Hi Forum,

I'm trying to set up my first CAPsMAN network, and having issue that isn't a big issue but I'd like to fix.

The setup is basically:

RB1100AHx4 -> CRS328 -> cAP's

The RB1100AHx4 is the CAPsMAN and also main router, so I want CAPsMAN forwarding so all traffic comes to this router, and dont want possibility of traffic between clients / other APs in the switch.

RB1100AHx4 has 2 VLANS:

VLANID 10 - Management
VLANID 20 - Customers

Both VLANs are TAGGED to CRS328, then the ports that the cAPs are on are untagged VLAN 10, and tagged VLAN 20. CAPsMAN runs on vlan 10 for provisioning, and the datapath I have setup is as follows:
on the cAP's the wireless interface and ether1 are in the same bridge.

What I am seeing - if I leave local-forwarding off, then connected clients never see DHCP server running on VLAN 20. When I turn local-forwarding on, it does use the VLAN tag and hit the DHCP server, but then it seems clients have the potential to talk to each other without traffic hitting the RB1100AHx4, which is not what I want.

What am i missing to make sure all customer traffic hits RB1100AHx4 in the vlan id 20?

Not sure if you got this working or not. But I run a trunk port to my caps. The capsman throws out 4 sids one for each of my vlans. On the cap, I have a very basic config, Single bridge, and 4 vlan interfaces. Ip for management vlan is on the management vlan interface.

In capsman, I have a data path setup which tags the correct vlan for the traffic for wifi network its throwing out, and set it to add the interfaces to the bridge on the cap.

Local forwarding seems to work ok for me in this setup.

Chris