Hey folks,

I have 2 Audiences and I can't use cable to extend my wifi network, so I need to rely on wireless backhaul. I've spent the last two days trying to setup the network without luck.

This is basically what I want to achieve:

• RB5009 as CAPsMAN v2 server.
  RB5009 as DHCP server.

• Audience (Living Room) in CAP mode, connected to RB5009 via cable + PoE
  One 2GHz (2x2) SSID for some devices (printers, IoT and etc)
  One 5GHz (4x4) SSID for newer devices (Android, iOS, MacOs)

• Audience (Bedroom) in CAP mode, with power adapter
  One 2GHz (2x2) SSID for some devices (printers, IoT and etc)
  One 5GHz (4x4) SSID for newer devices (Android, iOS, MacOs)
  Apple TV and Android TV connected via cable to the Audience ports (ether1 and ether2)

The same SSIDs on both Access Points, so the devices can roam.

I was able to set the 2GHz and 5GHz network for the clients, but I'm confused how to setup the 5GHz wireless backhaul connection on the 5GHz 2x2 antenna. Can someone help me?
Also, once the wireless backhaul is setup, the clients connected to the Audience Bedroom will be able to get IP address from RB5009?

Thanks in advance. I really want to avoid returning the devices.

Packages on RB5009:
Packages on Audiences APs:
Router config :
Audiences config :

It seems that all you need to do is set wifi2 on Master Audience to 'ap bridge', and on Slave Audience to 'station bridge', with security settings and all identical on both. You will also need to actually add the interfaces to bridges on both Audiences, the bridge is probably named bridgeLocal or something, the adding is done in Bridge > Ports, where you just click the plus sign, choose wifi2, and then pray everything works as you click the OK button.

This cannot be done through CAPsMAN, as the Slave Audience obviously does not and cannot have any connection to CAPsMAN at startup. It must be done manually on the Audiences themselves. You should therefore unset the manager property on wifi2 on both Audiences.

As for the connection between Audiences, do not use the same SSID and password as you do for your home network. Pick a random SSID, make it hidden, generate a random password, and probably try using WPA3. Set it up with WPA2 first, though, to check that everything works.

You can try and refer to this in case you have trouble setting it all up, with maybe a little bit of this where the first thing refers to "previous article" or something like that.

Also, consider using the 4x4 radios for backhaul. Approximately 0% of client devices can do 4x4. You probably don't need it on the wifi itself. But your backhaul performance will improve. Especially if you're allowed to use channel 149 (5745 MHz) at 30 dBm in your country.

Trust me, with wireless backhaul, unless you have paper-thin walls, you really want to use that sweet 30 dBm TX power. Normally setting it that high is somewhat of a folly, as the client device can't answer the AP at the same power level. But in this case, the client device is an AP. So it totally can, and you'll get a big speed improvement both up and down, as well as improved stability.

It seems that all you need to do is set wifi2 on Master Audience to 'ap bridge', and on Slave Audience to 'station bridge', with security settings and all identical on both. You will also need to actually add the interfaces to bridges on both Audiences, the bridge is probably named bridgeLocal or something, the adding is done in Bridge > Ports, where you just click the plus sign, choose wifi2, and then pray everything works as you click the OK button.

This cannot be done through CAPsMAN, as the Slave Audience obviously does not and cannot have any connection to CAPsMAN at startup. It must be done manually on the Audiences themselves. You should therefore unset the manager property on wifi2 on both Audiences.

As for the connection between Audiences, do not use the same SSID and password as you do for your home network. Pick a random SSID, make it hidden, generate a random password, and probably try using WPA3. Set it up with WPA2 first, though, to check that everything works.

You can try and refer to this in case you have trouble setting it all up, with maybe a little bit of this where the first thing refers to "previous article" or something like that.

Amazing! I somehow ended up applying this exact setup yesterday and it worked like a charm! I came today to answer my own question and ask if that is the best approach, and your reply just confirms that.

Thanks a lot!

This is the end setup:
- CAPsMAN disabled on Router and APs
- Living Room AP connected directly to Router and set as AP (I think ap-bridge does not exist in wifi-qcom-ac package)
- Bedroom AP set as station-bridge
- Two visible network (2GHz and 5GHz) on both APs with exact same config on both (SSID, Security and etc)
- One hidden network on the 5GHz 4x4 antenna, with a hidden network with random password and WPA3

That's it!

