Community discussions

MikroTik App
 
IlyaT
just joined
Topic Author
Posts: 1
Joined: Thu Jul 05, 2018 12:07 pm

CAPsMAN 5ghz

Thu Jul 05, 2018 1:17 pm

Good day!
Please teach me how to set up the work of CAPsMAN on CAP AC in 5ghz range.If I don't specify anything in the "channels" then everything works fine, but at 2.4 Ghz..
As soon as I try to set the range explicitly, I get an error "no supported channel". Details on the screenshot above:
Image
Image
 
OKNET
Member
Member
Posts: 350
Joined: Mon Jun 22, 2015 9:22 am

Re: CAPsMAN 5ghz

Wed Jul 11, 2018 5:01 pm

You must set a frequency for that channel, and make sure the relative extension channels don't fall in a restricted portion of band denied by your country regulatory domain (if set) or out of band at all.
 
User avatar
rosman
newbie
Posts: 27
Joined: Wed Jun 27, 2018 12:30 am
Location: Southlake, Texas, USA - Dallas-Forth Worth Metro

Re: CAPsMAN 5ghz

Fri Jul 13, 2018 9:01 pm

So automatic channel selection can't work on 5 GHz?

If I don't specify a band at all, I get automatic channel selection on 2.4 and 5 GHz within the limits of the country setting, Unfortunately the same SSID appears on both bands. I haven't figured out how to do separate SSIDs on the two bands, yet.

one thing that might help others help is posting the output of

/caps-man> export hide-sensitive

from the console
 
User avatar
rosman
newbie
Posts: 27
Joined: Wed Jun 27, 2018 12:30 am
Location: Southlake, Texas, USA - Dallas-Forth Worth Metro

Re: CAPsMAN 5ghz

Fri Jul 13, 2018 11:23 pm

Just got this working. the appropriate spells and incantations are from this older post:

viewtopic.php?t=125026

We need to set up channel selections. In my case this is:
/caps-man channel
add band=2ghz-b/g/n name=2G
add band=5ghz-a/n/ac name=5G

and you need to set up configurations that select those channels:

/caps-man configuration
add channel=2G channel.band=2ghz-b country="united states3" datapath=BridgeDP \
name=RadioRanch security=RadioRanch ssid=RadioRanch
add channel=5G channel.band=5ghz-a/n/ac country="united states3" datapath=\
BridgeDP name=BakerStreet security=BakerStreet ssid=BakerStreet

then you need to set up provisioning so that hardware modes are selected:

/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=b,gn \
master-configuration=RadioRanch
add action=create-dynamic-enabled hw-supported-modes=a,an,ac \
master-configuration=BakerStreet

Note that this is incremental over what already is partially working. I'll post the complete set if you need it.
 
User avatar
emk2203
just joined
Posts: 11
Joined: Tue Feb 07, 2017 11:33 pm
Location: Germany

Re: CAPsMAN 5ghz

Tue Jul 17, 2018 11:58 am

@rosman: Please post the complete set. I am currently fighting with a similar situation, and a template would be helpful.
 
User avatar
rosman
newbie
Posts: 27
Joined: Wed Jun 27, 2018 12:30 am
Location: Southlake, Texas, USA - Dallas-Forth Worth Metro

Re: CAPsMAN 5ghz

Thu Jul 19, 2018 4:08 pm

Note that I have moved beyond the initial case. I now have multiple SSIDs per band. I'm working on moving many of them to VLANs to suit their individual special applications. Just as soon as I get load balancing and failover working. ;-) More notes at the end.

