I read these topics before starting to do some configurations.
http://forum.mikrotik.com/t/capsman-with-two-ssid/84305/1
http://forum.mikrotik.com/t/capsman-vlans-and-bridges/80241/1
http://forum.mikrotik.com/t/capsman-manager-forwarding-problem/76860/1
http://forum.mikrotik.com/t/capsman-vlan-tag-problem/77194/1
Also read manual but still cannot achieve what I need.
Idea is to create WiFi network with two devices and two SSID’s. Each SSID belongs to own VLAN. BOTH devices (RB’s) need to broadcast both SSID and to dynamically control connected clients.
CAPsMAN.png
It is shown in picture above. I am using first RB as CAPsMAN and CAP device and second as CAP device. Now I stumbled on few problems. First one is that CAPsMAN doesn’t broadcast WiFi signal anymore once I disabled CAP on WiFi interface and enabled it again. Second one is that only one SSID is broadcasted since second cap (VLAN20CAPint) interface remains inactive no mather what I do. And also no client is able to connect to first SSID. VLAN trunk on CISCO switch is working 100% (checked).
Here are configs:
CAPsMAN device
/interface bridge
add name=vlan10br protocol-mode=none
add name=vlan20br protocol-mode=none
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] l2mtu=1600
/interface vlan
add interface=ether1 l2mtu=1594 name=vlan10 vlan-id=10
add interface=ether1 l2mtu=1594 name=vlan20 vlan-id=20
/caps-man configuration
add channel.band=2ghz-b/g/n channel.frequency=2452 channel.width=20 country=\
serbia datapath.bridge=vlan10br datapath.vlan-id=10 mode=ap name=\
VLAN10CAP security.authentication-types=wpa2-psk security.encryption=\
aes-ccm security.group-encryption=aes-ccm security.passphrase=pass123! \
ssid=VLAN10SSID
add channel.band=2ghz-b/g/n channel.frequency=2452 channel.width=20 country=\
serbia datapath.bridge=vlan20br datapath.vlan-id=20 mode=ap name=\
VLAN20CAP security.authentication-types=wpa2-psk security.encryption=\
aes-ccm security.group-encryption=aes-ccm security.passphrase=pass123! \
ssid=VLAN20SSID
/caps-man interface
#
add arp=enabled configuration=VLAN10CAP disabled=no l2mtu=1600 mac-address=\
4C:5E:0C:57:E9:41 master-interface=none mtu=1500 name=VLAN10CAPint \
radio-mac=4C:5E:0C:57:E9:41
# MAC address is address of wlan interface of CAP device
add arp=enabled configuration=VLAN20CAP disabled=no l2mtu=0 mac-address=\
4C:5E:0C:58:C7:FB master-interface=none mtu=1500 name=VLAN20CAPint \
radio-mac=4C:5E:0C:58:C7:FB
# MAC address is address of wlan interface of CAPsMAN device
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/interface bridge port
add bridge=vlan10br interface=vlan10
add bridge=vlan10br interface=VLAN10CAPint #this interface is inactive
add bridge=vlan20br interface=vlan20
add bridge=vlan20br interface=VLAN20CAPint
/interface wireless cap
set bridge=vlan10br caps-man-addresses=127.0.0.1 certificate=request enabled=\
yes interfaces=wlan1
# wifi still doesn't propagate SSID's
/ip address
add address=172.28.42.254/23 interface=vlan10br network=172.28.42.0
/system leds
set 0 interface=wlan1
CAP device
/interface wireless
# managed by CAPsMAN
# channel: 2452/20-Ce/gn(20dBm), SSID: VLAN10SSID, CAPsMAN forwarding
set [ find default-name=wlan1 ] l2mtu=1600
/interface wireless cap
set certificate=request discovery-interfaces=ether1 enabled=yes interfaces=\
wlan1
/system leds
set 0 interface=wlan1
What am I doing wrong?