Hi folks,
I am trying doing a configuration for two RB. The master capsman is RB2011 and other cap is RB951G. The RB951 is connect with RB2011 by ethernet 5 Gb. I have three SSID but only SSID named InternetWifi use local forwarding. When enable local forwarding to the others SSID the DHCP pool used is the InternetWifi pool. The others SSIDs are Convidado and Guest. The version for boths are 6.42.3. I not have idea what is the issue. Could you please help me?
RB2011
# jun/19/2018 08:57:15 by RouterOS 6.42.3
# software id = HIG5-FA5D
#
# model = 2011UiAS-2HnD
#
/interface bridge
add admin-mac=6C:3B:6B:F6:3D:6A auto-mac=no name=bridge
add fast-forward=no name=bridge-Convidado protocol-mode=none
add fast-forward=no name=bridgeGuest protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] comment="Cabo rede desktop-EC" mac-address=6C:3B:6B:F6:3D:69
set [ find default-name=ether2 ] comment="Cabo Rede PC-Player" mac-address=6C:3B:6B:F6:3D:6A name=ether2-master
set [ find default-name=ether3 ] comment="Cabo Rede Jr/Lu" mac-address=6C:3B:6B:F6:3D:6B
set [ find default-name=ether4 ] comment="Cabo Rede DVR" mac-address=6C:3B:6B:F6:3D:6C
set [ find default-name=ether5 ] mac-address=6C:3B:6B:F6:3D:6D
set [ find default-name=ether6 ] comment="Cabo rede Alarme Eloir/Neusa" mac-address=6C:3B:6B:F6:3D:6E name=ether6-master
set [ find default-name=ether7 ] comment="Roteador cAPL2nD" mac-address=6C:3B:6B:F6:3D:6F
set [ find default-name=ether8 ] mac-address=6C:3B:6B:F6:3D:70
set [ find default-name=ether9 ] comment="Cabo Unix" mac-address=6C:3B:6B:F6:3D:71 name=ether9_Unix
set [ find default-name=ether10 ] comment="Cabo Welt" mac-address=6C:3B:6B:F6:3D:72 name=ether10_Welt poe-out=off
set [ find default-name=sfp1 ] comment="Porta Fibra" disabled=yes mac-address=6C:3B:6B:F6:3D:68
/interface pppoe-client
add allow=pap,chap comment="PPPoE Welt" disabled=no interface=ether10_Welt name=pppoe-out1 password=016570 user=016570
/interface wireless
# managed by CAPsMAN
# channel: 2412/20-Ce/gn(30dBm), SSID: InternetWifi, local forwarding
set [ find default-name=wlan1 ] disabled=no mode=ap-bridge ssid=RB2011
# managed by CAPsMAN
# SSID: Convidado, CAPsMAN forwarding
add mac-address=4E:5E:0C:F7:1A:C7 master-interface=wlan1 mode=station name=wlan2
# managed by CAPsMAN
# SSID: Guest, CAPsMAN forwarding
add mac-address=4E:5E:0C:F7:1A:C8 master-interface=wlan1 mode=station name=wlan3
/caps-man datapath
add bridge=bridge-Convidado client-to-client-forwarding=no name=ConvidadoBridge
add bridge=bridgeGuest client-to-client-forwarding=no name=GuestBridge
add bridge=bridge client-to-client-forwarding=yes local-forwarding=yes name=InternetWifi
/caps-man security
add authentication-types=wpa2-psk comment="Senha para SSID InternetWif" encryption=aes-ccm group-encryption=aes-ccm group-key-update=1h name=RedeInternetWifi-Seg \
passphrase=blabla
add authentication-types=wpa2-psk comment="Senha para SSID Convidado - " encryption=aes-ccm group-encryption=aes-ccm group-key-update=1h name=RedeConvidadoWifi-Seg \
passphrase=blabla
add authentication-types=wpa2-psk comment="Senha para SSID Niver - " encryption=aes-ccm group-encryption=aes-ccm group-key-update=1h name=RedeGuest passphrase=blabla
/caps-man configuration
add comment="Wifi SSID InternetWifi" country=no_country_set datapath=InternetWifi max-sta-count=50 mode=ap name=RedeInternetWifi-SSID security=RedeInternetWifi-Seg ssid=InternetWifi
add comment="Wifi SSID Convidado" country=no_country_set datapath=ConvidadoBridge max-sta-count=3 mode=ap name=RedeConvidado-SSID security=RedeConvidadoWifi-Seg ssid=Convidado
add comment="Wifi SSID Guest" country=no_country_set datapath=GuestBridge max-sta-count=80 mode=ap name=RedeGuest-SSID security=RedeGuest ssid=Guest
/caps-man interface
