Page 1 of 1
Omnitk-CPE problem solving
Posted: Fri Oct 12, 2012 2:45 pm
by utocava
Hi,
I have a PtP coming down to the office with 2 Ubnt grids. ( file attached).
On the office an AP OMnitik , Bulding 1. Building 2 is connected with a CPE to AP Office.
I must give connection to building 4,which is much lower than building 3 that shades.
My question is :
Do I need to put an Omnitik on build 3 to get to bullding 4?
If yes, what mode ? (ap bridge,bridge,station,station bridge,station WDS , wds slave .etc...)?
Distance Build 1 to build 3 is 100meters.
thank you
Re: Omnitk-CPE problem solving
Posted: Sat Oct 13, 2012 2:13 am
by samsung172
If its needed, you just have to try.
In your setup, omintik on nr3 should be AP-bridge, wdsmode dynamic, default bridge bridge. If connecting to another AP, same SSID and freq (building 1). Client have to be station wds, and connect to the ssid.
You may get unwanted roaming, so better take the mac address of CPE, and say connect = no at AP1.
Re: Omnitk-CPE problem solving
Posted: Sat Oct 13, 2012 7:49 am
by utocava
Takk så mye buddy!
I will try with as you said.
But how can I have unwanted roaming if each cpe client is configured to be only conmected to an AP?
Jeg bødde i Norge i 3 år. Best time of ny Life
Cheers
Re: Omnitk-CPE problem solving
Posted: Sat Oct 13, 2012 12:04 pm
by samsung172
It can roame between the 2 AP's with same ssid and same freq.
. They need it to connect to echother, but if you also want a cpe to the AP, it could use both AP's. the client have config to a ssid an a freq. If two AP's have the same, its possible to roame. I sometimes have to do like this if i get a problem in a tower, a radion dead etc. All my sites have Link 5ghz, and 2,4Ghz omni. If link goes dead, i can temporarily link by 2.4.
But use access list on AP, and it should be ok.
Re: Omnitk-CPE problem solving
Posted: Mon Oct 15, 2012 8:44 am
by utocava
takk sa mye.
If I send you the conf of Ap1, with an extract from terminal, can you help me to change the parameters to upload on Ap2 and Ap3 , if i don't ask too much?
ha en fin dag.
Ugo
Re: Omnitk-CPE problem solving
Posted: Tue Oct 16, 2012 8:36 pm
by samsung172
should be possibe.
Re: Omnitk-CPE problem solving
Posted: Wed Oct 17, 2012 12:10 am
by utocava
this is AP1 - export compact.
Could you help me to modify it , in 2 separate files , to a new AP2 and to the AP3 wds bridge?
thanks
Re: Omnitk-CPE problem solving
Posted: Fri Oct 19, 2012 1:52 am
by samsung172
this is AP1 - export compact.
Could you help me to modify it , in 2 separate files , to a new AP2 and to the AP3 wds bridge?
thanks
AP1 :
/interface bridge add name=pppoe_bridge
/interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk,wpa-eap,wpa2-eap group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=profile1 supplicant-identity="" unicast-ciphers=tkip,aes-ccm wpa-pre-shared-key=Z2llumHHH1n6d1mm3mz0 wpa2-pre-shared-key=Z2llumHHH1n6d1mm3mz0
/interface wireless set 0 country=italy disabled=no frequency=5520 frequency-mode=regulatory-domain ht-rxchains=0,1 ht-txchains=0,1 mode=ap-bridge nv2-preshared-key=883KLaaa4OP777dKr*qZhdfC nv2-security=enabled radio-name=AP_2_3 security-profile=profile1 ssid=AP_utocava-S.Anna tx-power=30 tx-power-mode=card-rates wireless-protocol=nv2 wds-mode=dynamic wds-default-bridge=pppoe_bridge
/ip hotspot user profile set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ppp profile add dns-server=8.8.8.8,172.18.4.1 idle-timeout=30m name=pppoe-profile remote-address=poolAP1
/interface bridge port
add bridge=pppoe_bridge interface=ether2
add bridge=pppoe_bridge interface=wlan1
add bridge=pppoe_bridge interface=ether3
/ip dns set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip neighbor discovery set wlan1 disabled=yes
/ip service set api disabled=no
/ppp aaa set use-radius=yes
/radius add address=192.168.88.253 secret=3a29KKllIIert service=ppp timeout=4s
/radius incoming set accept=yes
/snmp set contact=info@connectivia.it enabled=yes location=AP1utocava trap-community=public
/system clock set time-zone-name=Europe/Rome
/system identity set name=AP_utocava2
/system logging add topics=pppoe add topics=ppp add topics=wireless add disabled=yes topics=debug
