Hi, I would like to configure CAPSman in my network.
We have 9 vlans and 5 SSID's
I try to configure it but we have also 2 CRS125 switches with the VLANs on it
But the CRS125 is a PAIN in the ASS to configure it.
Can someone help me?
On the CRS125
Ether 1, Ether 22, Ether 23 and Ether 24 must carry all VLAN's (trunk ports)
Ether 10, Ether 11, Ether 17, Ether 18 untagged on VLAN 900
Ether 12 Allso a trunk port
Ether 9 untagged on VLAN 9
Re: Capsmap config (allso with a CRS125)
Below is the config of the CRS125.
If I connect at Ether1 the Device with CAPSman on it.
Then it looks like everything is working but Wireless clients won't get an IP address.
They can connect to the wireless network but don't get a IP addres from the DHCP server.
On the CRS125 I switch from local configured AP to CAP
If I use local configured ap on it everything is working If I switch to CAP than Clients won't get an IP address.
DHCP server is in both cases on the R01 device connected to ether1 on the CRS125
# Installatie SW01 (CRS125-24G-1S-2HnD-IN)
# Geef het apparaat een identitiet
/system identity set name=SW01
# Alle poorten aan elkaar koppelen (switch) master-port=ether24
/interface ethernet
set numbers=0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 master-port=ether24
# Bonding toevoegen voor LoadBallancing
#/interface bonding add name=Bond1 comment=Bond_2_CCR slaves=ether1,ether2,ether3,ether4
# Trunk toevoegen
#/interface ethernet switch trunk
#add name=trunk1 member-ports=ether1,ether2,ether3,ether4
# VLAN Membership
# LAN_MGMT 9
/interface ethernet switch vlan
add ports=ether1,ether9,ether10,ether11,ether22,ether23,ether24,switch1-cpu vlan-id=9 learn=yes
# LAN_DATA 10, 20, 30, 40, 50, 60
add ports=ether1,ether11,ether22,ether23,ether24 vlan-id=10 learn=yes
# WLAN_DATA 12, 22, 32, 42, 52, 62
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=12 learn=yes
# WLAN_GUEST 14, 24, 34, 44, 54, 64
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=14 learn=yes
# LAN_MFP 15, 25, 35, 45, 55, 65
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=15 learn=yes
# LAN_GAME 16, 26, 36, 46, 56, 66
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=16 learn=yes
# LAN_CAMERA 17, 27, 37, 47, 57, 67
add ports=ether1,ether12,ether20,ether22,ether23,ether24,switch1-cpu vlan-id=17 learn=yes
# LAN_TVMM 18, 28, 38, 48, 58, 68 learn=yes
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=18 learn=yes
# LAN_SP 19, 29, 39, 49,359, 69
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=19 learn=yes
# LAN_SERVER 900 learn=yes
add ports=ether1,ether11,ether14,ether17,ether18,ether19,ether22,ether23,ether24 vlan-id=900 learn=yes
# Untagged poorten toevoegen (Access ports)
/interface ethernet switch ingress-vlan-translation
add ports=ether9 customer-vid=0 new-customer-vid=9 sa-learning=yes
add ports=ether10 customer-vid=0 new-customer-vid=9 sa-learning=yes
add ports=ether14 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether17 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether18 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether19 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether20 customer-vid=0 new-customer-vid=17 sa-learning=yes
# Tagged poorten toevoegen (Trunk ports)
/interface ethernet switch egress-vlan-tag
add vlan-id=9 tagged-ports=ether1,ether11,ether22,ether23,ether24,switch1-cpu
add vlan-id=10 tagged-ports=ether1,ether11,ether22,ether23,ether24
add vlan-id=12 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=14 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=15 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=16 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=17 tagged-ports=ether1,ether12,ether22,ether23,ether24,switch1-cpu
add vlan-id=18 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=19 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=900 tagged-ports=ether1,ether11,ether22,ether23,ether24
# Maak VLANs voor de poorten welke moeten worden gebridged
/interface vlan
add name=VLAN_LAN_MGMT interface=ether24 vlan-id=9
add name=VLAN_WLAN_1_DATA interface=ether24 vlan-id=12
add name=VLAN_WLAN_1_GUEST interface=ether24 vlan-id=14
add name=VLAN_LAN_1_MFP interface=ether24 vlan-id=15
