Community discussions

MikroTik App
 
mx5gr
just joined
Topic Author
Posts: 16
Joined: Thu Jun 22, 2017 6:02 pm

If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Tue Jan 12, 2021 4:36 pm

Hello to all!

I have been using ESPhome firmware (1.15.0) with a multitude of devices that are based on either ESP32 or ESP8266 (e.g. WeMOS D1/D1 Mini). The wireless network is provided by Mikrotik Access Points, including the model RBcAPGi-5acD2nD and RouterBOARD cAP L-2nD ones (all running firmware 6.48).

If the Mikrotik APs are used individually, i.e. different SSIDs per AP, then all ESPHome devices connect flawlessly to the APs. However, when I enable CAPSMAN in order to optimize AP coverage and SSIDs, no ESPHome devices (ESP32 or ESP8266) can connect to the wireless network! No requests for DHCP are made and no ARPs are recorded within the APs. As soon as CAPSMAN is disabled, all devices can connect flawlessly again. This has been observed with other ESP32/ESP8266 that do NOT run the ESPHome firmware but an alternative, such as Tasmota or Tuya.

Please note that other devices, such as mobile phones (both Android/Samsung and iOS/Iphones) can connect with no errors to WLAN when CAPSMAN is enabled, the issue is observed only with ESP32/ESP8266 devices.

Has anyone deployed Mikrotik CAPSMAN with ESP32-ESP8266 devices?

Thank you!
 
quackyo
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Nov 16, 2015 10:14 am

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Wed Jan 13, 2021 12:50 pm

Yea, I have 8 tasmota-flashed ESP8266 in my capsman network (with a total of 4 AP's). Works fine. I even used this setup to run a separate "IOT" SSID which goes on a separate VLAN.

My first guess is to check channel width / extension channel on 2,4GHz.
Extension channel should (at least on 2,4GHz) be disabled. Channel width should be 20MHz, which if you do not override the channel with settings will be the result when you disable extension channel.

More general advise is to reduce TX power on your 2,4GHz radios to get better roaming. the ESP8266 (at least the ones without external antenna) have crap wifi, so there is no use in screaming TO the client when the client can only whisper back.
Also remember to use different channels on the different radios. (only 2412/2437/2462 is not overlapping(much)).
 
mx5gr
just joined
Topic Author
Posts: 16
Joined: Thu Jun 22, 2017 6:02 pm

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Wed Jan 13, 2021 6:00 pm

Hi quackyo,

I have exactly the same wireless setup, that is a separate VLAN for IoT and a virtual SSID for all IoT devices. I run the AP system to the frequencies you mention, paying particular attention so that adjacent APs have no overlapping channels as well.

I am not using any extension channels and the channel width is indeed 20 MHz. The Wireless Band selection is 2GHz-G/N (tried with 2GHz-only-N as well).

Therefore, I believe that the Mikrotik wireless part is the same with the setup you suggest, The only thing that differentiates us is the firmware running on the ESP devices. I use ESP8266 with Tuya, ESP8266 with ESPHome and ESP32 with ESPHome, none of which can connect under CAPSMAN but connect flawlessly under ordinary wireless AP operation. I do agree that distance is a factor due to the crappy antenna implementation of the ESPs, however it is not applicable in my case as the tests are performed between 3 and 15 meters line-of-sight.

Moreover, nothing is recorded on the Mikrotik AP log, even in the debug mode, regarding these IoT devices when CAPSMAN is enabled!

Maybe Tasmota has a different WiFi implementation than Tyua or ESPHome and thus it works with CAPSMAN..
 
quackyo
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Nov 16, 2015 10:14 am

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Thu Jan 14, 2021 11:34 am

As long as you can connect to AP swithout capsman, I'm inclined to believe something is missing in your capsman setup.
Can you post an export (with hide-sensitive ofcourse) of your running config on capsmanager? Also a verification of the status on one of the running cap-interfaces vould be nice.
( /caps-man interface print detail
, must be done on both the main 2,4GHz cap interface and the slave-interface, as the slave-interface doesn't have wifi settings).

Like this:
my main interface
4 M B name="MAIN" mac-address=xxx arp-timeout=auto
radio-mac=xxx master-interface=none
radio-name="xxx" configuration=cfg-vlanxx security=security
security.group-encryption=aes-ccm l2mtu=1600
datapath.client-to-client-forwarding=yes datapath.bridge=bridge
datapath.local-forwarding=no channel.frequency=2412
channel.band=2ghz-g/n channel.extension-channel=disabled
channel.tx-power=12 rates=24-rates no slowrates
current-state="running-ap" current-channel="2412/20/gn(12dBm)"
current-rate-set="OFDM:12-54 BW:1x SGI:1x HT:0-7"
current-basic-rate-set="OFDM:12" current-registered-clients=0
current-authorized-clients=0

my "IOT" interface which is slave to the main interface:
BR name="IOT" mac-address=xxx arp-timeout=auto
radio-mac=00:00:00:00:00:00 master-interface=MAIN
radio-name="" configuration.ssid="xxx"
security.authentication-types=wpa2-psk security.encryption=aes-ccm
security.group-encryption=aes-ccm security.group-key-update=1h
security.passphrase="xxx" l2mtu=1600
datapath.client-to-client-forwarding=yes datapath.bridge=bridge
datapath.local-forwarding=no datapath.vlan-mode=use-tag
datapath.vlan-id=xxx rates=24-rates no slowrates
current-state="running-ap"
current-rate-set="OFDM:12-54 BW:1x SGI:1x HT:0-7"
current-basic-rate-set="OFDM:12" current-registered-clients=2
current-authorized-clients=2
 
