Community discussions

Which of the described modes you prefer

Current configuration
7 (21%)
New proposed change
24 (73%)
Other
2 (6%)
 
Total votes: 33
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24206
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

cAP mode button changes poll

Mon May 15, 2017 11:33 am

If you are using the cAP button on our products, please express your opinion about a proposed change.

1) current configuration: the ether1 is management port with dhcp-client and all wireless interfaces are in cap mode and placed in one bridge together with other ethernet ports if exist.

2) proposed change: put the management ether1 port also into the same bridge with wireless and rest of the ethernet interfaces and place the dhcp-client on the bridge interface.
Would you like the change or you want to leave is as is?

3) Other config? Reply in comments
No answer to your question? How to write posts
 
User avatar
doneware
Trainer
Trainer
Posts: 520
Joined: Mon Oct 08, 2012 8:39 pm
Location: Hungary

Re: cAP mode button changes poll

Wed May 17, 2017 11:57 am

eth1: dhcp client, not part of any bridge
capsman discovery activated on eth1 (with info received from DHCP server), request-certificate: on
all other ethernet: disabled
basically CAPs don't need a bridge if local breakout is not used.
mac-server/mac-winbox: disabled on all interfaces, explicitly enabled on eth1
disable services: telnet, ftp, www

imo, CAPs should be secured as possible.
#TR0359
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1818
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: cAP mode button changes poll

Wed May 17, 2017 1:16 pm

The Current CAP config is only useful if you are using a tunnelled datapath, e.g. all SSID's are tunnelled back to the CAPSMAN.

The Proposed CAP config allows for both "Local Breakout" as well as "Tunelled" datapaths.

I see no downside to the Proposed change. It is neither less secure, nor is it less performant.
It will allow cAP, wAP and wAP AC products to be deployed en-masse in either "Tunnelled" or "Local Breakout" without needing to login to every unit and change the bridge config.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
User avatar
doneware
Trainer
Trainer
Posts: 520
Joined: Mon Oct 08, 2012 8:39 pm
Location: Hungary

Re: cAP mode button changes poll

Wed May 17, 2017 4:06 pm

The Proposed CAP config allows for both "Local Breakout" as well as "Tunelled" datapaths.
I see no downside to the Proposed change.
i admit, local breakout is faster when it comes down to forwarding performance.
but the "new" setting is very similar to "defconf" to me. if i instruct the CPE using DHCP server to go for a CAPSMAN, i have the same functionality.
#TR0359
 
djdrastic
Member
Member
Posts: 305
Joined: Wed Aug 01, 2012 2:14 pm

Re: cAP mode button changes poll

Wed May 17, 2017 6:43 pm

Hi I'm in full support of this proposed change.
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: cAP mode button changes poll

Thu May 18, 2017 1:24 am

My preferred config would be :

1. ether1 in BridgeLocal only (no WLAN - leave that for Capsman Datapath to sort)
2. Cap enable, Bridge=BridgeLocal, Discovery Interface=BridgeLocal
3. DHCP-Client on BridgeLocal

And my biggest wish - this be the Factory Default for all wAP and cAP products. Have E1 firewalled off by default is something that causes us so many calls from customers unfamilair with Mikrotik.
MTCNA, MTCWE, MTCRE, MTCTCE, MTCSE, MTCINE, Trainer
___________________
Mikrotik Distributor - New Zealand
http://www.campbell.co.nz
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1818
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: cAP mode button changes poll

Thu May 18, 2017 1:44 am

My preferred config would be :

1. ether1 in BridgeLocal only (no WLAN - leave that for Capsman Datapath to sort)
2. Cap enable, Bridge=BridgeLocal, Discovery Interface=BridgeLocal
3. DHCP-Client on BridgeLocal

And my biggest wish - this be the Factory Default for all wAP and cAP products. Have E1 firewalled off by default is something that causes us so many calls from customers unfamilair with Mikrotik.
Hi Stuart,

Points 1,2 and 3 are the Proposed config. The WLAN interfaces are only added by the datapath configuration on the CAPSMAN.

I also agree on your final point, this should be the defconf on all wAP and cAP products. These products are designed as "Controlled Access Points" not as "general purpose" routers, so out of the box from the factory they should start with the CAP config.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
scampbell
Trainer
Trainer
Posts: 457
Joined: Thu Jun 22, 2006 5:20 am
Location: Wellington, NZ
Contact:

Re: cAP mode button changes poll

Thu May 18, 2017 1:49 am

Sorry - I thought they were proposing including WLAN in the bridge ?