add name=VLAN_LAN_1_GAME interface=ether24 vlan-id=16
add name=VLAN_LAN_1_CAMERA interface=ether24 vlan-id=17
add name=VLAN_LAN_1_TVMM interface=ether24 vlan-id=18
add name=VLAN_WLAN_1_SP interface=ether24 vlan-id=19
# Bridge toevoegen
/interface bridge
add name=BR_WLAN_1_DATA
add name=BR_WLAN_1_GUEST
add name=BR_LAN_1_MFP
add name=BR_LAN_1_GAME
add name=BR_LAN_1_CAMERA
add name=BR_LAN_1_TVMM
add name=BR_WLAN_1_SP
# IP adressen toewijzen
/ip address
add address=172.16.0.2/25 network=172.16.0.0 interface=VLAN_LAN_MGMT
# Security profielen aanmaken
/interface wireless security-profile add name=WLAN_DATA authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="Secret"
/interface wireless security-profile add name=WLAN_GUEST authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="Secret1"
/interface wireless security-profile add name=LAN_MFP authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret2"
/interface wireless security-profile add name=LAN_GAME authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret3"
/interface wireless security-profile add name=LAN_CAMERA authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret4"
/interface wireless security-profile add name=LAN_TVMM authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret5"
/interface wireless security-profile add name=WLAN_SP authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret6"
# Virtual AP's aanmaken
/interface wireless add master-interface=wlan1 name=VAP_WLAN_DATA security-profile=WLAN_DATA ssid="WLAN_DATA" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_WLAN_GUEST security-profile=WLAN_GUEST ssid="WLAN_GUEST" wmm-support=enabled disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_MFP security-profile=LAN_MFP ssid="LAN_MFP" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_GAME security-profile=LAN_GAME ssid="LAN_GAME" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_CAMERA security-profile=LAN_CAMERA ssid="LAN_CAMERA" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_TVMM security-profile=LAN_TVMM ssid="LAN_TVMM" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_WLAN_SP security-profile=WLAN_SP ssid="WLAN_SP" wmm-support=enabled default-authentication=no disabled=no
# Access List vullen voor de Virtual AP's
# Poorten toevoegen aan een bridge
/interface bridge port
add bridge=BR_WLAN_1_DATA interface=VLAN_WLAN_1_DATA
add bridge=BR_WLAN_1_DATA interface=VAP_WLAN_DATA
add bridge=BR_WLAN_1_GUEST interface=VLAN_WLAN_1_GUEST
add bridge=BR_WLAN_1_GUEST interface=VAP_WLAN_GUEST
add bridge=BR_LAN_1_MFP interface=VLAN_LAN_1_MFP
add bridge=BR_LAN_1_MFP interface=VAP_LAN_MFP
add bridge=BR_LAN_1_GAME interface=VLAN_LAN_1_GAME
add bridge=BR_LAN_1_GAME interface=VAP_LAN_GAME
add bridge=BR_LAN_1_CAMERA interface=VLAN_LAN_1_CAMERA
add bridge=BR_LAN_1_CAMERA interface=VAP_LAN_CAMERA
add bridge=BR_LAN_1_TVMM interface=VLAN_LAN_1_TVMM
add bridge=BR_LAN_1_TVMM interface=VAP_LAN_TVMM
add bridge=BR_WLAN_1_SP interface=VLAN_WLAN_1_SP
add bridge=BR_WLAN_1_SP interface=VAP_WLAN_SP
# WLAN1 enablen with right settings
/interface wireless set wlan1 mode=ap-bridge band=2ghz-onlyn frequency=auto wmm-support=enabled default-authentication=no
/interface wireless set wlan1 channel-width=20/40mhz-ht-below hide-ssid=yes security-profile=WLAN_DATA
/interface wireless set wlan1 disabled=no
# DNS Instellen
/ip dns set server=172.16.0.130
# Default route toevoegen
/ip route add dst-address=0.0.0.0/0 gateway=172.16.0.1
# SNTP Client configureren
/system ntp client set primary-ntp=172.16.0.130 secondary-ntp=172.16.0.131 enabled=yes
# SNMP Server configureren
/snmp set contact="ronald.verheij@skiffkick.nl" location="Pernis, Ring 393" enabled=yes trap-version=2
/snmp community set address=172.16.0.60 numbers=0
# SYSLOG Server configureren
/system logging action
set 3 remote=172.16.0.20
/system logging
add action=remote topics=warning
add action=remote topics=info
add action=remote topics=critical
add action=remote topics=error
add action=remote topics=wireless
# Zet de tijdzone goed
/system clock set time-zone-name=Europe/Amsterdam
# Route instellen voor locale netwerk
/ip route add dst-address=172.16.0.0/21 gateway=172.16.0.1
If I connect at Ether1 the Device with CAPSman on it.
