docs: document wifi-qcom-ac driver limitation for CAPsMAN manager processing
cAP XL ac cannot support traffic-processing=on-capsman (Qualcomm driver limitation). Updated CAP device info, VLAN assignment notes, and added troubleshooting entry for "could not assign vlan" errors. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Kaloyan Danchev
@@ -1,6 +1,6 @@
|
|||||||
# WiFi and CAPsMAN Configuration
|
# WiFi and CAPsMAN Configuration
|
||||||
|
|
||||||
**Last Updated:** 2026-03-12
|
**Last Updated:** 2026-04-07
|
||||||
**Purpose:** Document WiFi network settings, CAPsMAN configuration, and device compatibility requirements
|
**Purpose:** Document WiFi network settings, CAPsMAN configuration, and device compatibility requirements
|
||||||
|
|
||||||
---
|
---
|
||||||
@@ -108,8 +108,9 @@ If devices still can't connect, use WPA-only with TKIP-only:
|
|||||||
| caps-man-addresses | 192.168.10.1 |
|
| caps-man-addresses | 192.168.10.1 |
|
||||||
| discovery-interfaces | bridgeLocal |
|
| discovery-interfaces | bridgeLocal |
|
||||||
| slaves-datapath | capdp (bridge=bridgeLocal, vlan-id=40) |
|
| slaves-datapath | capdp (bridge=bridgeLocal, vlan-id=40) |
|
||||||
|
| Traffic processing | **On CAP only** (wifi-qcom-ac driver limitation) |
|
||||||
| certificate | request |
|
| certificate | request |
|
||||||
| RouterOS | 7.21.1 |
|
| RouterOS | 7.21.3 |
|
||||||
| SSH Port | 2222 |
|
| SSH Port | 2222 |
|
||||||
| SSH (via proxy) | See ProxyJump command below |
|
| SSH (via proxy) | See ProxyJump command below |
|
||||||
|
|
||||||
@@ -152,7 +153,7 @@ The CAP runs bridge VLAN filtering to properly tag/untag WiFi client traffic bef
|
|||||||
|
|
||||||
## WiFi Access List
|
## WiFi Access List
|
||||||
|
|
||||||
**Status:** VLAN assignment via access list is **active**. Each entry has a `vlan-id` that assigns the device to the correct VLAN upon WiFi association. This works on both HAP (local) and CAP (remote, via bridge VLAN filtering).
|
**Status:** VLAN assignment via access list is **active on HAP only**. Each entry has a `vlan-id` that assigns the device to the correct VLAN upon WiFi association. **CAP clients always get VLAN 40** — per-client VLAN does NOT work with "traffic processing on CAP" mode, and the cAP XL ac (wifi-qcom-ac/Qualcomm driver) cannot support manager/CAPsMAN forwarding. A CAP catch-all rule (no vlan-id) at position 0 prevents "could not assign vlan" errors.
|
||||||
|
|
||||||
**30+ entries** configured (MAC-based accept rules with VLAN IDs + 1 default catch-all):
|
**30+ entries** configured (MAC-based accept rules with VLAN IDs + 1 default catch-all):
|
||||||
|
|
||||||
@@ -192,6 +193,10 @@ The CAP runs bridge VLAN filtering to properly tag/untag WiFi client traffic bef
|
|||||||
2. Check VLAN assignment - CAP clients need special rule
|
2. Check VLAN assignment - CAP clients need special rule
|
||||||
3. Check channel width - use 20MHz for stability
|
3. Check channel width - use 20MHz for stability
|
||||||
|
|
||||||
|
### CAP clients get "could not assign vlan"
|
||||||
|
|
||||||
|
Per-client VLAN does not work on CAP — the cAP XL ac uses wifi-qcom-ac drivers (Qualcomm) which only support local forwarding. `datapath.traffic-processing=on-capsman` requires non-Qualcomm (MediaTek) drivers. The only fix is replacing the cAP XL ac with a MediaTek-based AP. Workaround: ensure a CAP catch-all rule exists in access-list with no vlan-id set.
|
||||||
|
|
||||||
### CAP not connecting to CAPsMAN
|
### CAP not connecting to CAPsMAN
|
||||||
|
|
||||||
1. Check certificate - remove old cert and re-request
|
1. Check certificate - remove old cert and re-request
|
||||||
|
|||||||
Reference in New Issue
Block a user