Sorry Sindy I couldn't get nothing useful from your message.
Couldn't it be related to the fact that there was little useful information in your OP?
My question was very simply, i will repeat again.
So when i'm using "wds ignore ssid" (wiki: If this property is set to yes, then SSID of the remote AP will not be checked.) It works excellent without security profile, as asson i as do the link is not going to be established. Does anyone notice that?
In fact the original
question was a different one -
why i can use "wds ignore ssid" with any kind of encryptions
.
So I've answered exactly that question - why can you (i.e. are allowed to) set something that doesn't work. In your configurations which you haven't posted there is probably some combination of settings which cannot work but it is impossible for the developers to anticipate every mutually incompatible combination of settings which a user may invent and warn about all such incompatible combinations or make it impossible to set them.
Now on a more constructive note: I've just tested the same what I
suppose you to do. So my settings at the AP end are:
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=wpa2-test supplicant-identity=MikroTik wpa2-pre-shared-key=\
secure-wds-key
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=2 band=2ghz-b/g/n country=redacted disabled=no distance=indoors \
frequency-mode=regulatory-domain mode=ap-bridge security-profile=wpa2-test ssid=somessid wds-default-bridge=br-test \
wds-ignore-ssid=yes* wds-mode=dynamic wireless-protocol=802.11
* -
no at this place works as well
At client side, there is
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=wpa2-test supplicant-identity=MikroTik wpa2-pre-shared-key=\
secure-wds-key
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=3 band=2ghz-b/g/n country=redacted default-authentication=no disabled=no \
distance=indoors frequency=auto frequency-mode=regulatory-domain mode=station-wds security-profile=wpa2-test ssid="" \
wds-default-bridge=br-wds wds-ignore-ssid=yes wds-mode=dynamic wireless-protocol=802.11
/interface wireless connect-list
add interface=wlan1 security-profile=wpa2-test wireless-protocol=802.11
With these settings, wds interfaces are auto-created at both ends and added as ports to the bridges as configured. As you can see, the
ssid field is empty in both the
/interface wireless setting and
/interface wireless connect-list item, and nevertheless the ping between IP addresses associated to these bridges passes through successfully as
/tool sniffer quick interface=wds21 shows:
wds20 0.02 1 <- CC:2D:E0:xx:xx:66 64:D1:54:xx:xx:5A 192.168.163.3 192.168.163.1 ip:icmp 70 0 no
wds20 0.02 2 -> 64:D1:54:xx:xx:5A CC:2D:E0:xx:xx:66 192.168.163.1 192.168.163.3 ip:icmp 70 0 no
wds20 1.024 3 <- CC:2D:E0:xx:xx:66 64:D1:54:xx:xx:5A 192.168.163.3 192.168.163.1 ip:icmp 70 0 no
wds20 1.024 4 -> 64:D1:54:xx:xx:5A CC:2D:E0:xx:xx:66 192.168.163.1 192.168.163.3 ip:icmp 70 0 no
So something must be set differently in your case which breaks your SSID-ignoring WDS connection when you use a security profile on it.