Then it looks like everything is working but Wireless clients won't get an IP address.
They can connect to the wireless network but don't get a IP addres from the DHCP server.
On the CRS125 I switch from local configured AP to CAP
If I use local configured ap on it everything is working If I switch to CAP than Clients won't get an IP address.
DHCP server is in both cases on the R01 device connected to ether1 on the CRS125
# Installatie SW01 (CRS125-24G-1S-2HnD-IN)
# Geef het apparaat een identitiet
/system identity set name=SW01
# Alle poorten aan elkaar koppelen (switch) master-port=ether24
/interface ethernet
set numbers=0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22 master-port=ether24
# Bonding toevoegen voor LoadBallancing
#/interface bonding add name=Bond1 comment=Bond_2_CCR slaves=ether1,ether2,ether3,ether4
# Trunk toevoegen
#/interface ethernet switch trunk
#add name=trunk1 member-ports=ether1,ether2,ether3,ether4
# VLAN Membership
# LAN_MGMT 9
/interface ethernet switch vlan
add ports=ether1,ether9,ether10,ether11,ether22,ether23,ether24,switch1-cpu vlan-id=9 learn=yes
# LAN_DATA 10, 20, 30, 40, 50, 60
add ports=ether1,ether11,ether22,ether23,ether24 vlan-id=10 learn=yes
# WLAN_DATA 12, 22, 32, 42, 52, 62
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=12 learn=yes
# WLAN_GUEST 14, 24, 34, 44, 54, 64
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=14 learn=yes
# LAN_MFP 15, 25, 35, 45, 55, 65
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=15 learn=yes
# LAN_GAME 16, 26, 36, 46, 56, 66
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=16 learn=yes
# LAN_CAMERA 17, 27, 37, 47, 57, 67
add ports=ether1,ether12,ether20,ether22,ether23,ether24,switch1-cpu vlan-id=17 learn=yes
# LAN_TVMM 18, 28, 38, 48, 58, 68 learn=yes
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=18 learn=yes
# LAN_SP 19, 29, 39, 49,359, 69
add ports=ether1,ether22,ether23,ether24,switch1-cpu vlan-id=19 learn=yes
# LAN_SERVER 900 learn=yes
add ports=ether1,ether11,ether14,ether17,ether18,ether19,ether22,ether23,ether24 vlan-id=900 learn=yes
# Untagged poorten toevoegen (Access ports)
/interface ethernet switch ingress-vlan-translation
add ports=ether9 customer-vid=0 new-customer-vid=9 sa-learning=yes
add ports=ether10 customer-vid=0 new-customer-vid=9 sa-learning=yes
add ports=ether14 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether17 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether18 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether19 customer-vid=0 new-customer-vid=900 sa-learning=yes
add ports=ether20 customer-vid=0 new-customer-vid=17 sa-learning=yes
# Tagged poorten toevoegen (Trunk ports)
/interface ethernet switch egress-vlan-tag
add vlan-id=9 tagged-ports=ether1,ether11,ether22,ether23,ether24,switch1-cpu
add vlan-id=10 tagged-ports=ether1,ether11,ether22,ether23,ether24
add vlan-id=12 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=14 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=15 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=16 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=17 tagged-ports=ether1,ether12,ether22,ether23,ether24,switch1-cpu
add vlan-id=18 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=19 tagged-ports=ether1,ether22,ether23,ether24,switch1-cpu
add vlan-id=900 tagged-ports=ether1,ether11,ether22,ether23,ether24
# Maak VLANs voor de poorten welke moeten worden gebridged
/interface vlan
add name=VLAN_LAN_MGMT interface=ether24 vlan-id=9
add name=VLAN_WLAN_1_DATA interface=ether24 vlan-id=12
add name=VLAN_WLAN_1_GUEST interface=ether24 vlan-id=14
add name=VLAN_LAN_1_MFP interface=ether24 vlan-id=15
add name=VLAN_LAN_1_GAME interface=ether24 vlan-id=16
add name=VLAN_LAN_1_CAMERA interface=ether24 vlan-id=17
add name=VLAN_LAN_1_TVMM interface=ether24 vlan-id=18
add name=VLAN_WLAN_1_SP interface=ether24 vlan-id=19
# Bridge toevoegen
/interface bridge
add name=BR_WLAN_1_DATA
add name=BR_WLAN_1_GUEST
add name=BR_LAN_1_MFP