Here you go:

[admin@router] /caps-man> export hide-sensitive
# jul/19/2018 07:53:30 by RouterOS 6.42.5
# software id = 4261-N4HD
#
# model = 2011UiAS-2HnD
# serial number = 608C05CD83DF
/caps-man channel
add band=2ghz-g/n name=2g
add band=5ghz-n/ac name=5g
/caps-man interface
add disabled=no mac-address=00:00:00:00:00:00 master-interface=none name=\
cap-master radio-mac=00:00:00:00:00:00
/caps-man datapath
add bridge=bridge name=BridgeDP
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm,tkip name=RadioRanch
add authentication-types=wpa2-psk encryption=aes-ccm name=BakerStreet
add authentication-types=wpa-psk encryption=aes-ccm name=riot
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm,tkip name=\
Bunkhouse
/caps-man configuration
add channel=2g country="united states3" datapath=BridgeDP datapath.bridge=\
bridge name=RadioRanch security=RadioRanch ssid=RadioRanch
add channel=5g country="united states3" datapath=BridgeDP datapath.bridge=\
bridge name=BakerStreet security=BakerStreet ssid=BakerStreet
add channel=2g country="united states3" datapath=BridgeDP datapath.bridge=\
bridge name=riot2 security=riot ssid=riot2
add channel=5g country="united states3" datapath=BridgeDP datapath.bridge=\
bridge name=riot5 security=riot ssid=riot5
add country="united states3" datapath=BridgeDP datapath.bridge=bridge name=\
Bunkhouse security=Bunkhouse ssid=Bunkhouse
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=bridge
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=riot2 name-format=\
prefix-identity name-prefix=TAP radio-mac=4C:5E:0C:F9:BD:4D
add action=create-dynamic-enabled hw-supported-modes=a,ac,an \
master-configuration=BakerStreet name-format=prefix-identity name-prefix=\
CAP slave-configurations=riot5,Bunkhouse
add action=create-dynamic-enabled hw-supported-modes=g,gn \
master-configuration=RadioRanch name-format=prefix-identity name-prefix=\
CAP slave-configurations=riot2,Bunkhouse
[admin@router] /caps-man>

Other points;

country="united states3" is set to match my country locked APs

Provisioning entry order matters. Provisioning files are executed in order and the first match wins.

The first provisioning entry is present to lock a specific AP to provide only 'riot2'

'riot' is 'Radio IoT' to let me isolate my growing number of Internet of Things things from the main LAN. It will be VLANd straight to the WAN. Band specific SSIDs so I can keep as much at 5 GHz as possible to preserve 2.4 GHz capacity.

The redundant "datapath=BridgeDP datapath.bridge=bridge" entries in the configuration files only need to be "datapath=BridgeDP" These are an artifact of my hacking around to get it to work. I've not yet cleaned everything up.

You might also look at viewtopic.php?f=7&t=136663&p=674938#p674938 for related confusion that might be useful to you.

I hope this helps.
 
User avatar
emk2203
just joined
Posts: 11
Joined: Tue Feb 07, 2017 11:33 pm
Location: Germany

Re: CAPsMAN 5ghz

Sun Jul 22, 2018 11:41 pm

Thanks, that really helped a ton, together with what @diddie17 posted, I got lots of insight how to handle this.
/caps-man export hide-sensitive

