP within the client station though?

On another note, how do I go about hiding the SSID in the MT in the station mode?

Any thoughts or input would be greatly appreciated.

Thanking you in advance for your help.

This must be too boring of a topic?..

Come-on, someone has to have some pointers for a first-time MikroTik user as to where I might be erroring in the setup of my MT client station attempting to connect to ikarus 5GHZ radios.

Should I try NStream?

1. Make sure to use the right connector on the cm9. The connectors
   are not marked and they are used in other order than most other
   cards. (We had this problem).

2. The scan on the client shows up the clients MAC Address? Should
   not happen. You changed MAC Addresses manualy?

3. You do not need to hide SSID in station mode. Clients do not
   send beacons with SSID.

Stefan

Thank you very much for the insight and especially the reply Stefan

I will try the antenna port this morning and re-set teh MAC of the device.


Kindest Regards

Thank you very much for the insight and especially the reply Stefan

I will try the antenna port this morning and re-set the MAC of the device.


Kindest Regards

1. Make sure to use the right connector on the cm9. The connectors
   are not marked and they are used in other order than most other
   cards. (We had this problem).

I changed ports on the CM9 but still get the same results.

2. The scan on the client shows up the clients MAC Address? Should
   not happen. You changed MAC Addresses manualy?

I went through all locations I could find to edit the MAC of wlan1.
But the scan returns the client station still.
The scanned MAC is slightly different from the actual MAC of wlan1 as provided by the command /interface wlan1 print

Here are the log reports I get from the MT112:

1. 00:15:6D:50:03:A3@wlan1: established connection on 5180, SSI GigaNet AP T1 B1.

2. lost connection, decided to deauth: 4-way hand shake.
   
   
   
   AS always, thank you for the help and responses.

Kindest Regards

I don’t know if this will assist in figuring out the connection issues I am dealing with.
But I printed the wireless and ethernet parameters to post here.

***** I can see when viewing Wireless => Registration that the unit connects then disconnects in 2 seconds.

***** Shouldn’t wlan1 show throughput as ether1 does in interfaces?

***** Looking over the wireless iface I see that it starts with “0” and then should be displaying an “R” to indicate running.
I have enabled the wireless iface in WinBox, is there a command I should use in addition to that from within the terminal to enable wlan1?

*****To utilize WPA PSK encryption shouldn’t allow-sharedkey be set to yes.


0 ;;; Wireless iface
name=“wlan1” mtu=1500 mac-address=00:0B:6B:57:0D:73 arp=enabled
disable-running-check=no interface-type=Atheros AR5213
radio-name=“000B6B570D73” mode=station ssid=“GigaNet AP T1 B1”
area=“Tower 2 Base 1” frequency-mode=regulatory-domain
country=united states antenna-gain=28 frequency=5320 band=5ghz
scan-list=default rate-set=configured supported-rates-b=“”
supported-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,
54Mbps
basic-rates-b=“”
basic-rates-a/g=6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
max-station-count=2007 ack-timeout=dynamic tx-power-mode=manual-table
noise-floor-threshold=default periodic-calibration=default
periodic-calibration-interval=60 burst-time=60 dfs-mode=none
antenna-mode=ant-a wds-mode=disabled wds-default-bridge=none
wds-default-cost=100 wds-cost-range=50-150 wds-ignore-ssid=no
update-stats-interval=10s default-authentication=yes
default-forwarding=yes default-ap-tx-limit=0
default-client-tx-limit=315000 proprietary-extensions=post-2.9.25
hide-ssid=no security-profile=client_profile disconnect-timeout=0s
on-fail-retry-time=100ms preamble-mode=short compression=no
allow-sharedkey=no

[MyAdmin@MikroTik] interface wireless> /interface ethernet
[MyAdmin@MikroTik] interface ethernet> print
Flags: X - disabled, R - running

NAME MTU MAC-ADDRESS ARP

0 R ;;; Ethernet iface
ether1 1500 00:0C:42:08:44:6F enabled

you can see any interface througput in winbox if you open interface window.

also in console you can set /interface monitor-traffic

R only will be shown if your AP if it is AP have any clients connected, and if in station mode - only if you are connected to anyone.

ans scan cannot return clients station ssid - because station does not send beacons it just don’t.

and connector of CM9 has to be connected to one in the corner (that is more in corner, than other one) that is main one.

