My company wants to roll out round about 40-50 access points for differend customers.
At the moment we are testing with 4 access points a a level 5 virtual machine as CAPsMAN device.
The provisioning works fine, I can change all information from CAPsMAN an it will be applied on the AP.
I have two datapass configuration, both with local forward.
The first one should be used without any vlan tag, the other one with vlan ID 150.
There are two SSIDs on each access point, one for each datapass.
If I connect a Laptop or Mobilephone to one of these WiFi it doesn't get a IP-address. So that I guess that the datapass configuration is buggy.
My Configurations
The CAPsMAN address is provided by DHCP Option 138
Capsman:
Code: Select all
# mar/13/2017 15:45:21 by RouterOS 6.38.3
# software id = 0SPQ-IKXF
#
/caps-man channel
add band=2ghz-g/n frequency=2447 name=channel8 tx-power=20 width=20
add band=2ghz-g/n frequency=2417 name=channel2 tx-power=20 width=20
add band=2ghz-g/n frequency=2422 name=channel3 tx-power=20 width=20
add band=2ghz-g/n frequency=2427 name=channel4 tx-power=20 width=20
add band=2ghz-g/n frequency=2432 name=channel5 tx-power=20 width=20
add band=2ghz-g/n frequency=2437 name=channel6 tx-power=20 width=20
add band=2ghz-g/n frequency=2442 name=channel7 tx-power=20 width=20
add band=2ghz-g/n frequency=2452 name=channel9 tx-power=20 width=20
add band=2ghz-g/n frequency=2457 name=channel10 tx-power=20 width=20
add band=2ghz-g/n frequency=2462 name=channel11 tx-power=20 width=20
add band=2ghz-g/n frequency=2467 name=channel12 tx-power=20 width=20
/caps-man datapath
add local-forwarding=yes name=GuestPortal vlan-id=150 vlan-mode=use-tag
add local-forwarding=yes name="Name Customer"
/caps-man security
add authentication-types="" name="Guest Portal"
add authentication-types=wpa2-psk encryption=aes-ccm name="Admin Portal" \
passphrase=***PASS***
/caps-man configuration
add channel=channel8 country=germany datapath=GuestPortal \
datapath.client-to-client-forwarding=no datapath.local-forwarding=no \
name=GuestPortal security="Guest Portal" ssid="GuestPortal TESTING"
add channel=channel8 country=germany datapath.client-to-client-forwarding=yes \
datapath.local-forwarding=yes name="Name Customer" security="Admin Portal" \
ssid="Service TESTING"
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/tool user-manager customer
set admin access=\
own-routers,own-users,own-profiles,own-limits,config-payment-gw
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled master-configuration="Name Customer" \
radio-mac=6C:3B:6B:A0:**:** slave-configurations=GuestPortal
/ip address
add address=10.1.33.250/16 interface=ether1 network=10.1.0.0
/ip dns
set allow-remote-requests=yes servers=10.1.1.1,10.1.1.2,10.1.2.1,10.1.2.2
/ip route
add distance=1 gateway=10.1.0.1
/snmp
set contact=***NAME*** enabled=yes location=Servercluster \
trap-version=2
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=****SYSTEMNAME****
/system ntp client
set enabled=yes primary-ntp=10.1.1.1 secondary-ntp=10.1.2.2
/tool user-manager database
set db-path=user-manager
AP:
Code: Select all
# jan/07/1970 06:56:08 by RouterOS 6.38.3
# software id = 5F59-IT8Z
#
/interface bridge
add admin-mac=6C:3B:6B:A0:**:** auto-mac=no name=bridgeLocal
/interface wireless
# managed by CAPsMAN
# channel: 2447/20-Ce/gn(20dBm), SSID: Service TESTING, local forwarding
set [ find default-name=wlan1 ] disabled=no ssid=MikroTik
/interface vlan
add interface=ether1 name=vlan1 vlan-id=150
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface wireless cap
#
set bridge=bridgeLocal discovery-interfaces=ether1 enabled=yes interfaces=\
wlan1
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/system identity
set name=MikrotikTestAP01
I'am not able to understand where the configuration problem is.
If I connect to "Company Name" WiFi, I should get an IP from the same subnet as the AP. Didn't work.
If I plug the cable from the AP into my testlaptop, I get an IP-address.
If I connect to "Guest Portal" the same problem.
I have checked the settings on our HP Procurve switch multiple times.
Code: Select all
Status and Counters - VLAN Information - for ports 6
Port name: ***hide***
VLAN ID Name | Status Voice Jumbo Mode
------- -------------------- + ---------- ----- ----- --------
9 CompanyNet | Port-based No No Untagged
22 VoIP | Port-based Yes No Tagged
150 Guest-Portal | Port-based No No Tagged
I would be nice to test a installation with Mikrotik Devices larger then 10 APs.
Best Regards and a nice evening from Germany.
David