Connected my Apple TV on the ether2 on Bedroom AP and I'm getting 500Mbps+ up and down, with 4ms latency. More than enough.

Also, consider using the 4x4 radios for backhaul. Approximately 0% of client devices can do 4x4. You probably don't need it on the wifi itself. But your backhaul performance will improve. Especially if you're allowed to use channel 149 (5745 MHz) at 30 dBm in your country.

Trust me, with wireless backhaul, unless you have paper-thin walls, you really want to use that sweet 30 dBm TX power. Normally setting it that high is somewhat of a folly, as the client device can't answer the AP at the same power level. But in this case, the client device is an AP. So it totally can, and you'll get a big speed improvement both up and down, as well as improved stability.

I did! I decided to use 4x4 because I thought exactly that it would be much better for the backhaul performance.

Regarding the channel and dBm, do you know if setting the country in AP configs is enough to AP to ensure I'm using the allowed channels?

Also, the 30 dBm should be set in the TX power or in the antenna gain?

Nice! Glad you were able to do it!

CAPsMAN disabled on Router and APs

If you want to use CAPsMAN, you can still use CAPsMAN, just not on the backhaul interface. There's a `configuration.manager` property, and if you unset it on the wifi3 interface (and probably adjust some settings in datapath), you will be able to run CAPsMAN on the 2.4 GHz and 5 GHz 2x2 interfaces AND a manual config on the 5 GHz 4x4 interface. Here's my [one lonely] Audience running like that as a test:

Regarding the channel and dBm, do you know if setting the country in AP configs is enough to AP to ensure I'm using the allowed channels?

Also, the 30 dBm should be set in the TX power or in the antenna gain?

Setting the appropriate country is a good first step, but my guess is doing this alone will not be enough. The thing is, power regulations may differ depending on the frequencies the wifi3 interface uses. It's somewhat limited in terms of frequencies it can use (physically), my Audience tells me the radio can only do 5500-5825 MHz. You can check it in terminal with `/interface/wifi/radio/print detail`. So the automatic frequency finder may automatically choose the best frequency. But it's not guaranteed.

What you should therefore do is using the terminal enter `/interface/wifi/radio/reg-info country="<your country name, capitalized, as seen in wifi configuration settings>" 0` and take note of what it says. The first two numbers before the first (and sometimes the only) slash is going to be the frequency range, and the number after the first (or only) slash is the maximum allowed output power in dBm for that frequency range. You're gonna want to find the frequency range with the maximum allowed output power (typically it's 5735-5835) and preferably without the "dfs" after the second slash.

Once you have chosen the frequency range, navigate to this Wikipedia page and choose one of the numbers from the F0 column in that frequency range. You will want to use the highest 80 MHz channel, but probably the lowest control channel frequency for that 80 MHz channel. So look at the F0 index > 80 MHz column, choose the highest one (in terms of frequency) for which all of the corresponding F0 numbers are still in your chosen frequency range, then choose the lowest F0 number that corresponds to the chosen 80 MHz channel. Once you got that, you're golden.

Set that frequency on both Audiences on wifi3, and set channel width to "20/40/80 MHz" if you haven't yet. Country setting should be set appropriately for all of this to work. Now, this should be enough for the Audience to be blasting at max power. But to make sure you're in line with regulations, you also should set antenna-gain values to 4, 5 and 5 on wifi1, wifi2 and wifi3 interfaces respectively.

If you need help with any of the above, just post the output of `/interface/wifi/radio/reg-info...` from above.

Theoretically, since Audience only has integrated antennae, the newer revisions should disregard values of antenna-gain lower than the ones listed above. But some older revisions don't have that lock in place, so you're theoretically able to go to town with it: if you have antenna-gain unset, it's equivalent to antenna-gain=0. So on older revisions, if antenna-gain is unset and status says it's blasting at 30 dBm, it's really blasting at more like 35 dBm in some directions. So yeah. But, you know, IMO, no harm, no foul if you have thick concrete walls and no signal escapes anyway. Just don't go changing the countries to get around DFS restrictions, otherwise they will come for you and kick your butt. Hard.

