I am having an issue that I suspect is related to the version. Have two HAP-ac connected to a RB3011. Haps as Caps And rb as capsman. Rb3011 is version 6.38, hap#1 version 6.35 works fine. Hap#2 version 3.39rc upgraded from v3.38 will not register with the manager. Both hap units have the same config with the exception of identity and management ip address.
Any advice would be appreciated
here is my configs
HAP#2 this is my problem child
Code: Select all
# apr/06/2017 19:52:06 by RouterOS 6.39rc62
# software id =
#
/interface bridge
add fast-forward=no name=Br-10_HAP-2
add fast-forward=no name=Br-20_HAP-2
add fast-forward=no name=Br-30_HAP-2
add fast-forward=no name=Br-40_HAP-2
add fast-forward=no name=Br-50_HAP-2
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=20/40mhz-Ce \
default-authentication=no distance=indoors frequency=auto scan-list="" \
ssid="" wireless-protocol=802.11
# managed by CAPsMAN
set [ find default-name=wlan2 ] band=5ghz-a/n/ac channel-width=20/40mhz-Ce \
default-authentication=no distance=indoors frequency=auto ssid="" \
wireless-protocol=802.11
/ip neighbor discovery
set ether1 discover=no
/interface vlan
add interface=ether5 name="vlan10 on Eth-5" vlan-id=10
add interface=ether5 name="vlan20 on Eth-5" vlan-id=20
add interface=ether5 name="vlan30 on Eth-5" vlan-id=30
add interface=ether5 name="vlan40 on Eth-5" vlan-id=40
add interface=ether5 name="vlan50 on Eth-5" vlan-id=50
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/interface bridge port
add bridge=Br-10_HAP-2 interface="vlan10 on Eth-5"
add bridge=Br-20_HAP-2 interface="vlan20 on Eth-5"
add bridge=Br-30_HAP-2 interface="vlan30 on Eth-5"
add bridge=Br-40_HAP-2 interface="vlan40 on Eth-5"
add bridge=Br-50_HAP-2 interface="vlan50 on Eth-5"
add bridge=Br-10_HAP-2 interface=ether5
add bridge=Br-40_HAP-2 interface=ether4
add bridge=Br-30_HAP-2 interface=ether3
add bridge=Br-10_HAP-2 interface=ether1
add bridge=Br-20_HAP-2 interface=ether2
/interface wireless cap
#
set bridge=Br-10_HAP-2 certificate=request discovery-interfaces=ether5 \
enabled=yes interfaces=wlan1,wlan2
/ip address
add address=10.40.30.167/28 interface=Br-10_HAP-2 network=10.40.30.160
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip dns static
add address=192.168.88.1 name=router
/ip route
add distance=1 gateway=Br-10_HAP-2
/system clock
set time-zone-name=America/Phoenix
/system identity
set name=TonyaNet_HAP-2
/system leds
set 1 interface=wlan2
/system package update
set channel=release-candidate
/tool mac-server
set [ find default=yes ] disabled=yes
add
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
addCode: Select all
# apr/06/2017 19:55:08 by RouterOS 6.38.5
# software id =
#
/interface bridge
add name=Br-10
add name=Br-20
add name=Br-30
add name=Br-40
add name=Br-50
/interface ethernet
set [ find default-name=ether1 ] name="ETH-1 WAN Gateway"
set [ find default-name=ether7 ] name="ETH-7 "
set [ find default-name=ether8 ] name=ETH-8
set [ find default-name=ether9 ] name=ETH-9
set [ find default-name=ether10 ] name=ETH-10
set [ find default-name=ether2 ] name="eth-2 Bonded-Interface_Vlan-20"
set [ find default-name=ether3 ] name="eth-3 Bonded-Interface_Vlan-20"
set [ find default-name=ether4 ] name="eth-4 Bonded-interface_Vlan-30"
set [ find default-name=ether5 ] name="eth-5 Bonded-interface_Vlan-30"
set [ find default-name=ether6 ] name="eth-6 Bonded-interface_Vlan-30"
/interface pptp-server
