Jump to content
  • 0

CAPsMAN с Vlan на ROS7


DuMbh3aD

Въпрос

Здравейте,

Може ли малко помощ?

Клиентските устройства се закачат и към 2-те мрежи, но след 36 секунди се разкачат

 

# 2024-10-13 13:16:20 by RouterOS 7.16
# software id = 83B0-35IU
#
# model = L009UiGS

/interface bridge
add admin-mac=8E:25:5B:11:40:4B auto-mac=no name=bridge1 vlan-filtering=yes
/interface vlan
add interface=bridge1 name=vlan71 vlan-id=71
add interface=bridge1 name=vlan99 vlan-id=99
add interface=bridge1 name=vlan100 vlan-id=100
/caps-man datapath
add bridge=bridge1 name=datapath71 vlan-id=71
add bridge=bridge1 name=datapath100 vlan-id=100
/caps-man security
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm group-encryption=aes-ccm name=security71
add authentication-types=wpa-psk,wpa2-psk encryption=aes-ccm group-encryption=aes-ccm name=security100
/caps-man configuration
add channel=channel-2.4-G/N country=bulgaria datapath=datapath71 mode=ap name=cfg71-2.4 security=security71 ssid=XXXXX
add channel=channel-2.4-G/N country=bulgaria datapath=datapath100 mode=ap name=cfg100-2.4 security=security100 ssid=YYYYY
add channel=channel-5-N/AC country=bulgaria datapath=datapath71 mode=ap name=cfg71-5 security=security71 ssid=XXXXX
add channel=channel-5-N/AC country=bulgaria datapath=datapath100 mode=ap name=cfg100-5 security=security100 ssid=YYYYY
/interface wifi channel
add band=2ghz-ax disabled=no frequency=2412,2437,2462,2484 name=channel-2.4-AX width=20mhz
add band=2ghz-n disabled=no frequency=2412,2437,2462 name=channel-2.4-N width=20mhz
add band=5ghz-ax disabled=no name=channel-5-AX width=20/40/80mhz
add band=5ghz-ac disabled=no name=channel-5-AC width=20/40mhz
/interface wifi datapath
add bridge=bridge1 disabled=no name=datapath71 vlan-id=71
add bridge=bridge1 client-isolation=yes disabled=no name=datapath100 vlan-id=100
/interface wifi security
add authentication-types=wpa-psk,wpa2-psk disabled=no ft=yes ft-over-ds=yes group-encryption=ccmp name=sec71
add authentication-types=wpa-psk,wpa2-psk disabled=no ft=yes ft-over-ds=yes group-encryption=ccmp name=sec100
/interface wifi configuration
add channel=channel-5-AX country=Bulgaria datapath=datapath71 disabled=no mode=ap name=cfg71-5-ax security=sec71 ssid=XXXXX
add channel=channel-5-AC country=Bulgaria datapath=datapath71 disabled=no mode=ap name=cfg71-5-ac security=sec71 ssid=XXXXX
add channel=channel-2.4-AX country=Bulgaria datapath=datapath71 disabled=no mode=ap name=cfg71-2.4-ax security=sec71 ssid=XXXXX
add channel=channel-2.4-N country=Bulgaria datapath=datapath71 disabled=no mode=ap name=cfg71-2.4-n security=sec71 ssid=XXXXX
add channel=channel-5-AX country=Bulgaria datapath=datapath100 disabled=no mode=ap name=cfg100-5-ax security=sec100 ssid=YYYYY
add channel=channel-5-AC country=Bulgaria datapath=datapath100 disabled=no mode=ap name=cfg100-5-ac security=sec100 ssid=YYYYY
add channel=channel-2.4-AX country=Bulgaria datapath=datapath100 disabled=no mode=ap name=cfg100-2.4-ax security=sec100 ssid=YYYYY
add channel=channel-2.4-N country=Bulgaria datapath=datapath100 disabled=no mode=ap name=cfg100-2.4-n security=sec100 ssid=YYYYY
/ip pool
add name=dhcp_pool71 ranges=192.168.71.120-192.168.71.254
add name=dhcp_pool1 ranges=192.168.1.100-192.168.1.254
add name=dhcp_pool99 ranges=192.168.99.2-192.168.99.254
/ip dhcp-server
add address-pool=dhcp_pool71 interface=vlan71 name=dhcp71
add address-pool=dhcp_pool1 interface=vlan100 name=dhcp1
add address-pool=dhcp_pool99 interface=vlan99 name=dhcp99
/interface bridge port
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=ether3-MGMT pvid=99
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether8
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp1
/interface bridge vlan
add bridge=bridge1 tagged=sfp1,ether8,bridge1 vlan-ids=71
add bridge=bridge1 tagged=sfp1,ether8,bridge1 vlan-ids=100
add bridge=bridge1 tagged=sfp1,ether8,bridge1 vlan-ids=99
/interface wifi capsman
set ca-certificate=auto certificate=auto enabled=yes interfaces=vlan99 package-path="" require-peer-certificate=yes upgrade-policy=none
/interface wifi provisioning
add action=create-dynamic-enabled disabled=no master-configuration=cfg71-5-ax slave-configurations=cfg100-5-ax supported-bands=5ghz-ax
add action=create-dynamic-enabled disabled=no master-configuration=cfg71-5-ac slave-configurations=cfg100-5-ac supported-bands=5ghz-ac
add action=create-dynamic-enabled disabled=no master-configuration=cfg71-2.4-ax slave-configurations=cfg100-2.4-ax supported-bands=2ghz-ax
add action=create-dynamic-enabled disabled=no master-configuration=cfg71-2.4-n slave-configurations=cfg100-2.4-n supported-bands=2ghz-n
/ip address
add address=192.168.71.1/24 interface=vlan71 network=192.168.71.0
add address=192.168.1.1/24 interface=vlan100 network=192.168.1.0
add address=192.168.99.1/24 interface=vlan99 network=192.168.99.0
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1
add address=192.168.71.0/24 dns-server=192.168.71.1 gateway=192.168.71.1
add address=192.168.99.0/24 dns-server=192.168.99.1 gateway=192.168.99.1

