Indice   FAQ  
Iscriviti  Login
Indice RouterOS RouterOS

Configurazione CapsMan

Tutto su questo sistema operativo linux based - Configurazioni, dubbi, problematiche &....

Configurazione CapsMan

Messaggioda Nowayout » mer 2 ott 2019, 15:53

Buonasera

Stò configurando un capsman, partendo da rb941, passando per un rb750 andando a finire in un altro rb941, dopo aver configurato la lan e attivato il tutto per il CAP, ma non sale il link e quindi non riesco ad avere il wifi, ho attivato il cap, impostato il provisioning, il canale e il datapath, ma non c'è verso di avere il wifi allego il codice estratto tramite notepad
Codice: Seleziona tutto
/caps-man channel
add band=2ghz-b/g/n frequency=2412 name=channel1
add band=2ghz-b/g/n frequency=2437 name=channel2
/interface bridge
add name=bridge_CAP
/interface wireless
# managed by CAPsMAN
set [ find default-name=wlan1 ] ssid=MikroTik
/caps-man datapath
add bridge=bridge_CAP name=datapath1
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm,tkip name=security1 \
    passphrase=5956838917
add authentication-types=wpa2-psk encryption=aes-ccm,tkip name=security2 \
    passphrase=123456789
/caps-man configuration
add channel=channel1 country=no_country_set datapath=datapath1 \
    datapath.bridge=bridge_CAP mode=ap name=cfg1 security=security1 ssid=\
    "Casa 1"
add channel=channel2 country=no_country_set datapath=datapath1 \
    datapath.bridge=bridge_CAP mode=ap name=cfg2 security=security2 ssid=\
    "Casa 2"
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool_CAP ranges=172.17.10.2-172.17.10.254
/ip dhcp-server
add address-pool=pool_CAP disabled=no interface=bridge_CAP lease-time=1d10m \
    name=server_CAP
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=cfg1 name-format=\
    prefix-identity slave-configurations=cfg2
/interface bridge port
add bridge=bridge_CAP interface=wlan1
add bridge=bridge_CAP interface=ether2
add bridge=bridge_CAP interface=ether3
add bridge=bridge_CAP interface=ether4
/interface list member
add interface=ether1 list=WAN
add interface=bridge_CAP list=LAN
/interface wireless cap
#
set bridge=bridge_CAP discovery-interfaces=bridge_CAP enabled=yes interfaces=\
    wlan1
/ip address
add address=172.17.10.1/24 interface=bridge_CAP network=172.17.10.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=172.17.10.0/24 gateway=172.17.10.1 netmask=24
/ip firewall filter
add action=accept chain=input connection-state=established,related,untracked
add action=drop chain=input connection-state=invalid
add action=accept chain=input protocol=icmp
add action=drop chain=input in-interface-list=!LAN
add action=accept chain=forward ipsec-policy=in,ipsec
add action=accept chain=forward ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward connection-state=\
    established,related
add action=accept chain=forward connection-state=\
    established,related,untracked
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward connection-nat-state=!dstnat connection-state=\
    new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat ipsec-policy=out,none out-interface-list=\
    WAN
/system identity
set name=cAP1