add comment="CAP Casa Santin/Carli SSID InternetWifi" configuration=RedeInternetWifi-SSID datapath=InternetWifi disabled=no l2mtu=1600 mac-address=6C:3B:6B:8D:13:40 master-interface=none name=RB951G-InternetWifi radio-mac=6C:3B:6B:8D:13:40 security=RedeInternetWifi-Seg
add comment="CAP Casa Eloir/Neusa SSID InternetWifi" configuration=RedeInternetWifi-SSID datapath=InternetWifi disabled=no l2mtu=1600 mac-address=4C:5E:0C:F7:1A:C7 master-interface=none name=RB2011-InternetWifi radio-mac=4C:5E:0C:F7:1A:C7 security=RedeInternetWifi-Seg
add comment="CAP Casa Santin/Carli SSID Convidado" configuration=RedeConvidado-SSID datapath=ConvidadoBridge disabled=yes l2mtu=1600 mac-address=6E:3B:6B:8D:13:40 master-interface=RB951G-InternetWifi name=RB951G-Convidado radio-mac=00:00:00:00:00:00 security=RedeConvidadoWifi-Seg
add comment="CAP Casa Santin/Carli SSID Guest" configuration=RedeGuest-SSID datapath=GuestBridge disabled=no l2mtu=1600 mac-address=6E:3B:6B:8D:13:41 master-interface=RB951G-InternetWifi name=RB951G-Guest radio-mac=00:00:00:00:00:00 security=RedeGuest
add comment="CAP Casa Eloir/Neusa SSID Convidado" configuration=RedeConvidado-SSID datapath=ConvidadoBridge disabled=no l2mtu=1600 mac-address=4E:5E:0C:F7:1A:C7 master-interface=RB2011-InternetWifi name=RB2011-Convidado radio-mac=00:00:00:00:00:00 security=RedeConvidadoWifi-Seg
add comment="CAP Casa Eloir/Neusa SSID Guest" configuration=RedeGuest-SSID datapath=GuestBridge disabled=no l2mtu=1600 mac-address=4E:5E:0C:F7:1A:C8 master-interface=RB2011-InternetWifi name=RB2011-Guest radio-mac=00:00:00:00:00:00 security=RedeGuest
/interface list
add name=Provedores
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
add name=Rede-Guests
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" group-key-update=1h supplicant-identity=MikroTik wpa-pre-shared-key=blabla wpa2-pre-shared-key=blabla
add authentication-types=wpa2-psk comment="Senha para rede Convidado" eap-methods="" group-key-update=1h mode=dynamic-keys name=Convidado supplicant-identity=RB2011 wpa-pre-shared-key=blablabla wpa2-pre-shared-key=blablabla
add authentication-types=wpa2-psk comment="Senha para rede InternetWifi" eap-methods="" group-key-update=1h mode=dynamic-keys name=Casa supplicant-identity=RB2011 wpa-pre-shared-key=12345678 wpa2-pre-shared-key=blablabla
add authentication-types=wpa2-psk eap-methods="" group-key-update=1h mode=dynamic-keys name=Guest supplicant-identity=RB2011 wpa-pre-shared-key=12345678 wpa2-pre-shared-key=blablabla
/ip pool
add name=dhcp ranges=192.168.1.101-192.168.1.180
add name=pool-vpn ranges=192.168.1.15-192.168.1.20
add name=pool-Convidado ranges=192.168.2.101-192.168.2.103
add name=pool-Guest ranges=192.168.3.101-192.168.3.180
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=bridge lease-time=12h name=defconf
add address-pool=pool-Convidado authoritative=after-2sec-delay disabled=no interface=bridge-Convidado lease-time=8h name=server-Convidado
add address-pool=pool-Guest authoritative=after-2sec-delay disabled=no interface=bridgeGuest lease-time=5h name=server-Guest
/ppp profile
set *FFFFFFFE dns-server=192.168.1.253 local-address=pool-vpn remote-address=pool-vpn
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man provisioning
add action=create-disabled comment="Radio RB2011-InternetWifi" common-name-regexp=CAP-4C5E0CF71ABC identity-regexp=RB2011 master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=4C:5E:0C:F7:1A:C7 slave-configurations=RedeConvidado-SSID,RedeGuest-SSID
add action=create-disabled comment="Radio RB2011-InternetWifi" common-name-regexp=CAP-4C5E0CF71ABC disabled=yes identity-regexp=RB2011 master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=4E:5E:0C:F7:1A:C7 slave-configurations=RedeConvidado-SSID
add action=create-disabled comment="Radio RB2011-InternetWifi" common-name-regexp=CAP-4C5E0CF71ABC disabled=yes identity-regexp=RB2011 master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=4E:5E:0C:F7:1A:C8 slave-configurations=RedeGuest-SSID
