I can get CapsMan to assign a single configuration to all cAPs and provsion wlan2 on each, but I would like to alternate between four different 5ghz frequencies, by assigning different configurations to the cAP units based on mac address. Sadly I don't know how to do this properly, because when specify a specific radio mac address in a provisioning rule in CapsMan, it seems to ignore it and provision all of the cAPs, not just the one cAP with the matching mac address. Would someone tell me how to assign a given CapsMan configuration to a specific cAP by mac address, or point me to existing instructions that explain this process?
in this case should be added 2 rules like this. One rule allow access second denies.We are also experiencing wireless devices constantly hopping from AP to AP. To combat this, I have added an access list rule that restricts access to clients with a -65 signal or better, like this:
/interface wireless access-list
add comment="Restrict wifi connections to -65 or stronger" signal-range=-65..120
Hello friend!Thank you, pcunite and escandor! I will try your suggestions.
Hello friend!Thank you, pcunite and escandor! I will try your suggestions.
With this configuration, ping times to the local gateway IP are better than before, but still not great.
If not already done, try "cts-to-self" or "rts-cts" hw-protection-mode.
The funny thing is that I switched from CapsMAN forward to local forward and it should be faster, quicker, more stable etc.. and it isn't. It's not working properly, user are disconnecting all the time by the access-list which works by the way good but something is making a mess in the radio which seems like those caps are fighting each other for the clients here you have a probe of that: https://youtu.be/r7Z4F3bJMkM on this short clip you see cap number 03 and on the end of the clip 01 came up. Please notice that there are four of them, 02 is also there and 01 is also available and 03 is the small cap hidden in the office which shouldn't be taking so many clients because they are near the 01 and 02 caps as I shown on that picture below:# channel: 5180/20-Ceee/ac(14dBm), SSID: MKTBW, local forwarding
Have you tried to see what is in the AIR ? There is a lot of tools that can show what is happening in the AIR.So basically I'm speechless because I can figure it out.. and I wonder why is this so pain in the ass.
It is never too late. But my assumption that you will have same problems with other solutions. If you can not find reason of you problems.each day my thoughts are rather with a small virtual machine with ubiquti solutions and the same company access points and sell those Access Points ..
Yes. No interference. I'm struggling with my own caps which seems to interfere themself each otherHave you tried to see what is in the AIR ? There is a lot of tools that can show what is happening in the AIR
Who said that I'm not using capsman. I'm using it but not Capsman forwarding but local forwarding which also makes capsman useful. I don't use capsman fw because it makes data unreadable from wifi clients by any sniffer because of DTLS. Although I had that configuration previously and it worked awesome. But because I need to have WiFi analyzed using external sniffer to analyze suspicious traffic I can't use Capsman FW. Also I read that Local Forward is more efficient. But in this scenario Like you all see it isn't.Another question, why in configuration you configure every single AP manually ? CapsMAN can make this "automagically", but for this you need to spend some time for experiments.
I'm afraid your assumptions is wrong. I never had any trouble with any other wifi controllers like Ubiquiti for instance. This is the first time I'm struggling with stuff like that. Second, MikroTik which is driving me nuts proved that it isn't ready solution out of the box where you can just plug , set couple easy things and it works and if, I said if you want to tune something go ahead you can , not like in the other branded vendors access points. It seems unfortunately it doesn't even work like that.. out of the box. I'm very open for someone who can point me where I'm doing something wrong. But I have studied on YouTube official Mikrotik pitfals which are made using MikroTik what to do what not to do.. And over 2 weeks I'm struggling with this. I'm sorry but vendor solutions should be easy in this level , it's not a rocket science to have basic functionality but where it comes to this.. it is because non of this works. I'm hoping someone will look at this confirm that I have good or not good configuration and if everything is ok what needs to be checked also.t is never too late. But my assumption that you will have same problems with other solutions. If you can not find reason of you problems.
It is a little bit confusing "No interference" and "which seems to interfere themself each other". Don't you think so ?Yes. No interference. I'm struggling with my own caps which seems to interfere themself each other
Well, provisioning AP by mac-address using capsman , from my point of view is dong this manually.Who said that I'm not using capsman.
