CAPSman and local wlan provisioning

MockTurtle · Mon Jun 18, 2018 2:37 am

Trying to set up CAPSman on a RB751G and a new CAP ac (RbcAPGi-5acD2nD).

CAPSman provisions the new CAP ac no problem, however, it cannot seem to provision the onboard wireless interface on the RB751G.

I've read a lot on this issue on the forum and been trying out different firewall filter settings, however none of the suggested fixes seem to work for me. The only way it will provision is to set forbid=no in caps manager for all interfaces.

onboard wlan CAPS info

[admin@MikroTik] /interface wireless cap> print
                            enabled: yes
                         interfaces: wlan1
                        certificate: none
                   lock-to-caps-man: no
               discovery-interfaces: bridge
                 caps-man-addresses: 127.0.0.1
                     caps-man-names: 
  caps-man-certificate-common-names: 
                             bridge: bridge
                     static-virtual: no
              requested-certificate: XXX-??????????

[admin@MikroTik] /ip firewall filter> print                                       
Flags: X - disabled, I - invalid, D - dynamic 
 0  D ;;; special dummy rule to show fasttrack counters
      chain=forward action=passthrough 

 1    ;;; CAPs to CAPsMAN
      chain=input action=accept protocol=udp src-address=127.0.0.1 
      port=5246,5247 log=no log-prefix="" 

 2    ;;; CAPs to CAPsMAN
      chain=output action=accept protocol=udp dst-address=127.0.0.1 
      port=5246,5247 log=no log-prefix="" 

 3    chain=input action=accept src-address-type=local dst-address-type=local

But I just keep getting "CAP connect to Mikrotik...failed: timeout" messages that is unless I set forbid=no to all interfaces. Is that the only solution?

CAPSman and local wlan provisioning

CAPSman and local wlan provisioning

Who is online