add action=create-disabled comment="Radio RB951G-InternetWifi" common-name-regexp=CAP-6C3B6B8D133B identity-regexp=RB951G master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=6C:3B:6B:8D:13:40 slave-configurations=RedeConvidado-SSID,RedeGuest-SSID,*4
add action=create-disabled comment="Radio RB951G-InternetWifi" common-name-regexp=CAP-6C3B6B8D133B disabled=yes identity-regexp=RB951G master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=6E:3B:6B:8D:13:40 slave-configurations=RedeConvidado-SSID
add action=create-disabled comment="Radio RB951G-InternetWifi" common-name-regexp=CAP-6C3B6B8D133B disabled=yes identity-regexp=RB951G master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=6E:3B:6B:8D:13:41 slave-configurations=RedeGuest-SSID
add action=create-disabled comment="Radio RB951G-InternetWifi" common-name-regexp=CAP-6C3B6B8D133B disabled=yes identity-regexp=RB951G master-configuration=RedeInternetWifi-SSID name-format=identity radio-mac=6E:3B:6B:8D:13:42 slave-configurations=*4
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=ether6-master
add bridge=bridge interface=RB951G-InternetWifi
add bridge=bridge-Convidado comment="Wifi SSID Convidado" interface=RB951G-Convidado
add bridge=bridge interface=RB2011-InternetWifi
add bridge=bridge-Convidado comment="Wifi SSID Convidado" interface=RB2011-Convidado
add bridge=bridge interface=ether1
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
add bridge=bridge interface=ether7
add bridge=bridge interface=ether8
add bridge=bridgeGuest interface=RB951G-Guest
add bridge=bridgeGuest interface=RB2011-Guest
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface l2tp-server server
set enabled=yes ipsec-secret=admin@8251 use-ipsec=yes
/interface list member
add interface=ether9_Unix list=Provedores
add interface=pppoe-out1 list=Provedores
add interface=ether1 list=discover
add interface=ether2-master list=discover
add interface=ether3 list=discover
add interface=ether4 list=discover
add interface=ether5 list=discover
add interface=ether6-master list=discover
add interface=ether7 list=discover
add interface=ether8 list=discover
add interface=bridge list=discover
add interface=RB951G-InternetWifi list=discover
add interface=RB951G-Convidado list=discover
add interface=bridge-Convidado list=discover
add interface=RB2011-Convidado list=discover
add interface=wlan1 list=discover
add interface=RB2011-InternetWifi list=discover
add interface=bridge list=mactel
add interface=bridge list=mac-winbox
add interface=bridge-Convidado list=Rede-Guests
add interface=bridgeGuest list=Rede-Guests
/interface pptp-server server
set enabled=yes
/interface wireless access-list
add disabled=yes mac-address=64:D1:54:C8:09:5B vlan-mode=no-tag
add disabled=yes forwarding=no mac-address=66:D1:54:C8:09:5C vlan-mode=no-tag
add ap-tx-limit=512000 client-tx-limit=512000 comment="Controla banda SSID Convidado" disabled=yes forwarding=no interface=wlan2 vlan-mode=no-tag
/interface wireless cap
#
set bridge=bridge caps-man-addresses=127.0.0.1 certificate=request enabled=yes interfaces=wlan1 static-virtual=yes
/interface wireless connect-list
add disabled=yes mac-address=64:D1:54:C8:09:5B security-profile=Casa ssid=InternetWifi
add disabled=yes mac-address=66:D1:54:C8:09:5C security-profile=Convidado ssid=Convidado
/interface wireless snooper
set receive-errors=yes
/ip address
add address=192.168.1.253/24 comment=defconf interface=bridge network=192.168.1.0
add address=186.219.63.206/28 comment="Rede radio Unix" interface=ether9_Unix network=186.219.63.192
add address=192.168.2.253/24 interface=bridge-Convidado network=192.168.2.0
add address=192.168.3.253/24 interface=bridgeGuest network=192.168.3.0
/ip cloud
set ddns-enabled=yes
/ip dhcp-client
add add-default-route=no comment="Receber IP do provedor Unix" dhcp-options=clientid,clientid interface=ether9_Unix use-peer-dns=no use-peer-ntp=no
