Community discussions

MikroTik App
 
gigabyte091
Forum Guru
Forum Guru
Topic Author
Posts: 1154
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Problem with IoT device on hAP ax2

Mon Jan 30, 2023 7:58 pm

Hello,

I upgraded my home network to 2 hAP ax2 routers, one acting as a router, one acting as a AP.

I have multiple SSID's on multiple VLAN's and everythig is working fine until 2 days ago when i noticed that my thermostat for central heating is reporting that heating gateway is unreachable and when i tried to connect heating gateway back to network it was spitting out various errors such as DNS error or just an unknown error.

I also have my air conditioner, smart plugs, washing machine connected to the same WLAN and these devices have no problems at all... I tried to connect with my laptop to the WLAN and i have internet access, there is no DNS problem...

I tried to connect heating gateway to the LTE router from mikrotik and there device is working... I also tried to make new WLAN on main router, and i choose 2 GHz N and then G thinking that maybe device don't like ax but no luck... I can even see that router assign IP address to the device but device refuse to complete wizard and throw an error.

Here is AP config, maybe there is something wrong... Only diference is that ax2 is wifi wave2 and it's using default VLAN 1
# jan/10/1970 03:09:39 by RouterOS 7.7
# software id = xxxx-xxxx
#
# model = C52iG-5HaxD2HaxD
# serial number =xxxxxxxxxxxx
/interface bridge
add name=bridge vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] comment="Trunk port (Uplink)"
set [ find default-name=ether2 ] comment="IPTV (VLAN40)"
set [ find default-name=ether3 ] comment="SECURITY_1 (VLAN20)"
set [ find default-name=ether4 ] comment="SECURITY_2 (VLAN20)"
set [ find default-name=ether5 ] comment="HOME (VLAN88)"
/interface vlan
add interface=bridge name=VLAN10_TEA_PC vlan-id=10
add interface=bridge name=VLAN20_SECURITY vlan-id=20
add interface=bridge name=VLAN30_IOT vlan-id=30
add interface=bridge name=VLAN40_IPTV vlan-id=40
add interface=bridge name=VLAN88_HOME vlan-id=88
/interface list
add include=all name=LAN
add name=Home
/interface wifiwave2 security
add authentication-types=wpa2-psk,wpa3-psk name=Home
add authentication-types=wpa-psk,wpa2-psk name=Security
add authentication-types=wpa-psk,wpa2-psk encryption="" name=IoT
/interface wifiwave2
set [ find default-name=wifi1 ] channel.band=5ghz-ax .frequency="" .width=\
    20/40/80mhz comment=VLAN88_HOME configuration.country=Croatia .mode=ap \
    .ssid="Gazdin novi WiFi" disabled=no mtu=1500 security=Home
set [ find default-name=wifi2 ] channel.band=2ghz-ax .frequency=2412 .width=\
    20/40mhz comment=VLAN88_HOME configuration.country=Croatia .mode=ap \
    .ssid="Gazdin novi WiFi" disabled=no security=Home
add comment=VLAN30_IoT configuration.country=Croatia .mode=ap .ssid=IoT \
    disabled=no mac-address=XX:XX:XX:XX:XX:XX master-interface=wifi2 name=\
    wifi3 security=IoT
add comment=VLAN20_Security configuration.country=Croatia .mode=ap .ssid=\
    WiFi_CCTV disabled=no mac-address=XX:XX:XX:XX:XX:XX master-interface=\
    wifi2 name=wifi4 security=Security
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether1
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=ether2 pvid=40
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=ether3 pvid=20
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=ether4 pvid=20
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=*6 pvid=88
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=*7 pvid=88
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=ether5 pvid=88
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=wifi1 pvid=88
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=wifi2 pvid=88
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=wifi3 pvid=30
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged \
    interface=wifi4 pvid=20
/ip neighbor discovery-settings
set discover-interface-list=Home
/ipv6 settings
set disable-ipv6=yes
/interface bridge vlan
add bridge=bridge tagged=ether1,bridge vlan-ids=10
add bridge=bridge tagged=ether1,bridge untagged=ether3,ether4,wifi4 vlan-ids=\
    20
add bridge=bridge tagged=ether1,bridge untagged=wifi3 vlan-ids=30
add bridge=bridge tagged=ether1,bridge untagged=ether2 vlan-ids=40
add bridge=bridge tagged=bridge,ether1 untagged=ether5,wifi1,wifi2 vlan-ids=\
    88
/interface list member
add interface=bridge list=LAN
add interface=VLAN10_TEA_PC list=LAN
add interface=VLAN20_SECURITY list=LAN
add interface=VLAN30_IOT list=LAN
add interface=VLAN40_IPTV list=LAN
add interface=VLAN88_HOME list=LAN
add interface=VLAN88_HOME list=Home
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system identity
set name=hAP_ax2_DB
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=Home
 
gigabyte091
Forum Guru
Forum Guru
Topic Author
Posts: 1154
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Problem with IoT device on hAP ax2