add name=pptp-in1 user=Leroy
/caps-man interface
add disabled=no l2mtu=1600 mac-address=6C:3B:6B:3F:E1:0F master-interface=\
none name=cap1 radio-mac=6C:3B:6B:3F:E1:0F
add disabled=no l2mtu=1600 mac-address=6C:3B:6B:3F:E1:0E master-interface=\
none name=cap2 radio-mac=6C:3B:6B:3F:E1:0E
/ip neighbor discovery
set "ETH-1 WAN Gateway" discover=no
/interface vlan
add interface=Br-10 name="Vlan-10 on Br-10" vlan-id=10
add interface="ETH-7 " name="vlan10 on ETH-7" vlan-id=10
add interface=ETH-8 name="vlan10 on ETH-8" vlan-id=10
add interface=ETH-9 name="vlan10 on ETH-9" vlan-id=10
add interface=ETH-8 name="vlan20 on ETH-8" vlan-id=20
add interface=ETH-9 name="vlan20 on ETH-9" vlan-id=20
add interface=ETH-8 name="vlan30 on ETH-8" vlan-id=30
add interface=ETH-9 name="vlan30 on ETH-9" vlan-id=30
add interface="ETH-7 " name="vlan40 on ETH-7" vlan-id=40
add interface=ETH-8 name="vlan40 on ETH-8" vlan-id=40
add interface=ETH-9 name="vlan40 on ETH-9" vlan-id=40
add interface="ETH-7 " name="vlan50 on ETH-7" vlan-id=50
add interface=ETH-8 name="vlan50 on ETH-8" vlan-id=50
add interface=ETH-9 name="vlan50 on ETH-9" vlan-id=50
/interface bonding
add link-monitoring=none mode=802.3ad name=Bonding-Interface_Vlan-20 slaves=\
"eth-2 Bonded-Interface_Vlan-20,eth-3 Bonded-Interface_Vlan-20"
add link-monitoring=none mode=802.3ad name=Bonding-Interface_Vlan-30 slaves="e\
th-4 Bonded-interface_Vlan-30,eth-5 Bonded-interface_Vlan-30,eth-6 Bonded-\
interface_Vlan-30"
/caps-man datapath
add bridge=Br-20 name=datapath20
add bridge=Br-30 name=datapath30
add bridge=Br-40 name=datapath40
add bridge=Br-50 name=datapath50
/caps-man configuration
add datapath=datapath20 mode=ap name=cfg_Vlan-20 ssid=Vlan-20
add datapath=datapath30 mode=ap name=cfg_Vlan-30 ssid=Vlan-30
add datapath=datapath40 mode=ap name=cfg_Vlan-40 ssid=Vlan-40
add datapath=datapath50 mode=ap name=cfg_Vlan-50 ssid=Vlan-50
/interface vlan
add interface=Bonding-Interface_Vlan-20 name="vlan20 on Bond-20" vlan-id=20
add interface=Bonding-Interface_Vlan-30 name="vlan30 on Bond-30" vlan-id=30
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
add dns-name=www.Tonya_Guest-Net.com hotspot-address=10.40.30.161 \
http-cookie-lifetime=6m login-by=cookie,http-chap,trial name=\
"Tonya Guest Net Service" trial-uptime-limit=2m trial-uptime-reset=0s
/ip hotspot user profile
add add-mac-cookie=no idle-timeout=30m !mac-cookie-timeout name=\
"Guest Profile" on-login="get user data test" on-logout=\
"User Log-in test" session-timeout=1m status-autorefresh=5s \
transparent-proxy=yes
add add-mac-cookie=no !idle-timeout !keepalive-timeout !mac-cookie-timeout \
name="Admin Profile" on-login="get user data test" on-logout=\
"User Log-in test" status-autorefresh=5s transparent-proxy=yes
/ip pool
add name="DHCP Pool Vlan-20" ranges=10.40.20.20-10.40.20.60
add name="DHCP Pool Vlan-30" ranges=10.40.30.20-10.40.30.60
add name="DHCP Pool Vlan-40" ranges=10.40.30.130-10.40.30.158
add name="DHCP Pool Vlan-50" ranges=10.40.30.162-10.40.30.174
add name="DHCP Pool Vlan-10" ranges=10.40.30.170-10.40.30.174
/ip dhcp-server
add address-pool="DHCP Pool Vlan-20" disabled=no interface=Br-20 lease-time=\
1w name="DHCP_Srv Vlan-20"
add address-pool="DHCP Pool Vlan-40" disabled=no interface=Br-40 lease-time=\
1d name="DHCP_Srv Vlan-40"
add address-pool="DHCP Pool Vlan-50" disabled=no interface=Br-50 lease-time=\
2h name="DHCP_Srv Vlan-50"