add add-default-route=no comment="Receber IP provedor Welt" dhcp-options=clientid interface=ether10_Welt use-peer-dns=no use-peer-ntp=no
add add-default-route=no comment="Receber IP provedor Welt" dhcp-options=clientid,clientid interface=sfp1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf dns-server=192.168.1.253 gateway=192.168.1.253 netmask=24 ntp-server=192.168.1.253
add address=192.168.2.0/24 comment=defconf dns-server=192.168.2.253 gateway=192.168.2.253 netmask=24 ntp-server=192.168.2.253
add address=192.168.3.0/24 comment=defconf dns-server=192.168.3.253 gateway=192.168.3.253 netmask=24 ntp-server=192.168.3.253
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=1.1.1.1,156.154.70.1,216.146.35.35,4.2.2.2
/ip dns static
add address=186.219.63.206 disabled=yes name=router
add address=192.168.1.253 disabled=yes name=RB2011
/ip firewall filter
add action=drop chain=forward comment="Block Whatsapp address list" disabled=yes dst-address-list=Whatsapp
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related disabled=yes
add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related disabled=yes
add action=accept chain=input comment="defconf: accept ICMP" in-interface=ether9_Unix protocol=icmp
add action=accept chain=input in-interface=pppoe-out1 protocol=icmp
add action=accept chain=input comment="PPTP Server" dst-port=1723 protocol=tcp
add action=accept chain=input comment="PPTP Server" disabled=yes protocol=gre
add action=accept chain=input comment="Allow L2TP/IPSec" dst-port=1701,500,4500 protocol=udp
add action=accept chain=input comment="Allow IPSec" protocol=ipsec-esp
add action=drop chain=forward comment="Bloqueia rede Convidado para rede interna" dst-address=192.168.1.0/24 src-address=192.168.2.0/24
add action=drop chain=forward comment="Bloqueia rede Guest para rede interna" dst-address=192.168.1.0/24 src-address=192.168.3.0/24
add action=drop chain=input comment="DNS TCP from WAN" connection-state=new dst-port=53 in-interface-list=Provedores protocol=tcp
add action=drop chain=input comment="DNS UDP from WAN" connection-state=new dst-port=53 in-interface-list=Provedores protocol=udp
add action=drop chain=forward comment="Drop tries to reach not public addresses from LAN" dst-address-list=not_in_internet in-interface=bridge out-interface=bridge
add action=drop chain=forward comment="Drop tries to reach not public addresses from LAN" dst-address-list=not_in_internet in-interface=bridge-Convidado out-interface=bridge-Convidado
add action=drop chain=forward comment="Drop tries to reach not public addresses from LAN" dst-address-list=not_in_internet in-interface=bridgeGuest out-interface=bridgeGuest
add action=drop chain=forward comment="Drop packets from LAN that do not have LAN IP" in-interface=bridge src-address-list="!Rede Interna"
add action=drop chain=forward comment="Drop packets from LAN that do not have LAN IP" in-interface=bridge-Convidado src-address-list="!Rede Convidado"
add action=drop chain=forward comment="Drop packets from LAN that do not have LAN IP" in-interface=bridgeGuest src-address-list="!Rede Guest"
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="Bloqueie rede Convidado para testar velocidade internet" layer7-protocol=SpeedTests protocol=tcp src-address=192.168.2.0/24
add action=drop chain=forward comment="Bloqueie rede Guest para testar velocidade internet" layer7-protocol=SpeedTests protocol=tcp src-address=192.168.3.0/24
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface=ether9_Unix
add action=drop chain=forward connection-nat-state=!dstnat connection-state=new in-interface=pppoe-out1
add action=drop chain=input comment="Drop incoming from internet which is not public IP" in-interface-list=Provedores src-address-list=not_in_internet
add action=drop chain=input comment="Drop Invalid connections" connection-state=invalid