Thanks for the reply

you can see any interface througput in winbox if you open interface window.

I do realize that, but the problem is that wlan1 never shows any throughput even though I am within 200’ of a 5GHZ AP

ans scan cannot return clients station ssid - because station does not send beacons it just don’t.

Well that may be technically true but in the station mode this unit is returning the SSID I configure into it in Interfaces => Wireless in the SSID field

and connector of CM9 has to be connected to one in the corner (that is more in corner, than other one) that is main one.

Hmm, I have tried both ports with the same result, no wireless connection established.
So you are stating that the post at the top right of the CM9 is the main port [the port farthest from the white plastic component shielding?]

I authored a more complex definition of my configuration yesterday???

I guess that the forum took it upon itself to delete the rather detailed submission I made yesterday. thanks for nothin huh?

I have tried a posting on this topic before without much response and decided to try again with different info and questions.

To begin, I am attempting to connect to an Ikarus 5Ghz AP set to use WPA encryption.
The WPA server is setup within my AIRLok AL330.

I have interfaced a CM9 into a RB112 and done the following VIA terminal according to “RouterOS and Wireless Systems Quick Setup and Warranty Information”.

1) Enabled ethernet and wireless interfaces with commands below:
/interface enable ether1
/interface enable wlan1

2) Added routes as below:
/ip route add gateway=10.0.0.1 [AIRLok Gateway]

3) Wireless configuration as below:
/interface wireless set wlan1 ssid=“GigaNet AP T1 B1” band=5ghz mode=station disabled=no

4) Assigned IP’s to ether1 & wlan1 as below:
/ip address add address=10.0.0.1/24 interface=ether1
/ip address add address=172.16.2.10/24 interface=wlan1

After doing the above setup I can ping both interfaces from the MT terminal but can only ping ether1 from the ethernet connected laptop.

After completing the above I log onto the router VIA WinBox and performed the following:

1) WPA PSK

2) Created a connection list in Wireless Tables using the MAC address of wlan1.

3) Created an access list using the MAC Address of wlan1 also.

After doing this setup I then checked the noise floor which varies between -88 to -100…
What would a preferred noise floor be?

I notice while in Wireless => Registration that the device registers for about 3 seconds and then resets to register again.

When I am in Interfaces and am viewing ether1’s throughput shouldn’t wlan1 be showing some activity also?

The client device is under 200’ away from the tower and is in clear view of the desired AP.

Tower equipment includes:
2 Ikarus 400Mw 5Ghz AP’s using PW 120degree 16db vertically polarized sectors.
2 Ikarus 5Ghz WDS Links using parabolic 30db PW’s
1 5 Port 10/100 switch

Client equipment includes:
RB112 and CM9
PW 48Vdc POE
PW 19db 5Ghz ROO2 [v-pol]
1 straight-through CAT5
1 X-Over CAT5

When I run a Scan the client device see’s 2 MAC’s belonging to itself one is displaying the AP’s SSID I defined in the Wireless tab of WinBox even though it is setup as a station and is not even licensed to serve as an AP.
In addition to seeing itself the RB112/CM9 package scans 3 5Ghz WDS links, one from the NOC, and two others on the tower.
Yet the Scan will not display the MAC address of the AP I am attempting to connect to [GigaNet AP T1 B1].

When I log into the AP VIA Ikarus Network Manager I can look at the Association List and actually see the RB112/CM9 client device MAC address.

I would greatly appreciate input as to where I am erroring in establishing a connection to the AP.

Thanking you in advance for your help.

Kindest Regards

hope i understood your problem correclty

1. why your ether1 ip address is equal to your gateway address?

