I've got the following in the house, all running long-term 6.46.8
Front Room - hAP AC2
Dining room - WAP AC
Upstairs - hAP ac lite
Then at the bottom of the garden I have another hAP ac lite
These are all wired together using a couple of RB2011 switches.
The hap AC2 is my router, is connected to my modem (UK 80/20 fibre ADSL) and is also my CAPsMAN manager.
The AC2 and WAP AC are about 8m away from each other.
Then the AC2 and ac lite upstairs about the same 8m distance too.
Then shed ac lite is 20m down the bottom of the garden on a powerline connection, so not too botherd about that one.
I have manually set the channels so that the APs don't clash.
I've set all this up, but I'm convinced it could be better.
--Devices don't seem to drop off and pass on to other APs well enough.
--Sometimes 2ghz seems to connect over 5ghz
I'm hoping that some of you experts might be able to spot any easy to fix problems?
Part of me thinks to just scrap the whole CAPsMAN setup and get some easy to use TP-Link with an app. I just want it to be painless and just work.
Any thoughts or tips would be very much appreciated.
Code: Select all
# dec/19/2020 16:02:26 by RouterOS 6.46.8
# software id = RVQ2-WUT2
#
# model = RBD52G-5HacD2HnD
# serial number = B4A00AF187FA
/caps-man channel
add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled \
name=NEW-CH2.4-auto reselect-interval=1h
add band=5ghz-n/ac control-channel-width=20mhz extension-channel=XXXX name=\
NEW-CH5-auto reselect-interval=1h
add band=2ghz-g/n control-channel-width=20mhz frequency=2412 name=ch2.4-ch1
add band=2ghz-g/n control-channel-width=20mhz frequency=2437 name=ch2.4-ch6
add band=2ghz-g/n control-channel-width=20mhz frequency=2462 name=ch2.4-ch11
add band=5ghz-n/ac frequency=5320 name=5ghz-ch64
add band=5ghz-n/ac frequency=5765 name=5ghz-ch153
add band=5ghz-n/ac frequency=5745 name=5ghz-ch149
/interface bridge
add name=bridge1
add name=empty-bridge
/interface ethernet
set [ find default-name=ether2 ] name="Nvidia"
set [ find default-name=ether1 ] name="Plusnet DSL"
set [ find default-name=ether3 ] name="Sky Box"
set [ find default-name=ether4 ] name="Upstairs Link"
set [ find default-name=ether5 ] name=empty
/interface pppoe-client
add add-default-route=yes disabled=no interface="Plusnet DSL" name=pppoe-out1 \
use-peer-dns=yes user=xxxxxx
/interface wireless
# managed by CAPsMAN
# channel: 5765/20-Ceee/ac/DP(17dBm), SSID: MikroTik-AP, CAPsMAN forwarding
set [ find default-name=wlan2 ] band=5ghz-n/ac channel-width=20/40/80mhz-XXXX \
country="united kingdom" mode=ap-bridge multicast-helper=full name=\
wlan-downstairs--local-5ghz ssid=BTHub6-WALL station-roaming=enabled \
wireless-protocol=802.11
# managed by CAPsMAN
# channel: 2437/20/gn(17dBm), SSID: MikroTik-AP, CAPsMAN forwarding
set [ find default-name=wlan1 ] band=2ghz-g/n channel-width=20/40mhz-XX \
country="united kingdom" frequency=auto mode=ap-bridge multicast-helper=\
full name=wlan-downstairs-local-2ghz ssid=BTHub6-WALL station-roaming=\
enabled wireless-protocol=802.11
/caps-man datapath
add bridge=bridge1 client-to-client-forwarding=yes local-forwarding=no name=\
datapath1
add bridge=bridge1 client-to-client-forwarding=yes local-forwarding=no name=\
datapath2
/caps-man rates
add basic=6Mbps name=rate1 supported=\
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps
/caps-man security
add authentication-types=wpa2-psk comment=\