add action=drop chain=input comment="defconf: drop all from WAN" in-interface=ether9_Unix
add action=drop chain=input in-interface=pppoe-out1
/ip firewall mangle
add action=mark-routing chain=prerouting comment="PCC-2 links-Welt" connection-mark=no-mark dst-address-type=!local in-interface=bridge new-routing-mark=to_WAN1 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address=192.168.1.0/24
add action=mark-routing chain=prerouting comment="PCC-2 links-Unix" connection-mark=no-mark dst-address-type=!local in-interface=bridge new-routing-mark=to_WAN2 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address=192.168.1.0/24
add action=mark-connection chain=prerouting comment="PCC-2 links-Welt=SSID InternetWifi" connection-state=new disabled=yes dst-address-type=!local in-interface=bridge new-connection-mark=WAN_Welt passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0
add action=mark-connection chain=prerouting comment="PCC-2 links-Unix=SSID InternetWifi" connection-state=new disabled=yes dst-address-type=!local in-interface=bridge new-connection-mark=WAN_Unix passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1
add action=mark-routing chain=prerouting comment="PCC-2 links-Unix=SSID InternetWifi" connection-mark=no-mark disabled=yes dst-address-type=!local in-interface=bridge new-routing-mark=to_WAN2 passthrough=yes per-connection-classifier=both-addresses-and-ports:3/2 src-address=192.168.1.0/24
add action=mark-routing chain=prerouting comment="PCC-2 links-Unix-Guest" connection-mark=no-mark dst-address-type=!local in-interface=bridgeGuest new-routing-mark=to_WAN2 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/0 src-address=192.168.3.0/24
add action=mark-routing chain=prerouting comment="PCC-2 links-Welt-Guest" connection-mark=no-mark dst-address-type=!local in-interface=bridgeGuest new-routing-mark=to_WAN1 passthrough=yes per-connection-classifier=both-addresses-and-ports:2/1 src-address=192.168.3.0/24
/ip firewall nat
add action=masquerade chain=srcnat comment="NAT para internet usando provedor Welt" out-interface=pppoe-out1 src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="NAT para internet usando provedor Unix" out-interface=ether9_Unix src-address=192.168.1.0/24
add action=masquerade chain=srcnat comment="NAT para internet usando provedor Welt SSID Convidado" out-interface=pppoe-out1 src-address=192.168.2.0/24
add action=masquerade chain=srcnat comment="NAT para internet usando provedor Unix SSID Convidado" out-interface=ether9_Unix src-address=192.168.2.0/24
add action=masquerade chain=srcnat comment="NAT para internet usando provedor Unix SSID Guest" out-interface=ether9_Unix src-address=192.168.3.0/24
add action=masquerade chain=srcnat comment="NAT para internet usando provedor Welt SSID Guest" out-interface=pppoe-out1 src-address=192.168.3.0/24
add action=masquerade chain=srcnat comment="NAT para acessar rede interna via VPN" src-address=192.168.1.15-192.168.1.20
/ip route
add comment="PCC-2 links" distance=1 gateway=186.219.63.193 routing-mark=to_WAN2
add comment="DNS Secundario via Unix" distance=1 dst-address=156.154.70.1/32 gateway=186.219.63.193 routing-mark=to_WAN2
add comment="DNS Primario via Unix" distance=1 dst-address=216.146.35.35/32 gateway=186.219.63.193 routing-mark=to_WAN2
add comment="PCC-2 links" distance=1 gateway=pppoe-out1 routing-mark=to_WAN1
add comment="DNS Primario via Welt" distance=1 dst-address=1.1.1.1/32 gateway=pppoe-out1 routing-mark=to_WAN1
add comment="DNS Secundario via Welt" distance=1 dst-address=4.2.2.2/32 gateway=pppoe-out1 routing-mark=to_WAN1
add comment="Rota padrao para provedor Welt" distance=10 gateway=pppoe-out1
add comment="Rota padrao para provedor Unix" distance=11 gateway=186.219.63.193
/ip service
set telnet address=192.168.1.0/24
set ftp disabled=yes
set ssh disabled=yes
