Goodafternoon,
My company is currently supporting a coworking space with several locations. Each location has roughly 30 separate units that host individual companies. We use a full MikroTik network stack assisted with the Kaplansoft TekRadius software to provide a wlan with dynamically assigned vlans.
Each location has a CCR1009, CRS326, CRS328 and wap ac’s to serve one SSID over capsman. The bridge that is included in the datapath has 30 vlans. Each vlan hosts a private IPv4 /24 and a public /64 IPv6. Wireless authentication is WPA2-EAP with passthrough to Tekradius.
The user authenticate agains Tekradius, which in its turn when accepted gives back a vlan ID to the MikroTik which then provides the respective leases. This all works as it should.
My issue at hand is that many devices cant authenticate against WPA2-(P)EAP, chromecast devices and primarily printers. I would like to include MAC authentication, however this appears only to be possible with the use of IP Hotspot. Do people here have experience with mixing Capsman and Hotspot together?
Thanks, Alex