Manual:CAPsMAN – MikroTik Wiki /
http://wiki.mikrotik.com/wiki/Manual:CAPsMAN
I think Controlled Access Point system Manager that is a preview build handling Currently (CAPsMAN), but it’ll keep writing how to use and set a little about this place.
# It is said to be merged officially to the Wireless package from ROS 6.14.
Note that the wireless LAN compatible models that can be used in Japan, please be careful and RB951Ui-2HnD at the time of writing, R52n-M because it is (W52).
I’ll explain in a simple configuration most this time.
Verification environment: RouterOS version: 6.14rc8
1. I will introduce the Wireless-fp package to CAP (Controlled Access Points) and CAPsMAN to the target first.
2. I run the following command at CAPsMAN.
/caps-man manager
set ca-certificate=auto certificate=auto enabled=yes require-peer-certificate=yes
3. I want to first confirm that the self-signed certificate that has been created.
[admin@MikroTik] /caps-man manager> print
enabled: yes
certificate: auto
ca-certificate: auto
require-peer-certificate: yes
generated-certificate: CAPsMAN-D4CA6DFA3854
generated-ca-certificate: CAPsMAN-CA-D4CA6DFA3854
4. Once you go to the settings of the CAP side. Run the following command, so that you can connect to CAPsMAN.
/interface wireless cap
set bridge=bridge1 caps-man-addresses=<CAPsMANのIPアドレス> caps-man-certificate-common-names=\
CAPsMAN-D4CA6DFA3854 certificate=request discovery-interfaces=ether1 enabled=yes \
interfaces=wlan1,wlan2 lock-to-caps-man=yes
5. I will return towards the CAPsMAN again. I will continue to set the parameters of the lower against the CAP here.
- channel
- datapath
- security
- configuration
6. I will continue to set the channel first. I will continue to type in a command similar to the following.
/caps-man channel
add band=2ghz-b/g/n extension-channel=Ce frequency=2422 name=24-1 width=20 tx-power=10
7. Then I will do the setting of the datapath. This controls the data transfer involved.
/caps-man datapath
add bridge=bridge1 client-to-client-forwarding=yes local-forwarding=no name=datapath1
8. Then I will do the security setting.
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm name=\
hogehoge passphrase=hogehoge
9. I set the configuration templates that are set above the end.
[admin@MikroTik] /caps-man configuration>
add name=test channel=24_1 security=Felix-g datapath=datapath1 country=japan ssid=test mode=ap \
hide-ssid=yes rx-chains=0,1 tx-chains=0,1
10. I keep ahead of the MAC address of the CAP attached.
[admin@MikroTik] /caps-man radio> print
Flags: L - local, P - provisioned
# RADIO-MAC INTERFACE REMOTE-AP-IDENT
11. I set to the CAP settings configuration.
/caps-man interface
add arp=proxy-arp channel=hoehoge configuration=hogehoge datapath=hogehoge\
disabled=no l2mtu=1600 mac-address=xx:xx:xx:xx:xx:xx master-interface=none \
mtu=1500 name=hogehoge radio-mac=xx:xx:xx:xx:xx:xx security=hogehoge
I think at least, it will be able to connect from the PC to the CAP and to control the CAP from CAPsMAN.
Thank you.