/ip traffic-flow
set interfaces=ether9_Unix,ether10_Welt
/lcd
set default-screen=informative-slideshow enabled=no
/system clock
set time-zone-autodetect=no time-zone-name=America/Sao_Paulo
/system identity
set name=RB2011
/system logging
add disabled=yes topics=firewall
add disabled=yes topics=caps
add disabled=yes topics=dns
add disabled=yes topics=debug
add disabled=yes topics=wireless
add topics=system
add disabled=yes topics=dhcp
/system ntp client
set enabled=yes primary-ntp=200.160.0.8 secondary-ntp=200.189.40.8
/system ntp server
set broadcast=yes enabled=yes
/system routerboard settings
set silent-boot=no
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox
RG951
# jun/19/2018 08:58:08 by RouterOS 6.42.3
# software id = X6YX-LMY0
#
# model = 951G-2HnD
# serial number =
/interface bridge
add admin-mac=6C:3B:6B:8D:13:3C auto-mac=no fast-forward=no name=bridge
/interface ethernet
set [ find default-name=ether2 ] comment="Cabo Rede ACN"
set [ find default-name=ether4 ] comment="Cabo Alarme Eloir/Lu"
set [ find default-name=ether5 ] comment="Cabo Rede Pai e Internet"
/interface list
add name=mactel
add name=mac-winbox
/interface wireless
# managed by CAPsMAN
# channel: 2412/20-Ce/gn(30dBm), SSID: InternetWifi, local forwarding
set [ find default-name=wlan1 ] band=2ghz-b/g/n disabled=no mode=ap-bridge security-profile=Casa ssid=InternetWifi wireless-protocol=802.11
# managed by CAPsMAN
# SSID: Guest, CAPsMAN forwarding
add mac-address=6E:3B:6B:8D:13:41 master-interface=wlan1 mode=station name=wlan2
/system logging action
set 0 memory-lines=100
/interface bridge port
add bridge=bridge interface=ether2
add bridge=bridge interface=wlan1
add bridge=bridge interface=ether1
add bridge=bridge interface=ether3
add bridge=bridge interface=ether4
add bridge=bridge interface=ether5
/interface list member
add interface=bridge list=mactel
add interface=bridge list=mac-winbox
/interface pptp-server server
set enabled=yes
/interface wireless cap
#
set bridge=bridge caps-man-addresses=192.168.1.253 certificate=request enabled=yes interfaces=wlan1 static-virtual=yes
/ip address
add address=192.168.1.252/24 comment="default configuration" interface=bridge network=192.168.1.0
/ip dhcp-client
add comment="default configuration" dhcp-options=hostname,clientid interface=ether1
add dhcp-options=hostname,clientid interface=bridge
/ip dns
set servers=192.168.1.253
/ip dns static
add address=192.168.1.252 name=router
/ip route
add comment="rota padrao" distance=1 gateway=192.168.1.253
/ip traffic-flow
set interfaces=ether1
/system clock
set time-zone-autodetect=no time-zone-name=America/Sao_Paulo
/system identity
set name=RB951G
/system leds
set 0 interface=wlan1
/system ntp client
set enabled=yes primary-ntp=200.160.0.8 secondary-ntp=200.189.40.8 server-dns-names=a.ntp.br,b.ntp.br
/system routerboard settings
set silent-boot=no
/tool mac-server
set allowed-interface-list=mactel
/tool mac-server mac-winbox
set allowed-interface-list=mac-winbox
Re: CapsMan multiples SSID multiples DHCP pool
All wireless interfaces created under command of CAPsMAN and configured to use local forwarding become member ports of the bridge specified under /interface wireless cap. So to separate them at L2, you have to use VLANs by setting datapath.vlan-id to a value of your choice and datapath.vlan-mode to use-tag. Then, you create /interface vlan with interface set to the same bridge, with the same vlan-id as configured on the wireless interfaces, and attach IP addresses and dhcp-servers to these /interface vlan.
Re: CapsMan multiples SSID multiples DHCP pool
Hi Sindy,
Thanks for your response. I understood. I wouldn't like to use VLAN in my network but if the way to meet my requirement I will.
Thanks again
Thanks for your response. I understood. I wouldn't like to use VLAN in my network but if the way to meet my requirement I will.
Thanks again