/system ntp client set enabled=yes mode=unicast primary-ntp=193.204.114.233 secondary-ntp=193.204.114.232
AP2:
/interface bridge add name=pppoe_bridge
/interface wireless security-profiles set [ find default=yes ] supplicant-identity=MikroTik add authentication-types=wpa-psk,wpa2-psk,wpa-eap,wpa2-eap group-ciphers=tkip,aes-ccm management-protection=allowed mode=dynamic-keys name=profile1 supplicant-identity="" unicast-ciphers=tkip,aes-ccm wpa-pre-shared-key=Z2llumHHH1n6d1mm3mz0 wpa2-pre-shared-key=Z2llumHHH1n6d1mm3mz0
/interface wireless set 0 country=italy disabled=no frequency=5520 frequency-mode=regulatory-domain ht-rxchains=0,1 ht-txchains=0,1 mode=ap-bridge nv2-preshared-key=883KLaaa4OP777dKr*qZhdfC nv2-security=enabled radio-name=AP_2_3 security-profile=profile1 ssid=AP_utocava-S.Anna tx-power=30 tx-power-mode=card-rates wireless-protocol=nv2 wds-mode=dynamic wds-default-bridge=pppoe_bridge
/ip hotspot user profile set [ find default=yes ] idle-timeout=none keepalive-timeout=2m
/ppp profile add dns-server=8.8.8.8,172.18.4.1 idle-timeout=30m name=pppoe-profile remote-address=poolAP1
/interface bridge port
add bridge=pppoe_bridge interface=ether2
add bridge=pppoe_bridge interface=wlan1
add bridge=pppoe_bridge interface=ether3
/ip dns set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip neighbor discovery set wlan1 disabled=yes
/ip service set api disabled=no
/ppp aaa set use-radius=yes
/radius add address=192.168.88.253 secret=3a29KKllIIert service=ppp timeout=4s
/radius incoming set accept=yes
/snmp set contact=info@connectivia.it enabled=yes location=AP1utocava trap-community=public
/system clock set time-zone-name=Europe/Rome
/system identity set name=AP_utocava3
/system logging add topics=pppoe add topics=ppp add topics=wireless add disabled=yes topics=debug
/system ntp client set enabled=yes mode=unicast primary-ntp=193.204.114.233 secondary-ntp=193.204.114.232
Not tested, but should work. some thnigs i would do different, but yo do as you want.
you should change frequency to something better (just keep same at both)
I removed IP's, since i have no clue what address you need/have
Re: Omnitk-CPE problem solving
Posted: Fri Oct 19, 2012 8:34 am
by utocava
Not tested, but should work. some thnigs i would do different, but yo do as you want. you should change frequency to something better (just keep same at both)
Thank you.
What would you improve and do better for example?am beginner...
What is a better frequency?
Takk
Re: Omnitk-CPE problem solving
Posted: Fri Oct 19, 2012 7:43 pm
by samsung172
you should scan. and se whats best.
Well. i would not force 30db. i would use static key to security, and have a lot more dynamic settings in first place. And rather use more spesific, if troble.
to get thing to work:
make a bridge.
have all default, just enable AP, and set wds mode to dynamic, and same freq. Default wds-bridge name of the bridge. Let all ather be default. After connected etc, put more spesific config to device.
Re: Omnitk-CPE problem solving
Posted: Sat Oct 20, 2012 5:05 pm
by utocava
i created a file with your conf ,and did import file-name
does not work...
Re: Omnitk-CPE problem solving
Posted: Sat Oct 20, 2012 6:05 pm
by samsung172
paste it to cli.
Re: Omnitk-CPE problem solving
Posted: Sun Oct 21, 2012 11:29 am
by utocava
ok thanks.
here is the export compact, the export normal and the backup of AP bulding one.
Now I need to conf Ap2 on build 3 ,in order to bridge to customer on build 4.
thanks
Re: Omnitk-CPE problem solving
Posted: Sun Oct 21, 2012 11:32 am
by utocava
sorry i forgot to attach.
here it is
Re: Omnitk-CPE problem solving
Posted: Sun Oct 21, 2012 10:28 pm
by samsung172
hmmm. My config was to AP 2 and 3.
Re: Omnitk-CPE problem solving
Posted: Sun Oct 21, 2012 10:49 pm
by utocava
did not work either, missing some syntax error i guess.
can you please modify it as repeater ,or AP bridge wds and send it to me?
thanks
Re: Omnitk-CPE problem solving
Posted: Mon Oct 22, 2012 12:33 pm
by utocava
hi.did you have the time to create the wds repeater conf for me?
thanks
Re: Omnitk-CPE problem solving
Posted: Sat Oct 27, 2012 8:48 am
by utocava
could you manage?