I see that you have previously posted a config that has Europe/Madrid set as time zone. So I'll take a wild guess that the country is Spain. For Spain, reg-info outputs:


That's some unfortunate news, really.

I believe you don't really need to do anything but set the country setting and the antenna-gain value appropriately. You may still want to set the frequency to 5580, but I don't think it'll make much of a difference, as channels in 5490-5710 range will probably be equally congested.

You will also have to live with DFS, which means that, if your Audiences detect something that might look like a radar event, they will break the connection and wait a fair bit before re-establishing it. And no meshing solution will work better, really. It's just a matter of frequencies.

So now it all depends on how frequent the radar events will be. If they are too frequent, you might want to consider switching to non-DFS frequencies for backhaul. With Audiences that would mean also switching the radios around like you wanted to do in the first place. But that would then mean that your actual non-hidden networks need to be in the DFS frequencies. Soo... Monitor it for a bit. It may work perfectly fine. It may not. It depends.

If radar events are too frequent, you might want to either return the Audiences and either buy 4 standard MikroTik routers, like ac2/ac3, to drop your backhaul into lower frequencies, or some other meshing solution that can do lower frequencies on wireless backhaul. That is, if you want the mesh to work. But at that point, I'd also consider running a cable.

Monitor it first, though. It might work perfectly well.

If you want to use CAPsMAN, you can still use CAPsMAN, just not on the backhaul interface. There's a `configuration.manager` property, and if you unset it on the wifi3 interface (and probably adjust some settings in datapath), you will be able to run CAPsMAN on the 2.4 GHz and 5 GHz 2x2 interfaces AND a manual config on the 5 GHz 4x4 interface.

Hey Nullcaller!

Thanks for the great explanation. I've managed to set up my three Audiences using the wifi-qcom-ac package. Everything works fine except the CAPSMAN indication on the main device (with the CASMAN server).

I'm using the same configuration of wlan3 on the main device and two CAP Audiences. Both CAPs are successfully provisioned. They get IP addresses and settings for wlan1 and wlan2.

When I check WiFi interfaces on CAPs, I see a proper message: But the main device shows "No connection to CAPsMAN, managed locally": I've checked all the settings dozens of times but cannot get the reason for this indication.

Could you say where the problem can be?

Intended behaviour is to provision local interfaces on CAPsMAN devices locally. This is not a problem since local wifi provisioning and capsman (can) actually share same configuration profiles. This wasn't a case with legacy wireless where it did make sense to let capsman provision also local interfaces.

Could you say where the problem can be?

Just as @mkx said.

New CAPsMAN no longer supports provisioning local interfaces as though they are remote. You will need to configure them locally. It's a little bit of a pain the first time, but it's very doable, and it's worth it long-term.

Pretty much all you need to do is choose configuration and datapath locally on the local interfaces and then maybe rename local interfaces so that they use the same naming scheme as remote, if you're as petty as I am. `manager` value should be left unset.

Hey @mkx @Nullcaller,

Thank you for your responses, folks!

I really tried to do everything according to the documentation and was super happy to get a working configuration. However, I feel like I'm missing something, and this red message is like a sad reminder for me

I don't want to bother you by asking for a detailed guide. Maybe you could point to a specific piece of documentation where I can read about proper Capsman2 Audience settings? Or I could post a step-by-step description of my setup, and you could say where exactly I did wrong. Would that work for you?

@morphema, log into winbox, open the WiFi window and go into Radios tab. There will be three local radios. Select them all and click 'Provision'. That's how I set up my local CAPsMAN interfaces, now that I remember it. It should provision your local radios with proper configurations according to your provisioning rules, set in Provisioning tab.

It should work if you have wlan interfaces manually added to the bridge. I'd advise you to copy default CAP configuration though, and let wlan interfaces be added to the bridge dynamically. Remove them from the bridge, add a Datapath called 'capdp' with the bridge value set to your bridge in the Datapath tab of the WiFI window. Then go ahead and set capdp as the datapath for each local interface in the WiFi tab of the WiFi window. The interfaces should now be dynamically added to the bridge.