add name=BR_LAN_1_GAME
add name=BR_LAN_1_CAMERA
add name=BR_LAN_1_TVMM
add name=BR_WLAN_1_SP
# IP adressen toewijzen
/ip address
add address=172.16.0.2/25 network=172.16.0.0 interface=VLAN_LAN_MGMT
# Security profielen aanmaken
/interface wireless security-profile add name=WLAN_DATA authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="Secret"
/interface wireless security-profile add name=WLAN_GUEST authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="Secret1"
/interface wireless security-profile add name=LAN_MFP authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret2"
/interface wireless security-profile add name=LAN_GAME authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret3"
/interface wireless security-profile add name=LAN_CAMERA authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret4"
/interface wireless security-profile add name=LAN_TVMM authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret5"
/interface wireless security-profile add name=WLAN_SP authentication-type=wpa2-psk mode=dynamic-keys wpa2-pre-shared-key="secret6"
# Virtual AP's aanmaken
/interface wireless add master-interface=wlan1 name=VAP_WLAN_DATA security-profile=WLAN_DATA ssid="WLAN_DATA" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_WLAN_GUEST security-profile=WLAN_GUEST ssid="WLAN_GUEST" wmm-support=enabled disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_MFP security-profile=LAN_MFP ssid="LAN_MFP" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_GAME security-profile=LAN_GAME ssid="LAN_GAME" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_CAMERA security-profile=LAN_CAMERA ssid="LAN_CAMERA" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_LAN_TVMM security-profile=LAN_TVMM ssid="LAN_TVMM" wmm-support=enabled default-authentication=no disabled=no
/interface wireless add master-interface=wlan1 name=VAP_WLAN_SP security-profile=WLAN_SP ssid="WLAN_SP" wmm-support=enabled default-authentication=no disabled=no
# Access List vullen voor de Virtual AP's
# Poorten toevoegen aan een bridge
/interface bridge port
add bridge=BR_WLAN_1_DATA interface=VLAN_WLAN_1_DATA
add bridge=BR_WLAN_1_DATA interface=VAP_WLAN_DATA
add bridge=BR_WLAN_1_GUEST interface=VLAN_WLAN_1_GUEST
add bridge=BR_WLAN_1_GUEST interface=VAP_WLAN_GUEST
add bridge=BR_LAN_1_MFP interface=VLAN_LAN_1_MFP
add bridge=BR_LAN_1_MFP interface=VAP_LAN_MFP
add bridge=BR_LAN_1_GAME interface=VLAN_LAN_1_GAME
add bridge=BR_LAN_1_GAME interface=VAP_LAN_GAME
add bridge=BR_LAN_1_CAMERA interface=VLAN_LAN_1_CAMERA
add bridge=BR_LAN_1_CAMERA interface=VAP_LAN_CAMERA
add bridge=BR_LAN_1_TVMM interface=VLAN_LAN_1_TVMM
add bridge=BR_LAN_1_TVMM interface=VAP_LAN_TVMM
add bridge=BR_WLAN_1_SP interface=VLAN_WLAN_1_SP
add bridge=BR_WLAN_1_SP interface=VAP_WLAN_SP
# WLAN1 enablen with right settings
/interface wireless set wlan1 mode=ap-bridge band=2ghz-onlyn frequency=auto wmm-support=enabled default-authentication=no
/interface wireless set wlan1 channel-width=20/40mhz-ht-below hide-ssid=yes security-profile=WLAN_DATA
/interface wireless set wlan1 disabled=no
# DNS Instellen
/ip dns set server=172.16.0.130
# Default route toevoegen
/ip route add dst-address=0.0.0.0/0 gateway=172.16.0.1
# SNTP Client configureren
/system ntp client set primary-ntp=172.16.0.130 secondary-ntp=172.16.0.131 enabled=yes
# SNMP Server configureren
/snmp set contact="ronald.verheij@skiffkick.nl" location="Pernis, Ring 393" enabled=yes trap-version=2
/snmp community set address=172.16.0.60 numbers=0
# SYSLOG Server configureren
/system logging action
set 3 remote=172.16.0.20
/system logging
add action=remote topics=warning
add action=remote topics=info
add action=remote topics=critical
add action=remote topics=error
add action=remote topics=wireless
# Zet de tijdzone goed
/system clock set time-zone-name=Europe/Amsterdam
# Route instellen voor locale netwerk
/ip route add dst-address=172.16.0.0/21 gateway=172.16.0.1
Who is online
Users browsing this forum: Ahrefs [Bot], Amazon [Bot] and 37 guests