Wed Feb 01, 2023 9:04 am

Update: I tried to use cAP ac, but no luck, still device won't connect... Other devices are working just fine but this thermostat is reporting DNS error. I tried to enter DNS servers from working router but nothing...

So i tired to dig a little deeper, first i connected thermostat to the working router, checked dns cache to see what came up when i tried to connect thermostat and i saw 2 entries:

First entry:

Name: nv2-vag.netatmo.net
Type: CNAME
Data: nv2.trafficmanager.net.
TTL: 00:50:26

Second entry:

Name: nv2.trafficmanager.net
Type: A
Data: 51.105.243.149
TTL: 00:09:28

Then on non-working router i have this:

First entry:

Name: nv2-vag.netatmo.net
Type: CNAME
Data: nv2.trafficmanager.net.
TTL: 00:27:30

Second entry:

Name: nv2.trafficmanager.net
Type: A
Data: 51.105.243.149
TTL: 00:06:48

As you can see, everything is the same but it won't work for some reason...
 
erlinden
Forum Guru
Forum Guru
Posts: 1900
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Problem with IoT device on hAP ax2

Wed Feb 01, 2023 9:51 am

Two things in regards to Wifi:

- don't use WPA-PSK
- don't use extension channels on the 2.4GHz radio

Not sure if it is related to your problem or if it is a problem by itself
 
gigabyte091
Forum Guru
Forum Guru
Topic Author
Posts: 1154
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Problem with IoT device on hAP ax2

Wed Feb 01, 2023 4:14 pm

I left WPA in case if i ever need to connect something older (WPA is only on IoT and security)

I set channel width to 20 MHz for 2.4 GHz radio and 20/40 for 5 GHz radio. Frequencies are set so channels don't overlap.

Now i tried to connect older laptop, mobile phone and few devices that are configured by mobile app, just to see if problem will show up on any of them and they work just fine...
 
gotsprings
Forum Guru
Forum Guru
Posts: 2087
Joined: Mon May 14, 2012 9:30 pm

Re: Problem with IoT device on hAP ax2

Fri Feb 03, 2023 11:12 pm

You will find there are 2.4 radio chips that "just don't like Mikrotik." If you run into one...

You can try NO encryption. But if that doesn't work... its over... move on.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Problem with IoT device on hAP ax2

Sat Feb 04, 2023 4:09 am

A weird one I ran into was a device that used a mix of uppercase and lowercase letters for its identification,
the capac corrected the values to all lower case so the device didnt recognize the return traffic for itself.
The trick was to bypass the capac dns services (or router dns services) and use in dhcp server network settings, 1.1.1.1 or whatever DNS provider you trust.
Not sure but thought that was eventually fixed on mt wifi???

The reason it works as DNS providers just copy what they get for domain names etc and spit it back ( and dont try and change a name to conform to the standard )
 
gigabyte091
Forum Guru
Forum Guru
Topic Author
Posts: 1154
Joined: Fri Dec 31, 2021 11:44 am
Location: Croatia

Re: Problem with IoT device on hAP ax2

Sat Feb 04, 2023 4:35 pm

I ended up removing ax2 because I had problem with wired link... no 1Gbps on some links... ac3 working just fine... Now after netinstaling both routers i don't have default configuration nor wifi interfaces :( :( :( :(
 
maigonis
Member Candidate
Member Candidate
Posts: 180
Joined: Sat Jul 20, 2019 8:16 pm

Re: Problem with IoT device on hAP ax2

Mon Feb 06, 2023 7:09 pm

It, most likely, is related to wave2 implementation. So config is a bit different. Try to tag wifi interfaces on Wireless tab, not bridge port. I have ax3, setup in capsman v2, and its working fine. Only thing I had to adjust was removing WPA3 from IoT interface as some devices had issues.

Who is online

Users browsing this forum: Bing [Bot], onnyloh and 27 guests