2. you have to set in security-profiles to use WPA PSK on your client as i understood - then RB112 with CM9 wifi. and set that profile n your wireless settings
   
   
   i would choose that order of configuration

3. connect RB112 to same switch as your laptop, then using winbox, connect to it using mac address, and then in usual interface set all the settings, as i see, that you are used to work in winbox. changing environments will do no no good for you, so choose one.

4. set IP addresses on your interfaces

5. check if all routes are ok, add default gateway.

6. set security profile for your wireless connection, as you know, that you will have to

7. in wireless set correct ssid to connect to, set security profile you just created to connect to your AP

8. enable wireless card

if it does not show ready (R) then scan area for wireless access points, try to align antenna if you have one, and i has to be alligned until you see your AP show up.

also you can run /interface wireless monitor to see if you have connection.

Good luck
EDIT:

if i try to run /in wi scan wlan1

i do not see ssid of station i see something like this
ABPR 5ghz 5300 -44
version 2.9.38

1. why your ether1 ip address is equal to your gateway address?

That was just an error on my part while making post, ether1 IP is actually 10.0.0.99

2. you have to set in security-profiles to use WPA PSK on your client as i understood - then RB112 with CM9 wifi. and set that profile n your wireless settings

I have applied these settings to the wireless settings in the MT

6. enable wireless card

Besides Interfaces enable/disable, should I be enabling the wireless card somewhere else?

if it does not show ready (R) then scan area for wireless access points, try to align antenna if you have one, and i has to be alligned until you see your AP show up

When I run scan I can see three WDS llinks, but the MT does not see the AP on the same tower.
Yet, the AP I am trying to connect to sees the MT client device in its association list.

This thing just won’t connect to the AP any other suggestions?
DO I need to create Connection List & OR any other lilsts within the Wireless settings?

Thanks

if you have enabled “default authenticate” AP side, than you do not need to create access list.

and no, if you enable wireless like /interface wireless enable it is enabled, it have to be enabled.


you can try to create virtualAP for testing (like - no encryption, do i will see Ap then etc.)

Did you ever get this to work, or did you give up? I am also trying to get
Ikarus to talk to mikrotik. I would like to hear what you did to get it working.

I was having the 4-way handshake fail until I made a change to the wpa
setting on the ikarus node to select tkip in all cipher modes. Until then it just
repeatedly connected and disconnected.

For anyone reading this thread in the future, I always suggest that if you are
having problems associating a client to an AP, turn off all security during
the testing phase. It just adds another possible failure mode to an already complicated situation.

Yes I was able to actually figure out why my connections would not pass data…
It turned up being un-beleivably in the Packages settings of the MT Client Device.

Are you still having troubles?
One of my error log outputs also was the 4-way handshake failure too!
The 4-way handshake was failing due to the Packages enabled or disabled, it totally changes how the MT performs the handshake. Having the incorrect Packages enabled or disabled changed the WPA settings in the GUI too I found!


Please let me know if I could assist you in any way.

Pls. what do you mean by packages ?!?

/system package

OR

/ip packing

?
I mean… i do not know how could this affect wpa…
I use ip packing on some of the links, meaning an almoust all backhauls, for performance reasons, it seems to me I have better troughpout, but packages of the routeros, pls. tell me how could they affect this ?
In other way than “wireless” - “wireless-test” packages differencies ?

I am willing to find out this. Curiosity, meaning, to know if any of this could pose me problems. I do not activate packages wich I do not need, even if they are on the router, disabled. Space is no problem. And i find it a “best practices” idea, have only packages you need. It’s better and safer this way. You don’t have an open door with no use.

Yes, I do mean the /system packages, depending on which packages you have enabled or disabled will define what WPA authentication information is forwarded, at least this is how I perceived it to be.
I do know that when you have the wrong packages enabled/disabled though that when setting up Wireless => Security profiles you will notice different setting capabilities and the Security UI will display slightly different setting variables which found totally screwed up authentication when using WPA2 encryption, thus, the 4-way handshake failure..

Let me know if this helps?