Hello!
I have 2 hAp ac lite devices. I want to manage wireless network via CapsMan.
One of them (HAP1) has almost default "Home AP" configuration and CapsMan is configured and enabled. The second HAP2 is connected to HAP1 via wire and configured as CAP. It receives all the configuration and managed by CapsMan on HAP1.
When i enable CAP mode (via wirelss menu) on HAP1 it receives the configuration but in few second it falls out of CapsMan and following messages are appeared in Log:
https://www.dropbox.com/s/fztg8993zib63fi/1.png?dl=0
I used to configure CapsMan on both of these devices before and everything was fine. But after some testing I hard-reseted HAP1 back to default configuration.
Can someone explain what is the problem why cannot CapsMan istalled on the device manage itself?
Re: CapsMan Cap cannot connect
I have moved CapsMan with same config to HAP2 (the one that served as simple access point) and this time both access points grabbed CapsMan configuration and appeared online.
If i disable Capsman on HAP2 and re-enable on HAP1, HAP2 connects as access point. But HAP1 doesnt connect to itself, i can see that the interface is managed by capsman, but it doesnt go online and there are no errors in log.
If i disable Capsman on HAP2 and re-enable on HAP1, HAP2 connects as access point. But HAP1 doesnt connect to itself, i can see that the interface is managed by capsman, but it doesnt go online and there are no errors in log.
Re: CapsMan Cap cannot connect
I have noticed that if i do not specify CAPsMAN ip address on HAP1 upon configuring CAP mode (besides having set discovery interfaces to main bridge), HAP1 cannot even find CAPsMAN server. If i specify it can locate it and error events as mentioned in the first post start appearing in the log.
Re: CapsMan Cap cannot connect
I have tried to disable all firewall rules (default rules created by "Home AP Dual" configuration) and HAP1 started to discover CAPsMAN server and manage its wireless interfaces. The firmware is the latest 6.40.2 on both HAP1 and HAP2.
I have also tried to reset configuration on HAP1 and re-enable CAPsMAN of fresh default configuration - it still cannot find manage its wireless interfaces.
Below are the rules, that i have in my firewall:
Are there any special rules that i need to create for CAPsMAN?
I have also tried to reset configuration on HAP1 and re-enable CAPsMAN of fresh default configuration - it still cannot find manage its wireless interfaces.
Below are the rules, that i have in my firewall:
Code: Select all
# aug/27/2017 10:21:23 by RouterOS 6.40.1
# software id = 2PNJ-7RK4
#
# model = RouterBOARD 952Ui-5ac2nD
# serial number = 1234567890
/ip firewall filter
add action=accept chain=input comment="VPN Traffic" dst-port=1701 protocol=\
udp
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
add action=masquerade chain=srcnat disabled=yes out-interface=all-ppp
add action=dst-nat chain=dstnat dst-port=9091 log-prefix=OMV_Torrent_ \
protocol=tcp to-addresses=192.168.0.115 to-ports=9091
add action=dst-nat chain=dstnat dst-address=1.1.1.1 dst-port=5001 \
in-interface-list=WAN protocol=tcp to-addresses=\
192.168.0.110 to-ports=5001