"Main Security config for 2ghz and 5ghz" encryption=aes-ccm name=\
security1
/caps-man configuration
add channel=NEW-CH2.4-auto country="united kingdom" datapath=datapath1 \
datapath.bridge=bridge1 datapath.client-to-client-forwarding=yes name=\
NEW-2.4-Config rates=rate1 security=security1 ssid=MikroTik-AP
add channel=NEW-CH5-auto country="united kingdom" datapath=datapath1 \
datapath.bridge=bridge1 datapath.client-to-client-forwarding=yes name=\
NEW-5-Config security=security1 ssid=MikroTik-AP
/caps-man interface
add channel=ch2.4-ch11 configuration=NEW-2.4-Config disabled=no l2mtu=1600 \
mac-address=B8:69:F4:F8:3A:37 master-interface=none name=\
"2ghz-Dining Room-CH11" radio-mac=B8:69:F4:F8:3A:37 radio-name=\
B869F4F83A37
add channel=ch2.4-ch6 configuration=NEW-2.4-Config disabled=no l2mtu=1600 \
mac-address=74:4D:28:74:F3:97 master-interface=none name=\
2ghz-Front-Room-CH6 radio-mac=74:4D:28:74:F3:97 radio-name=744D2874F397
add channel=ch2.4-ch1 configuration=NEW-2.4-Config disabled=no l2mtu=1600 \
mac-address=CC:2D:E0:F1:D5:E9 master-interface=none name=2ghz-Landing-CH1 \
radio-mac=CC:2D:E0:F1:D5:E9 radio-name=CC2DE0F1D5E9
add channel=ch2.4-ch1 configuration=NEW-2.4-Config disabled=no l2mtu=1600 \
mac-address=CC:2D:E0:DE:DC:98 master-interface=none name=2ghz-Shed-CH1 \
radio-mac=CC:2D:E0:DE:DC:98 radio-name=CC2DE0DEDC98
add channel=5ghz-ch64 configuration=NEW-5-Config disabled=no l2mtu=1600 \
mac-address=B8:69:F4:F8:3A:36 master-interface=none name=\
"5ghz-Dining Room wAP-CH64" radio-mac=B8:69:F4:F8:3A:36 radio-name=\
B869F4F83A36
add channel=5ghz-ch153 configuration=NEW-5-Config disabled=no l2mtu=1600 \
mac-address=74:4D:28:74:F3:98 master-interface=none name=\
5ghz-Front-Room-CH153 radio-mac=74:4D:28:74:F3:98 radio-name=744D2874F398
add channel=5ghz-ch149 configuration=NEW-5-Config disabled=no l2mtu=1600 \
mac-address=CC:2D:E0:F1:D5:E8 master-interface=none name=\
5ghz-Landing-CH149 radio-mac=CC:2D:E0:F1:D5:E8 radio-name=CC2DE0F1D5E8
add channel=5ghz-ch149 configuration=NEW-5-Config disabled=no l2mtu=1600 \
mac-address=CC:2D:E0:DE:DC:97 master-interface=none name=5ghz-Shed-CH149 \
radio-mac=CC:2D:E0:DE:DC:97 radio-name=CC2DE0DEDC97
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" \
mode=dynamic-keys supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=192.168.1.110-192.168.1.249
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge1 lease-time=1d name=dhcp1
/snmp community
set [ find default=yes ] read-access=no
add addresses=192.168.1.133/32 name=my_servers
/user group
set full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winbox,pas\
sword,web,sniff,sensitive,api,romon,dude,tikapp"
/caps-man access-list
add action=accept allow-signal-out-of-range=10s disabled=no mac-address=\
84:25:19:31:34:6F signal-range=-120..120 ssid-regexp=""
add action=accept allow-signal-out-of-range=always comment=\
"If your signal is between -88dB and +120dB, you are allowed to connect." \
disabled=no signal-range=-88..120 ssid-regexp=""
add action=reject allow-signal-out-of-range=always comment="If your signal dro\
ps below -89dB, you\92re kicked from this AP, go find another AP to connec\
t to that has a stronger signal." disabled=no signal-range=-120..-89 \
ssid-regexp=""
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes upgrade-policy=\
suggest-same-version
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=g,gn \