By no interference I mean there are no other radio from other offices around.It is a little bit confusing "No interference" and "which seems to interfere themself each other". Don't you think so ?
I'v set that from mikrotik because I couldn't get this done from AP itself. They were saying that after connecting them to capmsan, capsman itself is only responsible for setting channels.. so I stuck here and set on capsman1. AP nearby should have different channel to reduce interference.
/caps-man channel add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5300,5340,5500 name=5Ghz reselect-interval=5h save-selected=yes tx-power=14 add band=2ghz-g/n control-channel-width=20mhz extension-channel=disabled frequency=2412,2437,2462 name=2Ghz reselect-interval=1h tx-power=10
They are correct. You see on the picture.2. correctly place AP in office. (I think that this area can be covered by 3 AP and not by 5 less AP less interference. I hope you have less than 50 wireless devices )
Look on point 1.3. define set of channels that your AP can use. Auto-selection of channel in Mikrotik is not always the best.
When I find solution I will do that because right now it's not the problem with caps itself. Like I said only one is working I have the same problem still.4. lower values for access-list to -65-70.
Provision rules are set. There is no need to set it like this you said. After setting the caps (for local fw , set bridge, IP address and cap enabled) they will appear on capsman and in provision tab ready to receive configuration (provision if changed).5. create provision rules not by MAC address. (there is a lot of options by regexp or simply without specification of mac address. If you want separation of AP nearby by frequency you should write rules that identify AP by identity or name).
/interface wireless pr Flags: X - disabled, R - running 0 R ;;; managed by CAPsMAN ;;; channel: 2412/20/gn(10dBm), SSID: MKTBW, local forwarding name="wlan1" mtu=1500 l2mtu=1600 mac-address=64:D1:54:EE:0C:7F arp=enabled interface-type=IPQ4019 mode=station ssid="MikroTik" frequency=2412 band=2ghz-b/g channel-width=20mhz secondary-channel="" scan-list=default wireless-protocol=any vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no security-profile=default compression=no 1 R ;;; managed by CAPsMAN ;;; channel: 5500/20/ac(14dBm), SSID: MKTBW, local forwarding name="wlan2" mtu=1500 l2mtu=1600 mac-address=64:D1:54:EE:0C:80 arp=enabled interface-type=IPQ4019 mode=station ssid="MikroTik" frequency=5180 band=5ghz-a channel-width=20mhz secondary-channel="" scan-list=default wireless-protocol=any vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no security-profile=default compression=no 2 R ;;; managed by CAPsMAN ;;; SSID: MKTBW_Guest, local forwarding name="wlan26" mtu=1500 l2mtu=1600 mac-address=66:D1:54:EE:0C:80 arp=enabled interface-type=virtual master-interface=wlan2 3 R ;;; managed by CAPsMAN ;;; SSID: MKTBW_Guest, local forwarding name="wlan28" mtu=1500 l2mtu=1600 mac-address=66:D1:54:EE:0C:7F arp=enabled interface-type=virtual master-interface=wlan1
You can see that this already done above from interface print.6. reduce power on AP
/interface bridge> monitor bridge state: enabled current-mac-address: 64:D1:54:EE:0C:7D root-bridge: yes root-bridge-id: 0x8000.64:D1:54:EE:0C:7D root-path-cost: 0 root-port: none port-count: 5 designated-port-count: 5 fast-forward: no
Your current configuration in git does not define channels for AP.And Please before advising me something take a look to configuration or read carefully because when someone has a problem then I require that person who wants help must prepare whole description of config and situation. I made that already. There is a link to Github Gist and I feel like you don't even manage to see it. For example asking me about channels, power etc.
In my first answer I asked if other AP also accepted configuration supplied. But did not received answer./caps-man channel
add band=5ghz-a/n/ac control-channel-width=20mhz extension-channel=disabled frequency=5300,5340,5500 name=5Ghz reselect-interval=5h save-selected=yes tx-power=14
I wish you good luck in fighting with wind mills.I require that person who wants help must prepare whole description of config and situation
Line 7 & 10 provides what frequency they are using.our current configuration in git does not define channels for AP.
