I thought I had this figured out yesterday, but I’m not comfortable with the configuration as the radios occasionally have problems associating. In a nutsheel, we’ve configured two VAPs called vap91 and vap92, have WDS configured as dynamic for the primary and vap interfaces, and set the default bridge for the both vap interfaces. The primary interface on both radios are configured as bridge interfaces as they will form a point-to-point link, and WDS is configured as dynamic also for this interface.
Sometimes one vap interface has a problem associating, and sometimes both do. It is generally on one end of the link - the other end appears to associate just fine. On the side that doesn’t associate, we get “disconnected, group key exchange timeout”. We are using WPA2/AES, but we’ve also tried no security. We were using 4.1 firmware, but upgraded to 5 beta. We’re having the same problem.
I’ve tried tweaking about every setting, then moving the setting back, but nothing seems to help. We’ve created an installation script, and I can reinstall the configuration on the side that doesn’t work properly, and the link comes back up. It may be up for hours, but when it breaks, it’s a pain to fix.