Ho anche provato a farlo dal 750 il capsmanager, ma incorro nello stesso identico problema e non riesco a capire il perchè allego anche questo codice
Codice: Seleziona tutto
/caps-man channel
add band=2ghz-b/g/n frequency=2412 name=channel_Cap
add band=2ghz-b/g/n frequency=2437 name=channel_Cap2
/interface bridge
add name=bridge_CapManager
add name=bridge_Citofono
add name=bridge_PuntoPunto
/caps-man datapath
add bridge=bridge_CapManager name=datapath_Cap
/caps-man security
add authentication-types=wpa2-psk,wpa2-eap name=security_CasaMagni \
    passphrase=5956838917
add authentication-types=wpa2-psk,wpa2-eap name=security_CasaSimonini \
    passphrase=123456789
/caps-man configuration
add channel=channel_Cap country=no_country_set datapath=datapath_Cap \
    datapath.bridge=bridge_CapManager name=configurazione_Magni security=\
    security_CasaMagni ssid="Casa Magni"
add channel=channel_Cap2 country=no_country_set datapath=datapath_Cap \
    datapath.bridge=bridge_CapManager name=configurazione_Simonini security=\
    security_CasaSimonini ssid="Casa Simonini"
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool_Citofono ranges=10.9.9.10-10.9.9.62
add name=pool_PuntoPunto ranges=172.16.10.2-172.16.10.254
add name=pool_Cap ranges=172.16.11.2-172.16.11.254
/ip dhcp-server
add address-pool=pool_Citofono disabled=no interface=bridge_Citofono \
    lease-time=1d10m name=server_Citofono
add address-pool=pool_PuntoPunto disabled=no interface=bridge_PuntoPunto \
    lease-time=1d10m name=server_PuntoPunto
add address-pool=pool_Cap disabled=no interface=bridge_CapManager lease-time=\
    1d10m name=server_Cap
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled master-configuration=configurazione_Magni \
    name-format=prefix-identity slave-configurations=configurazione_Simonini
/interface bridge port
add bridge=bridge_CapManager interface=ether3
add bridge=bridge_CapManager interface=ether4
add bridge=bridge_CapManager interface=ether5
add bridge=bridge_PuntoPunto interface=ether2
/interface bridge settings
set use-ip-firewall=yes
/interface list member
add interface=ether1 list=WAN
add interface=bridge_Citofono list=LAN
add interface=bridge_CapManager list=LAN
add interface=bridge_PuntoPunto list=LAN
/ip address
add address=10.9.9.1/24 network=10.9.9.0
add address=172.16.10.1/24 interface=bridge_PuntoPunto network=172.16.10.0
add address=172.16.11.1/24 interface=bridge_CapManager network=172.16.11.0
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=10.9.9.0/26 gateway=10.9.9.1 netmask=26
add address=172.16.10.0/24 gateway=172.16.10.1 netmask=24
add address=172.16.11.0/24 gateway=172.16.11.1 netmask=24
/ip firewall filter
add action=accept chain=input connection-state=established,related,untracked
add action=drop chain=input connection-state=invalid
add action=accept chain=input protocol=icmp
add action=drop chain=input in-interface-list=LAN
add action=accept chain=forward ipsec-policy=in,ipsec
add action=accept chain=forward ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward connection-state=\
    established,related
add action=accept chain=forward connection-state=\
    established,related,untracked
add action=drop chain=forward connection-state=invalid
add action=drop chain=forward connection-nat-state=!dstnat connection-state=\
    new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat ipsec-policy=out,none out-interface-list=\
    WAN
/system clock
set time-zone-name=Europe/Rome
/system identity
set name=Cap_Manager

ringrazio chi mi potrà aiutare!!

EDIT: Sistemata la sintassi! GENTILMENTE scrivete post puliti e facili da leggere.
Nowayout
Mikrotik Curious User
Mikrotik Curious User
 
Messaggi: 2
Iscritto il: mer 27 apr 2016, 15:08
Uso routerOS dalla Versione: v5.x

Re: Configurazione CapsMan

Messaggioda xanio » gio 3 ott 2019, 11:22

Nei log che errori riscontri?
---
MTCNA - MTCRE
Avatar utente
xanio
Staff rosIT
Staff rosIT
 
Messaggi: 1054
Iscritto il: lun 31 ott 2011, 18:15
Località: Sicilia
Uso routerOS dalla Versione: v4.x
Certificazioni Mikrotik: MTCNA - MTCRE
Altre certificazioni: Milestone - Yeastar - Cambium
Preferred Training Centre: Grifonline

Configurazione CapsMan

Messaggioda zippoalice » dom 20 ott 2019, 13:30

Ciao in cap interface non ti compare nulla?
zippoalice
Mikrotik-User 10° Liv
Mikrotik-User 10° Liv
 
Messaggi: 22
Iscritto il: sab 8 dic 2018, 11:16
Uso routerOS dalla Versione: v6.x

Re: Configurazione CapsMan

Messaggioda bivio87 » lun 28 ott 2019, 20:23

Ciao la tua configurazione è perfetta ...
solo il vero problema e che hai lasciato le configurazione di default (cosa che ti consiglio mai fare, il firewall è un qualcosa da configurare a DOC )e cosi il firewall ti blocca le connessioni alla Routerboard e blocca il protocollo ..se disattivi le regole di firewall funziona tutto (ma non te lo consiglio)
puoi risolvere trasformando la regola di drop input su tutto quello diverso dalla LAN scritta in mikrotik
!lan ---- in WAN e poi funziona tutto!!
Avatar utente
bivio87
Staff rosIT
Staff rosIT
 
Messaggi: 43
Iscritto il: mer 28 giu 2017, 10:47
Uso routerOS dalla Versione: v4.x



Torna a RouterOS

Chi c’è in linea

Visitano il forum: Nessuno e 10 ospiti