# jul/22/2018 22:19:20 by RouterOS 6.42.6
# software id = RN48-R360
#
# model = RouterBOARD 750G r3
# serial number = 6F380646A5B8
/caps-man channel
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5180 name="5Ghz - Channel 36"
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5260 name="5Ghz - Channel 52"
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5500 name="5Ghz - Channel 100"
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5580 name="5Ghz - Channel 116"
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
    frequency=2412 name="2GHz - Channel 1"
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
    frequency=2432 name="2GHz - Channel 5"
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
    frequency=2452 name="2GHz - Channel 9"
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
    frequency=2472 name="2GHz - Channel 13"
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=Ceee \
    frequency=5660 name="5GHz - Channel 132"
/caps-man datapath
add client-to-client-forwarding=yes name="Datapath for CC"
/caps-man configuration
add channel.skip-dfs-channels=no comment=\
    "Simple configuration for 2 APs with CapsMan, Mikrotik defaults" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=EMKhome \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="2GHz - Channel 5" comment="2.4 GHz Channel 5 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=2GHz-C5 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="2GHz - Channel 1" comment="2.4 GHz Channel 1 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=2GHz-C1 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="2GHz - Channel 9" comment="2.4 GHz Channel 9 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=2GHz-C9 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="2GHz - Channel 13" comment="2.4 GHz Channel 13 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=2GHz-C13 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="5Ghz - Channel 116" comment="5 GHz Channel 116 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=5GHz-C116 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="5Ghz - Channel 100" comment="5 GHz Channel 100 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge \
    keepalive-frames=enabled name=5GHz-C100 security.authentication-types=\
    wpa-psk,wpa2-psk ssid=EMKnet
add channel="5Ghz - Channel 52" comment="2.4 GHz Channel 52 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=5GHz-C52 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="5Ghz - Channel 36" comment="5 GHz Channel 36 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=5GHz-C36 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
add channel="5GHz - Channel 132" comment="5 GHz channel 132 cfg" country=\
    germany datapath="Datapath for CC" datapath.bridge=bridge name=5GHz-C132 \
    security.authentication-types=wpa-psk,wpa2-psk ssid=EMKnet
/caps-man access-list
add action=accept allow-signal-out-of-range=10s signal-range=-70..120
add action=reject
/caps-man manager
set enabled=yes upgrade-policy=suggest-same-version
/caps-man provisioning
add action=create-dynamic-enabled comment="Standard config" disabled=yes \
    master-configuration=EMKhome
add action=create-dynamic-enabled comment="2GHz provisioning of ch 1,5,9,13" \
    hw-supported-modes=g master-configuration=2GHz-C1 slave-configurations=\
    2GHz-C5,2GHz-C9,2GHz-C13
add action=create-dynamic-enabled comment="5 GHz provisioning of ch 36,52,100,\
    116 (distance too close to TDWR for 116,132)" hw-supported-modes=a \
    master-configuration=5GHz-C36 slave-configurations=5GHz-C52,5GHz-C100
VLANS and the rest will follow after I have enough experience with this basic configuration.

Notes:
  • 2.4G bands dropping 802.11b and using recommended channels 1, 5, 9, 13 for g and n
  • 2.4G band at location crowded, no extension channel, 20 MHz width
  • 5G band uses extension channel pattern Ceee and then possible channels 36 (indoor) and 52, 100 for a, n and ac
  • 5G channels 116, 132 defined, but not used because distance to TDWR < 35 km
  • datapath has client-to-client configuration for Google Chromecast communication
  • one SSID for all
  • access lists to avoid mobile clients "hanging" on insufficient connections
  • provisioning rules target a-capable radios for 5G rules and g-capable radios for 2.4G rules
 
User avatar
rosman
newbie
Posts: 27
Joined: Wed Jun 27, 2018 12:30 am
Location: Southlake, Texas, USA - Dallas-Forth Worth Metro

Re: CAPsMAN 5ghz

Mon Jul 23, 2018 1:27 am

Glad I was able to offer something useful.

We'll have to keep in touch as we do battle with wireless VLANs.
 
Bivvy
newbie
Posts: 32
Joined: Sat Feb 04, 2017 1:36 am

Re: CAPsMAN 5ghz

Mon Dec 03, 2018 12:26 pm

Hi guys - your posts have been a great help getting to grips with CAPS.
One question though - why the use of the slave channels? Isn't it simpler to set define the allowed frequencies in /caps-man configuration
eg
/caps-man configuration
add channel=2g channel.frequency=2412,2437,2462 comment=\
    "2.4 GHz Channel 1,6 and 11" country="united kingdom" datapath=BridgeDP \
    datapath.bridge=bridge name=2GHz rx-chains=0,1 security=CAPS-Security ssid=\
    $SSID tx-chains=0,1
Here's my complete script - at the moment we're only fixing the 2GHz channels. Not found an issue on the 5GHz radio yet
# CAPsMAN Setup (v1)
#
# Script sets up CAPsMAN on main router ready to provision any (hardwired) slave devices.
# If local radios also to be controlled via CAPsMAN the firewall also needs to be updated with following line
#
# add action=accept chain=input comment="Local CAPS Access to CAPsMAN" dst-address-type=local src-address-type=local
#
# before the "Drop All" filter on the input chain.
# See bottom of this file
#

