Welcome friends
I have a problem with WiFiVave2 CAPsMan, I would like my CAPs to be managed by the main router (MiT-Router), but strange messages appear on the interfaces:
"no connection to CAPSMAN, managed locally"
As you can see in the scripts, I based the network on VLANs and I would like the CAPs to be managed by VLAN100.
As you can see in the screenshot from one CAP, there is information that they are managed.
But what could be wrong with the main router?
CAPsMAN does not manage local or connected WiFi interfaces.
Unless this is some problem on the RouterOS side?
Please help
main router script
Code: Select all
# 2024-05-17 10:19:17 by RouterOS 7.14.3
# software id = 0NWC-BS4Q
#
# model = C52iG-5HaxD2HaxD
# serial number =
/interface bridge add name=bridge vlan-filtering=yes
/interface bridge add name=bridgeWBBR
/interface ethernet set [ find default-name=ether1 ] name=ether1-WAN
/interface ethernet set [ find default-name=ether3 ] name=ether3-MGMT
/interface ethernet set [ find default-name=ether4 ] name=ether4-TRUNK
/interface ethernet set [ find default-name=ether5 ] name=ether5-MiT
/interface vlan add interface=bridge name=vlan25 vlan-id=25
/interface vlan add interface=bridge name=vlan50 vlan-id=50
/interface vlan add interface=bridgeWBBR name=vlan99-tmp vlan-id=99
/interface vlan add interface=bridge name=vlan100-mgmt vlan-id=100
/interface pppoe-client add ac-name=NETUS add-default-route=yes disabled=no interface=ether1-WAN name=pppoe user=yz
/interface list add name=LAN
/interface list add name=WAN
/interface wifi channel add band=2ghz-ax disabled=no frequency=2412,2437,2462 name=channel_2g width=20/40mhz-Ce
/interface wifi channel add band=5ghz-ax disabled=no frequency=5180 name=channel_5g width=20/40/80mhz
/interface wifi channel add band=2ghz-n disabled=no frequency=2412,2437,2462 name=channel_2g_ac width=20/40mhz-Ce
/interface wifi channel add band=5ghz-ac disabled=no frequency=5180 name=channel_5g_ac width=20/40/80mhz
/interface wifi datapath add bridge=bridge disabled=no name=datapath1
/interface wifi datapath add bridge=bridge disabled=no name=datapath2 vlan-id=25
/interface wifi security add authentication-types=wpa2-psk,wpa3-psk connect-priority=0/1 disabled=no ft=yes name=secMiT wps=disable
/interface wifi configuration add channel=channel_2g country=Poland datapath=datapath2 disabled=no manager=capsman-or-local mode=ap name=cfg_IOT security=secMiT security.connect-priority=0 .ft=no ssid=MiT-IOT
/interface wifi configuration add channel=channel_2g_ac country=Poland datapath=datapath1 disabled=no manager=capsman-or-local mode=ap name=cfg-MiT-AC security=secMiT security.ft=yes ssid=MiT
/interface wifi configuration add channel=channel_5g_ac country=Poland datapath=datapath1 disabled=no manager=capsman-or-local mode=ap name=cfg-MiT-5G-AC security=secMiT security.ft=yes ssid=MiT
/interface wifi steering add disabled=no name=steering1 neighbor-group=dynamic-MiT-Test-59c6221d rrm=yes wnm=yes
/interface wifi configuration add channel=channel_5g country=Poland datapath=datapath1 disabled=no manager=capsman-or-local mode=ap name=cfg-MiT-5G security=secMiT security.connect-priority=0 .ft=yes ssid=MiT steering=steering1
/interface wifi configuration add channel=channel_2g country=Poland datapath=datapath1 disabled=no manager=capsman-or-local mode=ap name=cfg-MiT security=secMiT security.connect-priority=0 .ft=yes ssid=MiT steering=steering1
/interface wifi
# no connection to CAPsMAN, managed locally
set [ find default-name=wifi1 ] configuration=cfg-MiT-5G disabled=no
/interface wifi
# no connection to CAPsMAN, managed locally
set [ find default-name=wifi2 ] configuration=cfg-MiT configuration.mode=ap disabled=no
/interface wifi add configuration=cfg_IOT configuration.mode=ap disabled=no mac-address=XX:X:XX:XX:XX:XX master-interface=wifi2 name=wifi3
/ip pool add name=dhcp_pool0 ranges=192.168.25.150-192.168.25.254
/ip dhcp-server add address-pool=dhcp_pool0 interface=vlan25 lease-time=1d name="dhcp - MiT"
/interface bridge port add bridge=bridge interface=ether4-TRUNK
/interface bridge port add bridge=bridge interface=ether3-MGMT pvid=100
/interface bridge port add bridge=bridge interface=ether5-MiT pvid=25
/interface bridge port add bridge=bridge interface=wifi2 pvid=25
/interface bridge port add bridge=bridge interface=wifi1 pvid=25
/ipv6 settings set disable-ipv6=yes
/interface bridge vlan add bridge=bridge tagged=bridge,ether4-TRUNK untagged=ether5-MiT vlan-ids=25
/interface bridge vlan add bridge=bridge tagged=bridge,ether4-TRUNK untagged=ether3-MGMT vlan-ids=100
/interface bridge vlan add bridge=bridgeWBBR tagged=bridgeWBBR,ether4-TRUNK untagged=vlan99-tmp vlan-ids=99
/interface list member add interface=vlan25 list=LAN
/interface list member add interface=vlan100-mgmt list=LAN
