Community discussions

MikroTik App
 
maretodoric
newbie
Topic Author
Posts: 31
Joined: Thu Aug 01, 2019 10:35 am

4-way handshake problem on CAPsMAN

Fri Feb 04, 2022 10:55 am

Hello everyone,

I've been having this annoying problem with CAPsMAN, though honestly on one device only (Raspberry Pi 4 on LibreELEC) but only when CAPsMAN is used. When i disable it and use regular interface RPi joins just fine.
I've tried many things
- basic configuration (will not connect at all)
- Disabling VHT Basic rates (will connect but 4way handshake timeout problem)
- Tried different rates
- Using wpa-psk with wpa2-psk (been using wpa2-psk only)
- Tried to make another device capsman
- Turning local forwarding and client forwarding on and off
- Different frequencies
- Different channels

I just don't know what I'm missing. Below is current setup, any advice would be highly appreciated!
[admin@Hodnik-Gore] > caps-man export hide-sensitive
# feb/04/2022 09:50:27 by RouterOS 6.49.2
# software id = YUS8-7IKM
#
# model = RBcAPGi-5acD2nD
# serial number = F9AD0F3EFA80
/caps-man rates
add basic=12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps name="24-rates no slowrates"
/caps-man access-list
add action=reject allow-signal-out-of-range=10s comment="Moj telefon" disabled=no mac-address=1C:CC:D6:4D:8B:E0 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Ljubicin Telefon" disabled=no mac-address=4C:F2:02:85:86:AA ssid-regexp=""
add allow-signal-out-of-range=10s comment="Pumpa za bazen" disabled=no mac-address=60:01:94:E5:92:C6 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Lenovo laptop" disabled=no mac-address=A4:C3:F0:CE:57:DE ssid-regexp=""
add allow-signal-out-of-range=10s comment=Stampac disabled=no mac-address=B4:B6:86:6E:8F:68 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Svetlo garaza" disabled=no mac-address=C4:DD:57:06:AC:66 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff - Spavaca Soba Svetlo" disabled=no mac-address=2C:F4:32:C3:0B:4E ssid-regexp=""
add allow-signal-out-of-range=10s comment="Kamera Gornja Terasa" disabled=no mac-address=30:FF:F6:3A:E7:AD ssid-regexp=""
add allow-signal-out-of-range=10s comment="Kamera Terasa" disabled=no mac-address=30:FF:F6:3A:E7:D3 ssid-regexp=""
add allow-signal-out-of-range=10s comment="NodeMCU DHT" disabled=no mac-address=50:02:91:C8:C8:86 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff Garaza Svetlo Pec" disabled=no mac-address=60:01:94:C8:C2:06 ssid-regexp=""
add allow-signal-out-of-range=10s comment="NodeMCU IR Transciever" disabled=no mac-address=68:C6:3A:F8:D8:FA ssid-regexp=""
add allow-signal-out-of-range=10s comment="Dnevna Soba TV" disabled=no mac-address=80:9F:9B:ED:1F:E1 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Dnevna Soba Tablet" disabled=no mac-address=AE:B5:DA:30:A1:36 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff Garaza Svetlo" disabled=no mac-address=D8:F1:5B:B3:B0:E4 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff Spavaca Soba TV" disabled=no mac-address=D8:F1:5B:C6:E8:76 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff Garaza Pec Na Pelet" disabled=no mac-address=D8:F1:5B:C8:01:A7 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff Garaza Garazna Vrata" disabled=no mac-address=DC:4F:22:9E:55:11 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff - Prekidac za ruter" disabled=no mac-address=CC:50:E3:68:7F:F2 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff Zigbee Bridge" disabled=no mac-address=84:CC:A8:AA:2A:E7 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Sonoff - Uticnica 2" disabled=no mac-address=9C:9C:1F:89:82:D2 ssid-regexp=""
add allow-signal-out-of-range=10s comment="Roborock S5 Max" disabled=no mac-address=B0:4A:39:0A:D6:18 ssid-regexp=""
add allow-signal-out-of-range=10s comment=Joksa disabled=no mac-address=BA:E6:72:65:10:6A ssid-regexp=""
/caps-man configuration
add channel.band=2ghz-b/g/n channel.control-channel-width=20mhz channel.extension-channel=XX country=serbia datapath.bridge=bridge datapath.client-to-client-forwarding=yes datapath.local-forwarding=yes guard-interval=any hide-ssid=no installation=indoor mode=ap multicast-helper=default name="CAPs Conf" \
    rates.basic=12Mbps rates.supported=12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps rx-chains=0,1 security.authentication-types=wpa2-psk security.encryption=aes-ccm security.group-encryption=aes-ccm ssid="Don't look at me" tx-chains=0,1
add channel.band=5ghz-onlyac channel.control-channel-width=20mhz channel.extension-channel=eCee country=serbia datapath.bridge=bridge datapath.client-to-client-forwarding=yes datapath.local-forwarding=yes hide-ssid=no installation=indoor mode=ap name="CAPs Conf 5GHz" rx-chains=0,1 security.authentication-types=\
    wpa2-psk security.encryption=aes-ccm security.group-encryption=aes-ccm ssid="Don't look at me" tx-chains=0,1
add channel.band=5ghz-onlyac channel.control-channel-width=20mhz channel.extension-channel=XX channel.frequency=5200,5220,5240,5745,5765,5785,5805,5825 channel.reselect-interval=1h channel.skip-dfs-channels=no country=serbia datapath.bridge=bridge datapath.client-to-client-forwarding=yes \
    datapath.local-forwarding=yes datapath.vlan-id=1 datapath.vlan-mode=no-tag guard-interval=any hide-ssid=no installation=indoor mode=ap name="CAPs Conf 5GHz TEST" rates.vht-basic-mcs=none rates.vht-supported-mcs=mcs0-9,mcs0-9,mcs0-9 security.authentication-types=wpa2-psk security.encryption=aes-ccm \
    security.group-encryption=aes-ccm ssid="Don't look at me"
/caps-man interface
add configuration="CAPs Conf" disabled=no mac-address=DC:2C:6E:8F:55:23 master-interface=none name=2.4-Hodnik-Gore-1 radio-mac=DC:2C:6E:8F:55:23 radio-name=DC2C6E8F5523
add configuration="CAPs Conf" disabled=no mac-address=74:4D:28:6D:4E:1D master-interface=none name=2.4-hAPac2-1 radio-mac=74:4D:28:6D:4E:1D radio-name=744D286D4E1D
add configuration="CAPs Conf 5GHz TEST" disabled=no l2mtu=1600 mac-address=DC:2C:6E:8F:55:24 master-interface=none name=5.0-Hodnik-Gore-1 radio-mac=DC:2C:6E:8F:55:24 radio-name=DC2C6E8F5524
add configuration="CAPs Conf 5GHz" disabled=no mac-address=74:4D:28:6D:4E:1E master-interface=none name=5.0-hAPac2-1 radio-mac=74:4D:28:6D:4E:1E radio-name=744D286D4E1E
/caps-man manager
set enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=bridge
/caps-man provisioning
add action=create-enabled comment=5.0GHz hw-supported-modes=ac master-configuration="CAPs Conf 5GHz TEST" name-format=prefix-identity name-prefix=5.0 radio-mac=DC:2C:6E:8F:55:24
add action=create-enabled comment=2.4GHz hw-supported-modes=b,gn master-configuration="CAPs Conf" name-format=prefix-identity name-prefix=2.4 radio-mac=DC:2C:6E:8F:55:23
add action=create-enabled comment="5.0GHz - hAP ac2" hw-supported-modes=ac master-configuration="CAPs Conf 5GHz" name-format=prefix-identity name-prefix=5.0 radio-mac=74:4D:28:6D:4E:1E
add action=create-enabled comment="2.4GHz - hAP ac2" hw-supported-modes=b,gn master-configuration="CAPs Conf" name-format=prefix-identity name-prefix=2.4 radio-mac=74:4D:28:6D:4E:1D
add action=create-dynamic-enabled comment=2.4GHz hw-supported-modes=b,gn master-configuration="CAPs Conf" name-format=prefix-identity name-prefix=2.4
add action=create-dynamic-enabled comment=5.0GHz hw-supported-modes=ac master-configuration="CAPs Conf 5GHz" name-format=prefix-identity name-prefix=5.0
 