add address-pool="DHCP Pool Vlan-30" disabled=no interface=Br-30 lease-time=\
1w name="DHCP_Srv Vlan-30"
add address-pool="DHCP Pool Vlan-10" disabled=no interface=Br-10 lease-time=\
30m name="DHCP_Srv Vlan-10"
/ip hotspot
add address-pool="DHCP Pool Vlan-50" disabled=no idle-timeout=none name=\
hotspot1 profile="Tonya Guest Net Service"
/ppp profile
set *0 local-address=10.40.20.1 remote-address=10.40.20.15
add local-address=10.40.20.1 name=profile1 remote-address=10.40.20.15
/user group
add name=LeRoy policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,winb\
ox,password,web,sniff,sensitive,api,romon,dude,tikapp"
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes upgrade-policy=\
suggest-same-version
/interface bridge port
add bridge=Br-10 interface="vlan10 on ETH-7"
add bridge=Br-10 interface="vlan10 on ETH-8"
add bridge=Br-20 interface="vlan20 on Bond-20"
add bridge=Br-20 interface="vlan20 on ETH-8"
add bridge=Br-40 interface="vlan40 on ETH-7"
add bridge=Br-30 interface="vlan30 on ETH-8"
add bridge=Br-40 interface="vlan40 on ETH-8"
add bridge=Br-50 interface="vlan50 on ETH-7"
add bridge=Br-50 interface="vlan50 on ETH-8"
add bridge=Br-30 interface="vlan30 on Bond-30"
add bridge=Br-10 interface=ETH-8
add bridge=Br-10 interface="ETH-7 "
add bridge=Br-10 interface="vlan10 on ETH-9"
add bridge=Br-10 interface=ETH-9
add bridge=Br-10 interface=ETH-10
add bridge=Br-20 interface="vlan20 on ETH-9"
add bridge=Br-30 interface="vlan30 on ETH-9"
add bridge=Br-40 interface="vlan40 on ETH-9"
add bridge=Br-50 interface="vlan50 on ETH-9"
/interface bridge settings
set allow-fast-path=no
/interface pppoe-server server
add default-profile=profile1 disabled=no interface=<l2tp> service-name=\
service1
/interface pptp-server server
set default-profile=default enabled=yes
/ip address
add address=10.40.20.1/26 interface=Br-20 network=10.40.20.0
add address=10.40.30.1/26 interface=Br-30 network=10.40.30.0
add address=10.40.30.129/27 interface=Br-40 network=10.40.30.128
add address=10.40.30.177/29 interface=Br-50 network=10.40.30.176
add address=10.40.30.161/28 interface=Br-10 network=10.40.30.160
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=\
"ETH-1 WAN Gateway"
/ip dhcp-server network
add address=10.40.20.0/26 comment="DHCP for Vlan-20(Main)" dns-server=\
10.40.20.1,8.8.4.4 domain=WORKGROUP gateway=10.40.20.1 netmask=26 \
wins-server=10.40.20.1
add address=10.40.30.0/26 comment="DHCP for Vlan-30(Media)" dns-server=\
10.40.30.1,8.8.4.4 gateway=10.40.30.1 netmask=26
add address=10.40.30.128/27 comment="DHCP for Vlan-40(Mobile)" dns-server=\
10.40.30.129,8.8.4.4 gateway=10.40.30.129 netmask=27
add address=10.40.30.160/28 comment="DHCP for Vlan-10(Management)" \
dns-server=10.40.30.161,8.8.4.4 gateway=10.40.30.161 netmask=28
add address=10.40.30.176/29 comment="DHCP for Vlan-50(Guest)" dns-server=\
10.40.30.176,8.8.4.4 gateway=10.40.30.177 netmask=30
/ip dns
set allow-remote-requests=yes cache-max-ttl=1d servers=8.8.4.4,8.8.8.8
/ip dns static
add address=192.168.88.1 name=router
add address=10.40.20.21 name=LeRoy-Pc
add address=10.40.30.20 name=Laptop
/ip firewall filter
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related
add action=accept chain=input log=yes log-prefix=pptpin protocol=gre
add action=accept chain=input log=yes log-prefix=pptp1723 protocol=tcp \
src-port=1723
add action=drop chain=input comment="defconf: drop all from WAN" \
in-interface="ETH-1 WAN Gateway"