 

# 2024-10-13 13:16:38 by RouterOS 7.16.1
# software id = L5UX-7379
#
# model = L22UGS-5HaxD2HaxD

/interface bridge
add auto-mac=no name=bridge1 vlan-filtering=yes
/interface wifi
set [ find default-name=wifi1 ] configuration.manager=capsman .mode=ap disabled=no name=wifi-2.4GHz
add configuration.mode=ap disabled=no master-interface=wifi-2.4GHz name=wifi-2.4GHz-Sl
set [ find default-name=wifi2 ] configuration.manager=capsman .mode=ap disabled=no name=wifi-5GHz
add configuration.mode=ap disabled=no master-interface=wifi-5GHz name=wifi-5GHz-Sl
/interface vlan
add interface=bridge1 name=vlan99 vlan-id=99
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp1
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=wifi-2.4GHz-Sl pvid=100
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=wifi-5GHz-Sl pvid=100
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=wifi-2.4GHz pvid=71
add bridge=bridge1 frame-types=admit-only-untagged-and-priority-tagged interface=wifi-5GHz pvid=71
/interface bridge vlan
add bridge=bridge1 tagged=ether1,sfp1 vlan-ids=71
add bridge=bridge1 tagged=ether1,sfp1,bridge1 vlan-ids=99
add bridge=bridge1 tagged=ether1,sfp1 vlan-ids=100
/interface wifi cap
set certificate=request discovery-interfaces=vlan99 enabled=yes slaves-static=yes
/ip dhcp-client
add interface=vlan99

 

 13:31:00 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 13:31:36 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -60
 13:31:58 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 13:32:34 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -61
 13:32:36 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -61
 13:33:13 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -61
 13:33:15 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 13:33:51 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -63
 13:34:13 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 13:34:49 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -63
 13:58:10 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 13:58:46 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -60
 13:59:08 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 13:59:44 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -62
 14:00:07 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 14:00:43 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -61
 14:00:45 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -61
 14:01:21 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -60
 14:01:23 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 connected, signal strength -59
 14:01:59 wireless,info xx:xx:xx:xx:xx:xx@cap-wifi2 disconnected, connection lost, signal strength -60

 

Адрес на коментара
Сподели в други сайтове

3 отговори на този въпрос

Recommended Posts

  • 0

промени си Group Key на поне 1 час, ако не и повече

group-key-update=1h

Преди е имало този бъг:

if you set the group-key-update timer to 1:00:00 (1 Hour) on versions 6.43.7 and older the group-key is updated every 36 seconds instead of 3600

 

3sec.jpeg

Редактирано от hgd
Адрес на коментара
Сподели в други сайтове

  • 0

Малко късно виждам, но може да е полезно на някой. В Datapath на capsman-a използвай vlan-mode=use tag

/caps-man datapath
add bridge=bridge1 name=datapath1-vlan40 vlan-id=40 vlan-mode=use-tag

 

Адрес на коментара
Сподели в други сайтове

Създайте нов акаунт или се впишете, за да коментирате

За да коментирате, трябва да имате регистрация

Създайте акаунт

Присъединете се към нашата общност. Регистрацията става бързо!

Регистрация на нов акаунт

Вход

Имате акаунт? Впишете се оттук.

Вписване
  • Потребители разглеждащи страницата   0 потребители

    • No registered users viewing this page.
×
×
  • Създай нов...

Important Information

By using this site, you agree to our Terms of Use.