wifiwave2 + capsman "no connection to CAPsMAN" error

pants · October 2, 2023, 2:05am

Hi, I’m having problems using capsman (wifiwave2). I have an hAP AX3 and a cAP AX configured:

hAP:

[admin@MikroTik] /interface/wifiwave2/capsman> export
# 2023-10-01 19:58:45 by RouterOS 7.11.2
# software id = **ELIDED**
#
# model = C53UiG+5HPaxD2HPaxD
# serial number = redacted
/interface wifiwave2 capsman
set ca-certificate=auto enabled=yes interfaces=ether1,ether2,ether3,ether4 package-path=\
    "" require-peer-certificate=no upgrade-policy=none

cAP AX:

[admin@MikroTik] /interface/wifiwave2> export
# 2023-10-01 19:48:42 by RouterOS 7.11.2
# software id = **ELIDED**
#
# model = cAPGi-5HaxD2HaxD
# serial number = redacted
/interface wifiwave2
# no connection to CAPsMAN
add configuration.manager=capsman datapath=capdp
# no connection to CAPsMAN
add configuration.manager=capsman datapath=capdp
/interface wifiwave2 cap
set caps-man-addresses=192.168.88.1 discovery-interfaces=bridgeLocal enabled=yes \
    slaves-datapath=capdp
/interface wifiwave2 datapath
add bridge=bridgeLocal comment=defconf disabled=no name=capdp

[admin@MikroTik] /interface/wifiwave2> /interface/bridge export
/interface bridge
add admin-mac=redacted auto-mac=no comment=defconf name=bridgeLocal
/interface bridge port
add bridge=bridgeLocal comment=defconf interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2

However, as you can see, the cAP AX doesn’t get it’s interfaces configured, and I’m a bit stumped as to why. the cAP AX is powered via the PoE out on ether1 of the hAP AX3, and gets an ip address correctly, so there is connectivity:

[admin@MikroTik] /interface> print
Flags: X - DISABLED, R - RUNNING; S - SLAVE
Columns: NAME, TYPE, ACTUAL-MTU, L2MTU, MAX-L2MTU, MAC-ADDRESS
#    NAME         TYPE    ACTUAL-MTU  L2MTU  MAX-L2MTU  MAC-ADDRESS
0 RS ether1       ether         1500   1568       9214  redacted
1  S ether2       ether         1500   1568       9214  redacted
;;; defconf
2 R  bridgeLocal  bridge        1500   1568             redacted
;;; no connection to CAPsMAN
3 X  wifi1        wifi                                  redacted
;;; no connection to CAPsMAN
4 X  wifi2        wifi                                  redacted

Any thoughts are appreciated.

kravemir · October 2, 2023, 5:59am

Why do you have CAPsMAN listening on interfaces instead of a bridge? Do you not have a bridge?

Also, as you see, this is a connectivity issue. So, without showing config for interfaces/bridge/ip settings, it’s only guessing what’s going wrong.

pants · October 3, 2023, 2:38am

Ah ha, I had to set it to listen on the bridge. Thank you! I saw that, but thought “surely it doesn’t matter…”

kravemir · October 3, 2023, 5:32am

From L2 misconfiguration docs:

When you add an interface to a bridge, the bridge becomes the master interface and all bridge ports become slave ports, this means that all traffic that is received on a bridge port is captured by the bridge interface and all traffic is forwarded to the CPU using the bridge interface instead of the physical interface. As a result VLAN interface that is created on a slave interface will never capture any traffic at all since it is immediately forwarded to the master interface before any packet processing is being done.

This is for VLANs, but I guess the same applies to CAPsMAN, when it is configured to use interface(s) added to the bridge.

Also, besides that, I guess the IP address 192.168.88.1, that CAP is trying to connect to, is assigned to bridge. So, as CAPsMAN needs to listen on corresponding interfaces for IP addreses you want CAPsMAN to be accessible by, the bridge should be used.