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface="ETH-1 WAN Gateway"
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
"place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="defconf: masquerade" \
out-interface="ETH-1 WAN Gateway"
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=10.40.30.160/28
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=10.40.30.160/28
add action=masquerade chain=srcnat comment="masquerade hotspot network" \
src-address=10.40.30.160/28
/ip hotspot user
add name=admin profile="Admin Profile"
add name=Guest profile="Guest Profile" server=hotspot1
/ip service
set www-ssl disabled=no
/ip upnp
set enabled=yes
/ip upnp interfaces
add interface=Bonding-Interface_Vlan-20 type=internal
add forced-ip=10.40.20.19 interface=Bonding-Interface_Vlan-30 type=external
/ppp secret
add local-address=10.40.20.1 name=Leroy remote-address=10.40.20.15
/system clock
set time-zone-name=America/Phoenix
/system identity
set name=TonyaNet_R1
/system ntp client
set enabled=yes
/system script
add name="User Log-in test" owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
beep
add name=script1 owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=":\
global mac;\r\
\n\r\
\n/ip hotspot\r\
\n{\r\
\n : foreach i in=[ active find where user =admin] do= {\r\
\n :set mac [active get \$i \"mac-address\"]\r\
\n [/system script run 2]\r\
\n :log info \"Script 1 ran\"\r\
\n}}\r\
\n \r\
\n"
add name=script2 owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
":global mac\r\
\n\r\
\n:log info \"User MAC address is \$mac\""
add name=script3 owner=admin policy=\
ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
beep
/tool mac-server
set [ find default=yes ] disabled=yes
add
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add
/user aaa
set default-group=LeRoy
Working HAP#1
Code: Select all
# jan/02/1970 01:02:23 by RouterOS 6.34.2
# software id =
/interface bridge
add name=Br-10_H1
add name=Br-20_H1
add name=Br-30_H1
add name=Br-40_H1
add name=Br-50_H1
/interface wireless
# managed by CAPsMAN
# channel: 2427/20-Ce/gn(30dBm), SSID: , CAPsMAN forwarding
set [ find default-name=wlan1 ] ssid=MikroTik
# managed by CAPsMAN
# channel: 5260/20-Ceee/ac(23dBm), SSID: , CAPsMAN forwarding
set [ find default-name=wlan2 ] ssid=MikroTik
/interface vlan
add interface=ether5 name="vlan10 on Eth-5" vlan-id=10
add interface=ether5 name="vlan20 on Eth-5" vlan-id=20
add interface=ether5 name="vlan30 on Eth-5" vlan-id=30
add interface=ether5 name="vlan40 on Eth-5" vlan-id=40
add interface=ether5 name="vlan50 on Eth-5" vlan-id=50
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=Br-20_H1 interface=ether2
add bridge=Br-20_H1 interface="vlan20 on Eth-5"
add bridge=Br-30_H1 interface="vlan30 on Eth-5"
add bridge=Br-40_H1 interface="vlan40 on Eth-5"
add bridge=Br-50_H1 interface="vlan50 on Eth-5"
add bridge=Br-30_H1 interface=ether3
add bridge=Br-40_H1 interface=ether4
add bridge=Br-10_H1 interface=ether5
add bridge=Br-10_H1 interface="vlan10 on Eth-5"
/interface wireless cap
set bridge=Br-10_H1 certificate=request discovery-interfaces=ether5 enabled=\
yes interfaces=wlan1,wlan2
/ip address
add address=10.40.30.166/28 interface=Br-10_H1 network=10.40.30.160
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/system identity
set name=TonyaNet_HAP-1
/system leds
set 1 interface=wlan2
/system routerboard settings
set cpu-frequency=720MHz protected-routerboot=disabled