dave864
Frequent Visitor
Frequent Visitor
Posts: 75
Joined: Fri Mar 11, 2016 2:37 pm

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 11:26 am

don't use capsman.
Distance set to indoor and not left as default which is dynamic. I think this option is only available on stand-alone.
Can't really suggest anything else.
 
maretodoric
newbie
Topic Author
Posts: 31
Joined: Thu Aug 01, 2019 10:35 am

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 11:38 am

There is an option "distance" under configuration , Wireless tab and can be set to indoor. And it's also one of the options I've tried but still mot working.
And yes, for the time being I'm using standalone instead of capsman but i plan on expanding from 2 to 3 caps or more so might be a bit difficult to keep track of everything. Shame though. Capsman is supposed to simplify things, not make my life more hell
 
gotsprings
Forum Guru
Forum Guru
Posts: 2102
Joined: Mon May 14, 2012 9:30 pm

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 2:08 pm

Caps-man is awesome in concept and I can do things with it that were pretty impressive.

What I couldn't do, was overcome the failings of the radios it controls.
 
Zacharias
Forum Guru
Forum Guru
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 2:16 pm

What I couldn't do, was overcome the failings of the radios it controls.
What kind of failings are you referring to ?
 
gotsprings
Forum Guru
Forum Guru
Posts: 2102
Joined: Mon May 14, 2012 9:30 pm

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 5:47 pm

What I couldn't do, was overcome the failings of the radios it controls.
What kind of failings are you referring to ?
Wifi ACv1
Problems with the driver locking up the radio in noisy environments.
Problems with some manufactures chip sets.
Showing devices as connected but not actually passing traffic.
Far worse throughput in the same spot as multiple other vendors.
Etc
Etc
Etc
 
maretodoric
newbie
Topic Author
Posts: 31
Joined: Thu Aug 01, 2019 10:35 am

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 5:53 pm

Wow. I must say i haven't had these problems at all. In fact it works much better than other vendors I've tried. Though i haven't tried any premium ones
Technicolor, TP Link, Netgear, Mi Router...
MT is much better than any of them... Unless capsman is used. Then it becomes useless for some devices.
 
gotsprings
Forum Guru
Forum Guru
Posts: 2102
Joined: Mon May 14, 2012 9:30 pm

Re: 4-way handshake problem on CAPsMAN

Sat Feb 05, 2022 6:48 pm

Wow. I must say i haven't had these problems at all. In fact it works much better than other vendors I've tried. Though i haven't tried any premium ones
Technicolor, TP Link, Netgear, Mi Router...
MT is much better than any of them... Unless capsman is used. Then it becomes useless for some devices.
I work in and on extremely dense and noisy wireless environments.

Mikrotik has confirmed that "they got nothing for me" when it comes to those environments.

They have tried to help with the other issues like compatibility in my lower density installs. But it's just not worth the aggravation of my clients.

In low density installs the throughput is just so much lower than our other vendors.

Having to replace a couple hundred APs out of your own pocket, is a lesson not soon forgotten.

Who is online

Users browsing this forum: lmeira, rjuho, synchro and 18 guests