Like I said it's not the major problem with radio. It's problem with STP because Caps are using bridge local fwIn my first answer I asked if other AP also accepted configuration supplied. But did not received answer.
34 10.10.1.3 56 64 42ms 35 10.10.1.3 timeout 36 10.10.1.3 56 64 0ms 37 10.10.1.3 56 64 107ms 38 10.10.1.3 56 64 18ms 39 10.10.1.3 56 64 41ms sent=40 received=36 packet-loss=10% min-rtt=0ms avg-rtt=22ms max-rtt=107ms SEQ HOST SIZE TTL TIME STATUS 40 10.10.1.3 56 64 72ms 41 10.10.1.3 56 64 93ms 42 10.10.1.3 56 64 122ms 43 10.10.1.3 56 64 142ms 44 10.10.1.3 56 64 60ms 45 10.10.1.3 56 64 92ms 46 10.10.1.3 56 64 112ms 47 10.10.1.3 timeout 48 10.10.1.3 timeout 49 10.10.1.3 timeout 50 10.10.1.3 timeout 51 10.10.1.3 timeout 52 10.10.1.3 timeout 53 10.10.1.3 timeout 54 10.10.1.3 timeout 55 10.10.1.3 timeout 56 10.10.1.3 timeout 57 10.10.1.3 timeout 58 10.10.1.3 timeout 59 10.10.1.3 timeout sent=60 received=43 packet-loss=28% min-rtt=0ms avg-rtt=35ms max-rtt=142ms SEQ HOST SIZE TTL TIME STATUS 60 10.10.1.3 timeout 61 10.10.1.3 timeout 62 10.10.1.3 timeout 63 10.10.1.3 timeout 64 10.10.1.3 timeout 65 10.10.1.3 timeout 66 10.10.1.3 timeout 67 10.10.1.3 timeout 68 10.10.1.3 timeout 69 10.10.1.3 timeout 70 10.10.1.3 timeout 71 10.10.1.3 timeout 72 10.10.1.3 timeout 73 10.10.1.3 timeout 74 10.10.1.3 timeout sent=75 received=43 packet-loss=42% min-rtt=0ms avg-rtt=35ms max-rtt=142ms [konrad@BB-RT-01] > ping 10.10.1.3 SEQ HOST SIZE TTL TIME STATUS 0 10.10.1.3 56 32 22ms 1 10.10.1.3 56 32 53ms 2 10.10.1.3 56 32 71ms 3 10.10.1.3 56 32 102ms 4 10.10.1.3 56 32 21ms 5 10.10.1.3 56 32 42ms sent=6 received=6 packet-loss=0% min-rtt=21ms avg-rtt=51ms max-rtt=102ms [konrad@BB-RT-01] > ping 10.10.1.91 SEQ HOST SIZE TTL TIME STATUS 0 10.10.1.91 56 64 1ms 1 10.10.1.91 56 64 2ms 2 10.10.1.91 56 64 1ms 3 10.10.1.91 56 64 1ms 4 10.10.1.91 56 64 1ms sent=5 received=5 packet-loss=0% min-rtt=1ms avg-rtt=1ms max-rtt=2ms
The Truth is always a pain in the ass. Rather to be so sensitive take it to consideration because I'm tired to receive the same advises .. check radio, check powe TX.. That's already provided and if you could look closely to the config you would notice that antena gain is modified channels are different and Capsman is working.And as a result arrogant comments like
Thank you.I wish you good luck in fighting with wind mills.
Reading documentation is a "must".The Truth is always a pain in the ass.
TrueReading documentation is a "must".
Seriously? First of all I'm not providing default MikroTik configuration because I used export compact command to provide the configuration. This gives adds of configuration without default settings. So adding bridge every time on MikroTik is set by default with Spanning Tree Protocol regarding to your "was not specified that you are using STP" and method by default is RSTP so you were saying "Even if Mikrotik is recommending using RSTP. " and I don't know if I know what did you meant but STP is a functionality and RSTP is one of the STP method used in that functionality. I think you misunderstood those two concepts. In your link there is no solutions because that's not for Local Forwarding. Maybe if you wanna help read about Local Forward mode.From original configuration was not specified that you are using STP. Even if Mikrotik is recommending using RSTP.