I have the two access lists shown below and they work…kinda
Whichever one is first works, any others do not. it’s like the Tik tried rule 0 and if it fails doesn’t check the next
According to the docs, access lists should be sequentially tried until a match is found, but that doesn’t seem to be working in this instance.
My goal here is to have one SSID across a number of APs but assign different passwords to different user groups, which will then put them in their own VLAN
Cambium have this called ePSK and Ruckus call it dPSK
At the moment i am doing this locally on one router (hAP AC Lite on v7.14.1) but will look to do it on CAPsMAN once i have it nailed down
I am likely missing something very basic, but not sure what it is
Last time I tried this (about 5 years ago), I had to use the MAC address field.
I don’t bother with Mikrotik wifi anymore.
At the time I was trying to “CHEAP VERSION” Ruckus DPSK.
You can read the forums for all the reasons I finally gave up on Caps-Man and Mikrotik WiFi specifically.
What you are looking to do is really easy in Cambium using EPSK. And as a bonus…I get radios that don’t constantly disconnect clients.
I do really mis caps-man instant updates and flexibility. But I can’t have customers constantly complaining.
It is sequentially tried until the MAC address matches. In your case the first one always matches, it is working as designed.
@OP welcome to the club here… Like you, I also wait for Mikrotik to implement something other vendors have for some time now… And nothing…
AS speculated, i am trying to create a “poor mans ePSK” but seems this isn’t possible
Basically I have a client that wants a dPSK / ePSK style network but doesn’t want to replace the 290 hAP AC’s they have in place already
Guess it’s back to the drawing board on this one
Much like I learned in that other thread…
Sometimes you gotta pay.
But my numbers have improved to the point where the difference between a XV2-21x is a lot closer to cAP AX.
If they wanna hold onto those WAP and use EPSK/DPSK… You are gonna have to map EVERY MAC ADDRESS OF THE CLIENT DEVICES.
Other option is to start making multiple SSIDs.
Edit:
Wait a second… hAP AC? Not even AC2. So like 10-12 year old access points? No MU-MIMO and a truly broken version of ACv1?