2) proposed change: put the management ether1 port also into the same bridge with wireless and rest of the ethernet interfaces and place the dhcp-client on the bridge interface.

Agree the rest of what I want is the same as the proposed change - just being thorough :-)

Oh and one other change, enable cap for ALL Wlan interfaces - I think by default they only enable wlan1 ?
MTCNA, MTCWE, MTCRE, MTCTCE, MTCSE, MTCINE, Trainer
___________________
Mikrotik Distributor - New Zealand
http://www.campbell.co.nz
 
User avatar
doneware
Trainer
Trainer
Posts: 520
Joined: Mon Oct 08, 2012 8:39 pm
Location: Hungary

Re: cAP mode button changes poll

Thu May 18, 2017 10:47 am

i am fine with the idea that the "AP-looking" devices shall have a different defconf as you guys already discussed:
- no fw/nat active
- single ethernet port is bridged together with wlan(s) acting as AP-bridge

maybe i'm the special snowflake with my concept that CAP's wired link shall not be carrying unencapsulated user-plane traffic, but to be there for CAP-CAPSMAN communication only... however for me this is the real CAP setup.
#TR0359
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24206
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: cAP mode button changes poll

Thu May 18, 2017 11:01 am

no, nz_monkey, "1)" is the current functionality of the cAP mode button. "2)" is the proposed one
No answer to your question? How to write posts
 
pe1chl
Forum Guru
Forum Guru
Posts: 5830
Joined: Mon Jun 08, 2015 12:09 pm

Re: cAP mode button changes poll

Thu May 18, 2017 11:30 am

I think it should switch to a configuration mode minimally required to get in contact with the cAPsMan and then retrieve
the desired configuration from that. Then each user can define the config they like.
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1818
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: cAP mode button changes poll

Thu May 18, 2017 11:49 am

no, nz_monkey, "1)" is the current functionality of the cAP mode button. "2)" is the proposed one
Hi Normis.

Sorry for the confusion I was responding to scampbell's post above mine in which he listed his points.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1818
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: cAP mode button changes poll

Thu May 18, 2017 11:53 am

I am lobbying for 2) Proposed change, and for the Proposed CAP config to become the default config for devices intended for use as "Controlled Access Points" e.g. cAP, wAP, wAP AC

This will vastly simplify mass deployment, making them "Plug and Play" out of the box.
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA
 
bonz
just joined
Posts: 8
Joined: Wed May 29, 2013 3:43 pm

Re: cAP mode button changes poll

Thu May 18, 2017 12:15 pm

Current:
+ mac server enabled on ether1 and neigbbour discovery on ether1.
cAP's wAP's
Last edited by bonz on Thu May 18, 2017 12:18 pm, edited 1 time in total.
 
User avatar
normis
MikroTik Support
MikroTik Support
Topic Author
Posts: 24206
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: cAP mode button changes poll

Thu May 18, 2017 12:17 pm

Well we don't have any "only CAP" products. They are first a regular AP and only become CAP when the button is used.
No answer to your question? How to write posts
 
reinp
Trainer
Trainer
Posts: 1
Joined: Thu Aug 04, 2016 1:56 pm
Location: Estonia, Tartu
Contact:

Re: cAP mode button changes poll

Fri May 19, 2017 2:49 pm

Current + if more than one wireless interfaces present (wap-ac) then both in cap mode.
 
User avatar
sguox
Trainer
Trainer
Posts: 73
Joined: Fri Mar 09, 2012 6:23 pm

Re: cAP mode button changes poll

Fri Jun 02, 2017 12:12 pm

maybe a way to customise the cap button config, same as how we can customise the default config of routeros
 
User avatar
nz_monkey
Forum Guru
Forum Guru
Posts: 1818
Joined: Mon Jan 14, 2008 1:53 pm
Location: Straya
Contact:

Re: cAP mode button changes poll

Fri Jun 02, 2017 12:36 pm

Current + if more than one wireless interfaces present (wap-ac) then both in cap mode.
I think Mikrotik may have already done this.

If not, can you please do this too :D
http://thebrotherswisp.com/ | Mikrotik MTCNA, MTCRE, MTCINE | Fortinet FTCNA, FCNSP, FCT | Extreme Networks ENA

Who is online

Users browsing this forum: No registered users and 5 guests