Re: Omnitk-CPE problem solving
Posted: Sat Oct 27, 2012 1:54 pm
by samsung172
Sorry. not been reading here.
a simple config:
AP1
ros code
:global ifwepcode dd3b028168e282034509f7970d795bf6
:global pkg [ :toarray "advanced-tools,ppp,routerboard,security,system,wireless" ]
/system identety set name="AP1"
/ system package {
:foreach p in=$pkg do={ :if ( [ find name=$p ] = "" ) do={ :put "required package missing: $p"; :delay 500ms } };
:foreach p in=[ find ] do={ :if ( [ :typeof [ :find ( $pkg + "routeros-x86" + "routeros-mipsbe" + "routeros-mipsle" + "routeros-ppc" ) [ get $p name ] ] ] = "num" ) do={ enable $p } else={ disable $p } }
:foreach p in=[ find ] do={ :if ( [ :len [ :tostr [ get $p scheduled ] ] ] > 0 ) do={ :put ( "packages scheduled, must reboot" ) } }
}
/ interface wireless security-profiles { :foreach x in=[ find ] do={ :if ( $x != "*0" ) do={ remove $x } }; set default mode=static-keys-required static-key-0=$ifwepcode static-sta-private-key=$ifwepcode static-transmit-key=key-0 group-ciphers="" wpa-pre-shared-key="" wpa2-pre-shared-key="" tls-mode=no-certificates tls-certificate=none static-algo-1=none static-key-1="" authentication-types="" unicast-ciphers="" static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" radius-mac-authentication=no group-key-update=5m; add name=none mode=none }
/ interface bridge {
:foreach x in=[ filter find ] do={ filter remove $x };
:foreach x in=[ port find dynamic=no ] do={ port remove $x };
:foreach x in=[ find ] do={ remove $x }
add name=bridge ageing-time=30m disabled=no
filter add chain=forward mac-protocol=ip ip-protocol=udp dst-address=255.255.255.255/32 comment="[udp], broadcast"
filter add chain=forward action=drop comment=default
:foreach i in=[ .. ethernet find ] do={ port add interface=$i bridge=bridge disabled=no }
:foreach i in=[ .. wireless find ] do={ port add interface=$i bridge=bridge disabled=yes }
}
/interface wireless set 0 ssid=ssid mode=ap-bridge wds-mode=dynamic wds-default-bridge=bridge frequency=5500 frequency-mode=superchannel band=5ghz-onlyn preamble-mode=long default-forwarding=no default-authentication=yes channel-width=20/40mhz-ht-above wireless-protocol=nv2 name=AP1
/ip dhcp-client add interface=bridge disabled=no
AP2
ros code
:global ifwepcode dd3b028168e282034509f7970d795bf6
:global pkg [ :toarray "advanced-tools,ppp,routerboard,security,system,wireless" ]
/system identety set name="AP2"
/ system package {
:foreach p in=$pkg do={ :if ( [ find name=$p ] = "" ) do={ :put "required package missing: $p"; :delay 500ms } };
:foreach p in=[ find ] do={ :if ( [ :typeof [ :find ( $pkg + "routeros-x86" + "routeros-mipsbe" + "routeros-mipsle" + "routeros-ppc" ) [ get $p name ] ] ] = "num" ) do={ enable $p } else={ disable $p } }
:foreach p in=[ find ] do={ :if ( [ :len [ :tostr [ get $p scheduled ] ] ] > 0 ) do={ :put ( "packages scheduled, must reboot" ) } }
}
/ interface wireless security-profiles { :foreach x in=[ find ] do={ :if ( $x != "*0" ) do={ remove $x } }; set default mode=static-keys-required static-key-0=$ifwepcode static-sta-private-key=$ifwepcode static-transmit-key=key-0 group-ciphers="" wpa-pre-shared-key="" wpa2-pre-shared-key="" tls-mode=no-certificates tls-certificate=none static-algo-1=none static-key-1="" authentication-types="" unicast-ciphers="" static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" radius-mac-authentication=no group-key-update=5m; add name=none mode=none }
/ interface bridge {
:foreach x in=[ filter find ] do={ filter remove $x };
:foreach x in=[ port find dynamic=no ] do={ port remove $x };
:foreach x in=[ find ] do={ remove $x }
add name=bridge ageing-time=30m disabled=no
filter add chain=forward mac-protocol=ip ip-protocol=udp dst-address=255.255.255.255/32 comment="[udp], broadcast"
filter add chain=forward action=drop comment=default
:foreach i in=[ .. ethernet find ] do={ port add interface=$i bridge=bridge disabled=no }
:foreach i in=[ .. wireless find ] do={ port add interface=$i bridge=bridge disabled=yes }
}
/interface wireless set 0 ssid=ssid mode=ap-bridge wds-mode=dynamic wds-default-bridge=bridge frequency=5500 frequency-mode=superchannel band=5ghz-onlyn preamble-mode=long default-forwarding=no default-authentication=yes channel-width=20/40mhz-ht-above wireless-protocol=nv2 name=AP1
/ip dhcp-client add interface=bridge disabled=no
This will make your unit a transparent bridge, with filter.
It will get IP from dhcp (i have no clue how you put your ip, pppoe?)
not tested. Try it.
