Community discussions

MikroTik App
 
zlate
just joined
Topic Author
Posts: 3
Joined: Sun Nov 13, 2022 2:52 pm

First time capsman (kinda solved)

Sun Nov 13, 2022 3:12 pm

Hi
Im stuck, i dont know where to continue troubleshoot.

Background:
I have a 2011UAS-2HnD which has served me for many many years but now i want to add a RBcAPGi-5acD2nD to extend the wifi.
I thought i keep the regular wifi on the router and just enable a capsman on it to manage the accesspoint from that, so i dont need to manage multiple places.
I have followed some guides but they are not talking to each other correct.
I have created a separate bridge for this port(ether 9) that the accesspoint is connected to, the accesspoint gets an IP from the dhcp-server i set up and i can connect to it from the main network.
Currenty i dont see anything in the last "drop rule" for the firewall that is regarding the capsman/cap communication, when i check the logs for the allowrule that i had to add i can see that the accesspoint is sending to the broadcast address but i see nothing in return sort of speak, can this indicate that its more a routing issue or something like that or that the boardcast-domain need to span across all networks?

Example log: bridge input: in:bridge_for_ap out:(unknown 0), src-mac xx:xx:xx:xx:xx:xx, proto UDP, 192.168.200.100:40346->255.255.255.255:5246, len 48

I can say i dont fully understand the datapaths and bridges totally and probably many more features... :?

I dont know if this helps but this are some exports

Router:
/caps-man channel
add band=2ghz-g/n extension-channel=disabled frequency=2411 name=channel1 secondary-frequency=2433
add band=5ghz-n/ac extension-channel=disabled name=5g
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm name=New_AP passphrase="not_so_secret"
/caps-man configuration
add country=sweden datapath=datapath1 datapath.bridge=bridge_for_ap datapath.local-forwarding=yes mode=ap name=newwifi rx-chains=0,1,2,3 security=New_AP \
    security.encryption=aes-ccm ssid=newwifi tx-chains=0,1,2,3
/caps-man datapath
add bridge=bridge_for_ap local-forwarding=no name=datapath1
/caps-man interface
add configuration=khoshmaze configuration.country=sweden configuration.mode=ap datapath=datapath1 disabled=no mac-address=00:00:00:00:00:00 master-interface=none \
    name=cap1 radio-mac=00:00:00:00:00:00 radio-name=""
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man manager interface
set [ find default=yes ] forbid=yes
add disabled=no interface=ether3
add disabled=no interface=ether9-slave-local
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=newwifi slave-configurations=newwifi

Wireless:
# nov/13/2022 13:37:10 by RouterOS 6.47
#
# model = RBcAPGi-5acD2nD
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] ssid=MikroTik
# managed by CAPsMAN
set [ find default-name=wlan2 ] ssid=MikroTik
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface wireless cap
#
set bridge=bridgeLocal discovery-interfaces=ether1 enabled=yes interfaces=wlan1,wlan2


Thanks in advance for some beginner help.
Last edited by BartoszP on Mon Nov 21, 2022 10:21 pm, edited 2 times in total.
Reason: proper tagging
 
zlate
just joined
Topic Author
Posts: 3
Joined: Sun Nov 13, 2022 2:52 pm

Re: First time capsman

Sun Nov 13, 2022 11:33 pm

I tried to move the accesspoint to the standard bridge-local but didnt improve anythin what i know
 
zlate
just joined
Topic Author
Posts: 3
Joined: Sun Nov 13, 2022 2:52 pm

Re: First time capsman (kinda solved)

Sat Nov 19, 2022 10:45 am

I think i might have figured out why it was not working.
In the Capsman you specify interfaces and my logic told me that i should use the physical interface so i had it set to ether 3 and ether 9 when i was swiching cables and try to figure stuff out.
Now when i added also the bridge that is connected to these ports stuff started working.

So why wouldnt the mikrotik understand that if i set the physical port it should use all bridges and vlans or whatever that is tagged to ether ports?

Who is online

Users browsing this forum: Bing [Bot], jaclaz, mstanciu, tarfox and 34 guests