User avatar
Hominidae
Member
Member
Posts: 309
Joined: Thu Oct 19, 2017 12:50 am

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Fri Jan 15, 2021 10:53 am

...I have a set of about 8-10 Tasmota devices running fine in a network with 2 cAP-ac, separate "IoT"-SSID on a VLAN...capsman runs on a RB4011....no problems at all.

What version of tasmota are you running?
Only since the later 8.x and now 9.1 I see the devices connection status return be more "sticky"/stable (Link Count from the tasmota log/console output stays stable at "1" for months).
Since later 6.x throughout earlier 8.x, I've seen LinkCount rise to higher numbers without a change of infrastructure....10s or even 100s in a month.
This behaviour I did see on other APs, like unifi UAP-AC as well.
Both of my cAP-ac do cover the whole area and the tasmota device will usually use the strongest AP when first instaled or a WiFi reset ("reset 3") occurs.
However, when one AP is decommissioned, they switch over to the 2nd, but will then stay there until you reset WiFi "cache" (reset3, physical unplug power, replug).

But I have never experienced this behavior like you.
Unfortunately, for another reason I am now back to testing/using my unifi APs and the MTs are, at this point in time decommissioned...so I can't check any logs.
 
mx5gr
just joined
Topic Author
Posts: 16
Joined: Thu Jun 22, 2017 6:02 pm

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Fri Jan 15, 2021 6:46 pm

As long as you can connect to AP swithout capsman, I'm inclined to believe something is missing in your capsman setup.
Can you post an export (with hide-sensitive ofcourse) of your running config on capsmanager? Also a verification of the status on one of the running cap-interfaces vould be nice.
( /caps-man interface print detail
, must be done on both the main 2,4GHz cap interface and the slave-interface, as the slave-interface doesn't have wifi settings).
Here you are (cleaned-up version):
[admin@test1] > /caps-man interfaces print detail             

 0 name="test-1" mac-address=XX:XX:XX:XX:XX:XX arp-timeout=auto 
        radio-mac=XX:XX:XX:XX:XX:XX master-interface=none 
        radio-name="XXXXXXXXXXXX" configuration=test-conf 

 1 name="testIOT-1-1" mac-address=XX:XX:XX:XX:XX:XX arp-timeout=auto 
        radio-mac=00:00:00:00:00:00 master-interface=test-1 
        radio-name="XXXXXXXXXXXX" configuration=test-iot-conf

[admin@test1] > /caps-man configuration print detail             

0 name="test-conf" mode=ap ssid="test" multicast-helper=full tx-chains=0,1,2,3 rx-chains=0,1,2,3 
   installation=indoor keepalive-frames=enabled security=test-sec datapath=test-path channel=test-main 
   rates=GN Only - No B rates 

1 name="test-iot-conf" ssid="test-iot" multicast-helper=full tx-chains=0,1,2,3 rx-chains=0,1,2,3 
   installation=indoor keepalive-frames=enabled security=test-iot-sec datapath=test-iot-path channel=test-main 
   rates=GN Only - No B rates 
   
   
[admin@test1] > /caps-man datapath print detail             
0 name="test=path" local-forwarding=yes vlan-mode=use-tag vlan-id=99 
1 name="test-iot-path" local-forwarding=yes vlan-mode=use-tag vlan-id=100 


[admin@test1] > /caps-man security print detail        
0 name="test-iot-sec" authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm group-key-update=5m 
   passphrase="XXXXXXXXXXX" tls-mode=no-certificates 

1 name="test-sec" authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm group-key-update=5m 
   passphrase="XXXXXXXXXXX" tls-mode=no-certificates 


[admin@test1] > /caps-man channel print detail        
name="test-main" frequency=2462 control-channel-width=20mhz band=2ghz-onlyn 

 
mx5gr
just joined
Topic Author
Posts: 16
Joined: Thu Jun 22, 2017 6:02 pm

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Sat Jan 16, 2021 4:14 pm

Found the issue!!!!

I had defined the following CAPSMAN Rates within my configs:
 0 name="test-rates" basic=12Mbps supported=12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps 
   ht-basic-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9 
   ht-supported-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-14,mcs-15,mcs-16,
                 mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23 
As soon as I removed it from the IoT CAPSMAN config, voila! All devices reconnected to the AP using CAPSMAN!

