Hi Guys,
Please put me on the right track. I’m going crazy configuring. I can’t get the hAP ax lite to register with the RB3011UiAS as a CAP. The CAP always tell - no connection to CAPsMAN (in wifi-interface list)
Logging says
no suitable CAPsMAN
RouterOS on RB3011UiAS: 7.13.3 (wireless package)
RouterOS on hAP ax lite: 7.13.3 (wifi-qcom package - I have also tried it with wireless package but with the wireless package the WIFI interface of the hAP is no longer recognised)
Configuration on the RB3011UiAS (irrelevant parts removed)
# 2024-01-27 11:37:52 by RouterOS 7.13.3
# software id = LVGI-H82J
#
# model = RB3011UiAS
# serial number = B8950BD1D59A
/interface bridge add name=BR_LAN port-cost-mode=short priority=0xF000
/interface ethernet set [ find default-name=ether1 ] loop-protect=off name="ether1 - switch-sz" rx-flow-control=auto tx-flow-control=auto
/interface ethernet set [ find default-name=ether2 ] name="ether2 - switch-wz"
/interface ethernet set [ find default-name=ether3 ] name="ether3 - ESXi"
/interface ethernet set [ find default-name=ether4 ] name="ether4 - HomeMatic"
/interface ethernet set [ find default-name=ether5 ] name="ether5 - switch-kg"
/interface ethernet set [ find default-name=ether6 ] name="ether6 - HASSIO"
/interface ethernet set [ find default-name=ether7 ] name="ether7 - AP_WZ"
/interface ethernet set [ find default-name=ether8 ] name="ether8 - switch-kz" rx-flow-control=auto tx-flow-control=auto
/interface ethernet set [ find default-name=ether9 ] name="ether9 - UPC" rx-flow-control=auto tx-flow-control=auto
/interface ethernet set [ find default-name=sfp1 ] name="sfp1 - switch-sk"
/caps-man datapath add bridge=BR_LAN client-to-client-forwarding=yes local-forwarding=yes name=WIFI@HOME
/caps-man security add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm name=WIFI@HOME
/caps-man configuration add country=austria datapath=WIFI@HOME datapath.bridge=BR_LAN distance=indoors mode=ap name=WIFI@HOME security=WIFI@HOME security.authentication-types="" .encryption="" ssid=WIFI@HOME_new
/ip dhcp-server option add code=119 name=domain-search-list value="0x06'mulatz'0x03'lan'0x00"
/ip pool add comment="Network: 192.168.100.0/27" name=dhcp-lan ranges=192.168.100.1-192.168.100.31
/ip dhcp-server add add-arp=yes address-pool=dhcp-lan interface=BR_LAN lease-time=10m name=DHCP-LAN
/system logging action add bsd-syslog=yes name=synology remote=192.168.100.247 remote-port=49166 src-address=192.168.100.254 target=remote
/caps-man manager set ca-certificate=auto certificate=auto enabled=yes
/caps-man manager interface set [ find default=yes ] forbid=yes
/caps-man manager interface add disabled=no interface=BR_LAN
/caps-man provisioning add action=create-dynamic-enabled master-configuration=WIFI@HOME
/interface bridge port add bridge=BR_LAN frame-types=admit-only-vlan-tagged ingress-filtering=no interface="sfp1 - switch-sk" internal-path-cost=10 path-cost=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether1 - switch-sz" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether2 - switch-wz" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether3 - ESXi" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether4 - HomeMatic" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether5 - switch-kg" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether6 - HASSIO" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether8 - switch-kz" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface="ether7 - AP_WZ" internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN frame-types=admit-only-untagged-and-priority-tagged interface=ether10 internal-path-cost=10 path-cost=10 pvid=10
/interface bridge port add bridge=BR_LAN interface=VETH_DOCKER_cloudflared internal-path-cost=10 path-cost=10