master-configuration=NEW-2.4-Config name-format=prefix-identity \
name-prefix=2GHz
add action=create-dynamic-enabled hw-supported-modes=an,ac \
master-configuration=NEW-5-Config name-format=prefix-identity \
name-prefix=5GHz
/interface bridge port
add bridge=bridge1 interface="Nvidia"
add bridge=bridge1 interface="Sky Box"
add bridge=bridge1 interface="Upstairs Link"
add bridge=bridge1 interface=empty
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface detect-internet
set detect-interface-list=LAN
/interface list member
add interface=pppoe-out1 list=WAN
add interface=bridge1 list=LAN
/interface wireless cap
#
set bridge=bridge1 caps-man-addresses=127.0.0.1 discovery-interfaces=bridge1 \
enabled=yes interfaces=\
wlan-downstairs-local-2ghz,wlan-downstairs--local-5ghz
/ip address
add address=192.168.1.254/24 interface=bridge1 network=192.168.1.0
/ip dhcp-client
add interface="Plusnet DSL"
/ip dhcp-server lease
add address=192.168.1.111 client-id=\
ff:9e:37:69:8c:0:2:0:0:ab:11:bf:3c:6b:39:b3:ec:13:a8 mac-address=\
5E:76:62:9C:3D:CA server=dhcp1
add address=192.168.1.199 mac-address=C2:DD:ED:84:3B:C4
add address=192.168.1.117 client-id=1:0:cd:fe:b2:49:4b mac-address=\
00:CD:FE:B2:49:4B server=dhcp1
add address=192.168.1.128 client-id=\
ff:ca:53:9:5a:0:2:0:0:ab:11:d8:1e:f7:81:bf:19:df:91 mac-address=\
36:78:72:7D:8F:63 server=dhcp1
add address=192.168.1.112 comment="Lux Inverter" mac-address=\
B0:F8:93:2F:5A:4B server=dhcp1
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.199,192.168.1.254 gateway=\
192.168.1.254 netmask=24
/ip dns
set allow-remote-requests=yes servers=192.168.1.199,192.168.1.254
/ip dns static
add address=192.168.1.250 name="Landing AP.lan"
add address=192.168.1.250 name=LandingAP.lan
add address=192.168.1.254 name=DownstairsAP.lan
add address=192.168.1.251 name=ShedAP.lan
plus more
/ip firewall address-list
add address=0.0.0.0/8 comment="Self-Identification [RFC 3330]" list=Bogons
add address=10.0.0.0/8 comment="Private[RFC 1918] - CLASS A # Check if you nee\
d this subnet before enable it" list=Bogons
add address=127.0.0.0/8 comment="Loopback [RFC 3330]" list=Bogons
add address=169.254.0.0/16 comment="Link Local [RFC 3330]" list=Bogons
add address=172.16.0.0/12 comment="Private[RFC 1918] - CLASS B # Check if you \
need this subnet before enable it" list=Bogons
add address=192.0.2.0/24 comment="Reserved - IANA - TestNet1" list=Bogons
add address=192.88.99.0/24 comment="6to4 Relay Anycast [RFC 3068]" list=\
Bogons
add address=198.18.0.0/15 comment="NIDB Testing" list=Bogons
add address=198.51.100.0/24 comment="Reserved - IANA - TestNet2" list=Bogons
add address=203.0.113.0/24 comment="Reserved - IANA - TestNet3" list=Bogons
add address=224.0.0.0/4 comment=\
"MC, Class D, IANA # Check if you need this subnet before enable it" \
list=Bogons
add address=8.8.8.8 list=Google_DNS
add address=8.8.4.4 list=Google_DNS
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=192.168.1.0/24
set ssh disabled=yes
set api disabled=yes
set winbox address=192.168.1.0/24
set api-ssl disabled=yes
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/ip upnp
set enabled=yes
/snmp
set enabled=yes
/system clock
set time-zone-name=Europe/London
/system identity
set name="Front Room AP"
/system leds settings
set all-leds-off=immediate
/system package update
set channel=long-term
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