Please note that I have some ESPs very near the AP, which connect >36 MBps all the time, hence using the above rate filtering should not affect their connection.
 
quackyo
Member Candidate
Member Candidate
Posts: 173
Joined: Mon Nov 16, 2015 10:14 am

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Sun Jan 17, 2021 7:24 pm

Nice. BTW, here is my rates - working with ESP's.

0 name="24-rates no slowrates" basic=12Mbps supported=12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps

As you can see the only difference is that I haven't defined ht at all.
 
yozik04
just joined
Posts: 4
Joined: Sat Sep 11, 2021 3:13 pm

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Sat Sep 11, 2021 3:31 pm

I have switched from some old Netgear router to Mikrotik cAP ac and instantly lost all my ESP32 devices from the network. All are with ESPHome firmware.
Serial output on the ESP32 showed that they all were failing with reason='Probe Request Unsuccessful' error.
After spending some hours I finally fixed it. Here is the solution for others:
In CAPsMAN Channels for each CAP's Channel I had to specify Extension Channel. In my case I picked "eC" and clicked Apply. After this all my ESP32 instantly connected back.

I think default Extension channel setting has a bug. Even if I will return it to disabled ESP32 will still connect fine. Happens on freshly configured cAP ac and hAP ac2 via CAPsMAN.
 
raceboy
Frequent Visitor
Frequent Visitor
Posts: 50
Joined: Fri Mar 23, 2018 7:23 pm

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Mon Sep 27, 2021 9:54 am

...in CAPSMAN try with local forwarding = no. In my case ESP's works only that way
 
maretodoric
newbie
Posts: 31
Joined: Thu Aug 01, 2019 10:35 am

Re: If CAPSMAN is enabled, no ESP32 or ESP8266 device can connect to WLAN

Wed Feb 02, 2022 6:13 pm

This is still going on, not sure where to put the blame, ESPHome or Mikrotik...
I just disconnected 2.4GHz radio on hap ac2 from capsman and esphome devices immediately connected to it, as soon as i bring it back to capsman i have issues.

This is configuration of a working interface (wlan1) - this is disconnected from capsman now.
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=20/40mhz-XX country=no_country_set disabled=no distance=indoors frequency=auto frequency-mode=manual-txpower installation=\
    indoor mode=ap-bridge ssid="Don't look at me" station-roaming=enabled wireless-protocol=802.11 wps-mode=disabled
# managed by CAPsMAN
# channel: 5180/20-Ceee/ac/P(23dBm), SSID: Don't look at me, CAPsMAN forwarding
set [ find default-name=wlan2 ] antenna-gain=0 band=5ghz-onlyac channel-width=20/40/80mhz-eCee country=serbia distance=indoors frequency=auto frequency-mode=superchannel installation=indoor mode=\
    ap-bridge ssid="Don't look at me" station-roaming=enabled wds-default-bridge=bridge wds-mode=dynamic wireless-protocol=802.11 wps-mode=disabled
/interface wireless nstreme
# managed by CAPsMAN
# channel: 5180/20-Ceee/ac/P(23dBm), SSID: Don't look at me, CAPsMAN forwarding
set wlan2 enable-nstreme=yes
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk eap-methods="" mode=dynamic-keys supplicant-identity=MikroTik

This is capsman configuration which I've tried to replicate from working wireless interface

/caps-man configuration
add channel=channel1 country=serbia datapath.bridge=bridge guard-interval=any hide-ssid=no installation=indoor mode=\
    ap name="CAPs Conf" rates.basic=12Mbps rates.supported=12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps rx-chains=0,1 \
    security.authentication-types=wpa2-psk,wpa2-eap security.encryption=aes-ccm security.group-encryption=aes-ccm \
    ssid="Don't look at me" tx-chains=0,1
add channel.band=5ghz-onlyac country=serbia datapath.bridge=bridge hide-ssid=no installation=indoor mode=ap name=\
    "CAPs Conf 5GHz" security.authentication-types=wpa2-psk,wpa2-eap security.encryption=aes-ccm \
    security.group-encryption=aes-ccm ssid="Don't look at me"
/caps-man channel
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=XX name=channel1
And is not working when it's managed by capsman. Ive tried various configuration from this topic
  • mx5gr noted that he had specific rates defined, i had none
  • quackyo share his rates and that it's working with them, tried to configure my rates the same, not working
  • yozik04 noted that he had to specify "eC" for extended channel, i had none configured so i tried eC and tried XX as in my default config - no change, not working
  • raceboy said that it works with "local forwarding" disabled, in my case i had no local forwarding configured, but tried to specify it to both disabled and enabled , still not working
Any ideas are highly appreciated.

Also, my Roborock S5 Max is constantly being disconnected from radio when managed by CAPSMAN, when i disable capsman it's working just fine, stable.
It's getting disconnected with
disconnected, received deauth: sending station leaving (3), signal strength -50
EDIT:
Solved it by removing WPA2 EAP Authentication type (leaving only WPA2 PSK)
Not sure what i was thinking..

Who is online

Users browsing this forum: No registered users and 37 guests