Is it possible to use the secondary ethernet port as an access port on a cap ax under capsman management with dynamic vlans? I've tried setting this up and every time I enable vlan-filtering on the bridge, the wireless clients no longer have the ability to successfully make DHCP requests/etc.
I'm trying to use ether2 as an access port, with pvid of 100. This port works perfectly well when vlan-filtering is enabled on the bridge, but all wireless clients lose the ability to send/receive traffic from the router. As soon as I disable vlan-filtering on the bridge, all the wireless clients work normally, but the device connected to ether2 on the cap is now operating as vlan 10 (config below will show why with untagged traffic). The switch this cap connects to has the port (ether20) configured like this (removed non-related lines from output):
vlan id 10 is management, 100 is for client access. I'm sure I'm doing a lot wrong, and welcome any/all feedback. Thank you.
Code:
/interface bridgeadd admin-mac=48:A9:8A:xx:xx:xx auto-mac=no comment=defconf name=bridge/interface listadd comment=defconf name=WANadd comment=defconf name=LAN/interface wifi datapathadd bridge=bridge disabled=no name=capdp/interface wifi# managed by CAPsMAN# mode: AP, SSID: yyyy, channel: 5500/ax/Ceeeset [ find default-name=wifi1 ] configuration.manager=capsman datapath=capdp disabled=no# managed by CAPsMAN# mode: AP, SSID: yyyy, channel: 2412/axset [ find default-name=wifi2 ] configuration.manager=capsman datapath=capdp disabled=no/interface bridge portadd bridge=bridge interface=ether2 pvid=100add bridge=bridge interface=wifi1add bridge=bridge interface=wifi2add bridge=bridge interface=ether1/interface bridge vlanadd bridge=bridge tagged=ether1 untagged=ether2 vlan-ids=100/interface list memberadd comment=defconf interface=bridge list=LANadd comment=defconf interface=ether1 list=WAN/interface wifi capset caps-man-addresses=192.168.10.1 enabled=yesCode:
/interface/bridge/port:add bridge=bridge comment="AP3" ingress-filtering=no interface=ether20 internal-path-cost=10 path-cost=10 pvid=10/interface/bridge/vlan:add bridge=bridge comment="Trusted VLAN" tagged=ether3,ether4,ether5,ether24,sfp-sfpplus1,bridge,ether23,ether20 untagged=ether6,sfp-sfpplus2,sfp-sfpplus4,sfp-sfpplus3 vlan-ids=100add bridge=bridge comment="Management VLAN" tagged=bridge,sfp-sfpplus1,ether22 untagged=ether1,ether8,ether24,ether2,ether3,ether4,ether5 vlan-ids=10Statistics: Posted by ormandj — Tue Mar 05, 2024 4:23 pm