/interface bridge port add bridge=BR_LAN interface=*15 internal-path-cost=10 path-cost=10
/ip settings set max-neighbor-entries=8192 rp-filter=loose
/interface list member add interface="ether9 - UPC" list=LIST_WAN
/interface list member add interface=BR_LAN list=LIST_LAN
/interface list member add interface=wid-client-vpn list=LIST_LAN
/interface list member add interface=WG_local-SR list=LIST_LAN
/ip address add address=192.168.100.254/23 interface=BR_LAN network=192.168.100.0
/ip cloud set ddns-enabled=yes update-time=no
/ip dhcp-client add interface="ether9 - UPC" use-peer-dns=no use-peer-ntp=no
/ip dhcp-server alert add disabled=no interface=BR_LAN
/ip dhcp-server network add address=192.168.100.0/23 dhcp-option=domain-search-list dns-server=192.168.100.246 domain=mulatz.lan gateway=192.168.100.254 netmask=23 ntp-server=192.168.100.210
/ip dns set servers=192.168.100.246
/ip firewall filter add action=accept chain=input comment="CAPSMANAGER Discovery" protocol=udp src-port=5246,5247
/ip firewall filter add action=accept chain=input comment="CAPSMANAGER Discovery" dst-port=5246,5247 protocol=udp
/ip firewall nat add action=masquerade chain=srcnat comment="lan --> internet" out-interface-list=LIST_WAN src-address=192.168.100.0/23
/ip firewall service-port set ftp disabled=yes
/ip firewall service-port set tftp disabled=yes
/ip firewall service-port set h323 disabled=yes
/ip firewall service-port set sip disabled=yes
/ip firewall service-port set pptp disabled=yes
/ip firewall service-port set udplite disabled=yes
/ip firewall service-port set dccp disabled=yes
/ip firewall service-port set sctp disabled=yes
/ip service set telnet disabled=yes
/ip service set ftp disabled=yes
/ip service set www disabled=yes
/ip service set www-ssl certificate=wildcard.mulatz.lan disabled=no tls-version=only-1.2
/ip service set api-ssl certificate=wildcard.mulatz.lan
/ip ssh set always-allow-password-login=yes forwarding-enabled=both strong-crypto=yes
/system clock set time-zone-name=Europe/Vienna
/system clock manual set dst-delta=+01:00 dst-end="2019-10-27 03:00:00" dst-start="2019-03-31 02:00:00"
/system identity set name=router-main
/system logging set 0 topics=info,system
/system logging add action=synology topics=critical
/system logging add action=synology topics=error
/system logging add action=synology topics=warning
/system ntp client set enabled=yes
/system ntp client servers add address=ntp.mulatz.lan
/system routerboard settings set enter-setup-on=delete-key
Configuration on the hAP ax lite (complete):
reset to factory defaults (capsmode) - tried with own bridge-config as well
# 2024-01-27 11:38:33 by RouterOS 7.13.3
# software id = WQW5-GTBY
#
# model = L41G-2axD
# serial number = HEC08QZB0H9
/interface bridge add admin-mac=48:A9:8A:A6:49:1B auto-mac=no comment=defconf name=bridgeLocal
/interface wifi datapath add bridge=bridgeLocal comment=defconf disabled=no name=capdp
/interface wifi
# no connection to CAPsMAN
add configuration.manager=capsman datapath=capdp radio-mac=48:A9:8A:A6:49:1F
/port set 0 name=serial0
/interface bridge port add bridge=bridgeLocal comment=defconf interface=ether1
/interface bridge port add bridge=bridgeLocal comment=defconf interface=ether2
/interface bridge port add bridge=bridgeLocal comment=defconf interface=ether3
/interface bridge port add bridge=bridgeLocal comment=defconf interface=ether4
/interface wifi cap set caps-man-addresses=192.168.100.254 discovery-interfaces=bridgeLocal enabled=yes slaves-datapath=capdp
/ip dhcp-client add comment=defconf interface=bridgeLocal
/system clock set time-zone-name=Europe/Vienna
/system note set show-at-login=no
Thx for any hints!
Cheers Mate
Florian