#
# Edit following lines for local config.
#

:local SSID "WiFi-2G"; 
:local SSID2 "WiFi-5G"; 
:local PSK "password";

#
# Set up CAPsMAN
#

#
# Set WiFi channels
# Reselect-interval - look for clearer channel at regular intervals 
# 2G Channels: 2412, 2437, 2462
#

/caps-man channel
add band=2ghz-b/g/n name=2g reselect-interval=1d
add band=5ghz-a/n/ac name=5g reselect-interval=1d


/caps-man interface
add disabled=no mac-address=00:00:00:00:00:00 master-interface=none name=cap-master radio-mac=00:00:00:00:00:00

/caps-man datapath
add bridge=bridge name=BridgeDP

/caps-man security
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm,tkip group-key-update=1h name=CAPS-Security passphrase=$PSK

/caps-man configuration
add channel=5g country="united kingdom" datapath=BridgeDP datapath.bridge=\
    bridge name=5GHz rx-chains=0,1 security=CAPS-Security ssid=$SSID2 \
    tx-chains=0,1
add channel=2g channel.frequency=2412,2437,2462 comment=\
    "2.4 GHz Channel 1,6 and 11" country="united kingdom" datapath=BridgeDP \
    datapath.bridge=bridge name=2GHz rx-chains=0,1 security=CAPS-Security ssid=\
    $SSID tx-chains=0,1
	

#
# Force weakly connected clients off the AP in an attempt to steer them onto a closer AP
#

/caps-man access-list
add action=accept interface=all signal-range=-80..120 allow-signal-out-of-range=10s
add action=reject interface=all signal-range=-120..-81

/caps-man manager
set enabled=yes

/caps-man manager interface
set [ find default=yes ] forbid=no
add disabled=no interface=bridge

/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=ac master-configuration=5GHz  
add action=create-dynamic-enabled comment="2GHz provisioning of ch 1,6,11" \
    hw-supported-modes=gn master-configuration=2GHz


#
# Put the local WiFi under CAPsMAN control
#

/interface wireless cap
set bridge=bridge discovery-interfaces=bridge enabled=yes interfaces=wlan1,wlan2

#
# Adjust firewall for CAPS on same device as CAPsMAN
# NOTE - this rule needs to be moved above the Drop All Input rule
#

/ip firewall filter
add action=accept chain=input comment="F4RN Local CAPS Access to CAPsMAN" dst-address-type=local src-address-type=local 


 
User avatar
rosman
newbie
Posts: 27
Joined: Wed Jun 27, 2018 12:30 am
Location: Southlake, Texas, USA - Dallas-Forth Worth Metro

Re: CAPsMAN 5ghz

Mon Dec 03, 2018 4:07 pm

One question though - why the use of the slave channels? Isn't it simpler to set define the allowed frequencies in /caps-man configuration
The short answer is: "I don't know"

The longer answer is that I used the web interface to configure and provision the wireless. When setting it up you get one master drop-down and as many slaves as you want.
 
greebo
just joined
Posts: 10
Joined: Wed Jul 24, 2013 4:01 pm

Re: CAPsMAN 5ghz

Mon Jun 14, 2021 2:10 pm

is there a way to have a provisioning:

"2GHz-onlyg band" and "channel 1,5,9,13" and/or "5GHz-onlya band" and "channels 134,120,100,52,48" ?
per "AP identity" ?
 
User avatar
robmaltsystems
Long time Member
Long time Member
Posts: 534
Joined: Fri Jun 21, 2019 12:04 pm

Re: CAPsMAN 5ghz

Fri Sep 24, 2021 9:34 pm

/caps-man channel
add band=2ghz-b/g/n name=2G
add band=5ghz-a/n/ac name=5G
Top-tip there - thx! The video I was watching created channels tied to specific channels. This is effectively "auto" mode for CAPS.

Who is online

Users browsing this forum: No registered users and 26 guests