bookmark_borderConfiguration: MikroTik routerOS 7 wifiwave2 and CAPsMan

This short blog post shows the configuration needed to use wifiwave2 CAPsManager with multiple APs and multiple networks.

MikroTik removed “capsman forwarding” in wifiwave2 package thus the only option to seperate multiple networks from each other is using VLANs and local forwarding.

CAPsManager configuration:

/interface wifiwave2 configuration
add country=Germany datapath.client-isolation=no name=cap-master-2ghz security.authentication-types=wpa2-psk,wpa3-psk  .passphrase="1234567890" ssid=SSID-TEST
add country=Germany datapath.client-isolation=no name=cap-master-5ghz security.authentication-types=wpa2-psk,wpa3-psk  .passphrase="1234567890" ssid=SSID-TEST
add datapath.client-isolation=yes .vlan-id=99 name=cap-slave-guest security.authentication-types=wpa2-psk,wpa3-psk .passphrase="0987654321" ssid=SSID-TEST-GUEST
/interface wifiwave2
add configuration=cap-master-5ghz disabled=no name=cap-wifi1
add configuration=cap-master-2ghz disabled=no name=cap-wifi2
add configuration=cap-slave-guest disabled=no mac-address=4A:A9:8A:5C:B7:88 master-interface=cap-wifi1 name=cap-wifi3
add configuration=cap-slave-guest disabled=no mac-address=4A:A9:8A:5C:B7:89 master-interface=cap-wifi2 name=cap-wifi4

/interface wifiwave2 capsman
set enabled=yes interfaces=switch

/interface wifiwave2 provisioning
add action=create-enabled comment="hap ax2 01 2ghz" master-configuration=cap-master-2ghz radio-mac=48:A9:8A:5C:B7:89 slave-configurations=cap-slave-guest
add action=create-enabled comment="hap ax2 01 5ghz" master-configuration=cap-master-5ghz radio-mac=48:A9:8A:5C:B7:88 slave-configurations=cap-slave-guest
add action=create-disabled comment="create default disabled"

CAP configuration (hap ax²):

/interface wifiwave2
# managed by CAPsMAN
# mode: AP, SSID: SSID-TEST, channel: 5500/ax/Ceee
set [ find default-name=wifi1 ] configuration.manager=capsman datapath.bridge=switch disabled=no
# managed by CAPsMAN
# mode: AP, SSID: SSID-TEST, channel: 2462/ax/eC
set [ find default-name=wifi2 ] configuration.manager=capsman datapath.bridge=switch disabled=no
/interface wifiwave2 cap
set caps-man-addresses= certificate=request enabled=yes slaves-datapath=datapath-slave slaves-static=no
/interface wifiwave2 datapath
add bridge=switch name=datapath-slave

The most important part is to configure the CAP to use the bridge for default wifi (via ‘/interface wifiwave2 set 0,1 datapath.bridge=switch’) and CAPsManager config (via ‘/interface wifiwave2 set 0,1 configuration.manager=capsman’).

If you need additional wifi networks, e.g. for guests you also need to specify the datapath bridge (‘/interface wifiwave2 datapath add bridge=switch name=datapath-slave’) and add this datapath to your cap config (‘/interface wifiwave2 cap set caps-man-addresses= certificate=request enabled=yes slaves-datapath=datapath-slave slaves-static=no’). The vlan-id will be not visible on the CAP (at time of writing: routerOS 7.7) but is taken from CAPsManager configuration for the slave network(s).

A more detailed blog post is following soon!

bookmark_borderHowto install extra-packages in MikroTik routerOS 7

MikroTiks routerOS 7.xx has additional packages (e.g. wireless wifiwave2) that can be installed. This short blog post describes the process to add the packages.

First you need to download the packages from MikroTiks Download page. You need to download the appropriate package for your devices architecture. In my case I am using a RB4011 running routerOS 7.7. In this case I need to look at column ‘7.7 stable’ and row ‘ARM’.

If you don’t know the architecture of your device, there are several ways to find out:

  • Check ‘/system resource print’ in Winbox or CLI and check the ‘cpu’ field
  • Open MikroTiks product matrix and search for your device

After you have downloaded the correct file, open the zip archive and extract the package you want to install. Next, the unzipped file must be uploaded to the router. Either upload it via Winbox or CLI (e.g. scp or ftp) to your device. After the file has been uploaded, just reboot your device.

After the devices has been rebooted, the package is installed automatically. You can check this via ‘/system package print’ in CLI or Winbox as well as the routers log:

[admin@rtr-01] > /log pr
 12:27:10 system,info installed wifiwave2-7.7
 12:27:10 system,info router rebooted

Thats all – you are done and the package has been installed!