/interface list member add interface=*7 list=LAN
/interface list member add interface=*8 list=LAN
/interface list member add disabled=yes interface=lo list=LAN
/interface list member add interface=pppoe-netus list=WAN
/interface wifi cap set discovery-interfaces=vlan100-mgmt,bridge slaves-datapath=datapath1 slaves-static=yes
/interface wifi capsman set enabled=yes interfaces=vlan100-mgmt package-path="" require-peer-certificate=no upgrade-policy=none
/interface wifi provisioning add action=create-dynamic-enabled disabled=no master-configuration=cfg-MiT name-format=%I-2G slave-configurations=cfg_IOT supported-bands=2ghz-ax
/interface wifi provisioning add action=create-dynamic-enabled disabled=no master-configuration=cfg-MiT-5G name-format=%I-5G supported-bands=5ghz-ax,5ghz-ac
/interface wifi provisioning add action=create-dynamic-enabled disabled=no master-configuration=cfg-MiT-AC name-format=%I-2G-AC supported-bands=2ghz-g,2ghz-n
/interface wifi provisioning add action=create-dynamic-enabled disabled=no master-configuration=cfg-MiT-5G-AC name-format=%I-5G-AC supported-bands=5ghz-n,5ghz-ac
/ip address add address=192.168.100.1/24 interface=vlan100-mgmt network=192.168.100.0
/ip address add address=192.168.25.1/24 interface=vlan25 network=192.168.25.0
/ip address add address=192.168.99.20/24 interface=vlan99-tmp network=192.168.99.0
/ip dhcp-server network add address=192.168.25.0/24 dns-server=192.168.25.25,8.8.8.8 gateway=192.168.25.1
/ip dns set servers=192.168.25.25,8.8.8.8
/ip firewall filter add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
/ip firewall filter add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
/ip firewall filter add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
/ip firewall filter add action=accept chain=input disabled=yes dst-port=5246,5247 in-interface-list=LAN protocol=udp
/ip firewall filter add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" disabled=yes dst-address=127.0.0.1
/ip firewall filter add action=accept chain=output dst-address=127.0.0.1 port=5246,5247 protocol=udp src-address=127.0.0.1
/ip firewall filter add action=accept chain=input dst-address=127.0.0.1 port=5246,5247 protocol=udp src-address=127.0.0.1
/ip firewall filter add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=WAN
/ip firewall nat add action=masquerade chain=srcnat out-interface=pppoe-netus
/ip firewall service-port set ftp disabled=yes
/ip route add disabled=yes distance=1 dst-address=0.0.0.0/0 gateway=192.168.100.1 pref-src="" routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/ip service set telnet disabled=yes
/ip service set ftp disabled=yes
/ip service set www port=6886
/ip service set ssh disabled=yes
/ip service set api disabled=yes
/ip service set winbox port=13123
/ip service set api-ssl disabled=yes
/system clock set time-zone-name=Europe/Warsaw
/system identity set name=MiT-Router
/system note set show-at-login=no
Code: Select all
# 2024-05-17 10:28:22 by RouterOS 7.14.3
# software id = RX49-I6XM
#
# model = cAPGi-5HaxD2HaxD
# serial number = HFE0913TMCS
/interface bridge add name=bridge port-cost-mode=short vlan-filtering=yes
/interface wifi
# managed by CAPsMAN
# mode: AP, SSID: MiT, channel: 5180/ax/Ceee
set [ find default-name=wifi1 ] configuration.manager=capsman .mode=ap disabled=no
/interface wifi
# managed by CAPsMAN
# mode: AP, SSID: MiT, channel: 2412/ax/Ce
set [ find default-name=wifi2 ] configuration.manager=capsman .mode=ap disabled=no
/interface wifi
# managed by CAPsMAN
# mode: AP, SSID: MiT-IOT
add disabled=no mac-address=7A:9A:18:C9:85:4C master-interface=wifi2 name=wifi3
/interface wifi add disabled=no mac-address=7A:9A:18:C9:85:4B master-interface=wifi2 name=wifi4
/interface vlan add interface=bridge name=vlan25-MiT vlan-id=25
/interface vlan add interface=bridge name=vlan100-mgmt vlan-id=100
/interface bridge port add bridge=bridge interface=ether1 internal-path-cost=10 path-cost=10
/interface bridge port add bridge=bridge interface=wifi1 internal-path-cost=10 path-cost=10 pvid=25
/interface bridge port add bridge=bridge interface=wifi2 internal-path-cost=10 path-cost=10 pvid=25
/ip firewall connection tracking set udp-timeout=10s
/ip neighbor discovery-settings set discover-interface-list=!dynamic
/ipv6 settings set disable-ipv6=yes
/interface bridge vlan add bridge=bridge tagged=bridge,ether1 vlan-ids=100
/interface bridge vlan add bridge=bridge tagged=bridge,ether1 vlan-ids=25
/interface wifi cap set caps-man-addresses=192.168.100.1 discovery-interfaces=vlan100-mgmt enabled=yes slaves-static=yes
/ip address add address=192.168.100.2/24 interface=vlan100-mgmt network=192.168.100.0
/ip dhcp-client add interface=vlan25-MiT
/system clock set time-zone-name=Europe/Warsaw
/system identity set name=MiT-AP
/system note set show-at-login=no
Screen from one CAP
