jazzymc/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

WiFi troubleshooting guide, fix empty security overrides, update config docs

Browse Source 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
jazzymc
2026-03-12 16:18:40 +02:00
parent 6320c0f8d9
commit d0b4fae25e
4 changed files with 265 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docs/07-WIFI-CAPSMAN-CONFIG.md
View File

@@ -1,6 +1,6 @@
# WiFi and CAPsMAN Configuration
**Last Updated:** 2026-02-26
**Last Updated:** 2026-03-12
**Purpose:** Document WiFi network settings, CAPsMAN configuration, and device compatibility requirements
---
@@ -23,11 +23,12 @@
| SSID | XTRM |
| Band | 5GHz |
| Mode | 802.11ax (WiFi 6) |
| Channel | 5180 MHz (ch 36) |
| Width | 40MHz |
| Channel | 5745 MHz (ch 149) |
| Width | 20/40/80MHz |
| Security | WPA2-PSK + WPA3-PSK |
| Cipher | CCMP (AES) |
| 802.11r (FT) | Enabled |
| 802.11r (FT) | Disabled |
| Skip DFS | All |
| Password | `M0stW4nt3d@home` |
---
@@ -44,12 +45,14 @@ Some devices (Tuya JMWZG1 gateway, Amazfit TREX3, iPad 2) require legacy setting
|---------|-------|--------|
| SSID | XTRM2 | |
| Band | 2.4GHz | IoT compatibility |
| Mode | **802.11g** | Legacy device support |
| Mode | **802.11g** | Legacy device support (NOT 802.11n — breaks IoT) |
| Channel | **1 (2412 MHz)** | Most compatible |
| Width | **20MHz** | Required for old devices |
| Security | **WPA-PSK + WPA2-PSK** | WPA needed for legacy |
| Cipher | **TKIP + CCMP** | TKIP required for old devices |
| 802.11r (FT) | **Disabled** | Causes issues with IoT |
**CRITICAL:** Security must be set explicitly on the interface, not just the profile. Empty `security.authentication-types=""` means OPEN network, not "inherit from profile." See [12-WIFI-TROUBLESHOOTING.md](12-WIFI-TROUBLESHOOTING.md).
| Password | `M0stW4nt3d@IoT` | |
### Devices Requiring WPA + TKIP
@@ -140,10 +143,10 @@ The CAP runs bridge VLAN filtering to properly tag/untag WiFi client traffic bef
| Interface | Radio | Band | SSID | Security | Status |
|-----------|-------|------|------|----------|--------|
| cap-wifi1 | wifi2 | 5GHz | XTRM | WPA2/WPA3-PSK, CCMP | Working (Ch 52/5260, 40MHz, DFS) |
| cap-wifi2 | wifi1 | 2.4GHz | XTRM2 | WPA2-PSK, CCMP | Working (Ch 6/2437, 20MHz) |
| cap-wifi1 | MAC :BE | 2.4GHz | XTRM2 | WPA+WPA2, TKIP+CCMP | Working (Ch 13/2472, 20MHz, 802.11g) |
| cap-wifi2 | MAC :BF | 5GHz | XTRM | WPA2/WPA3-PSK, CCMP | Working (Ch 36/5180, 20/40/80MHz, 802.11ac) |
**Note:** cap-wifi2 uses WPA2+CCMP only (not WPA+TKIP like HAP's local wifi2). Legacy IoT devices requiring TKIP will only work on HAP1's local wifi2.
**Note:** CAP radios swapped after CAPsMAN re-provisioning. Identify by MAC address, not interface name. See [12-WIFI-TROUBLESHOOTING.md](12-WIFI-TROUBLESHOOTING.md) for re-provisioning procedures.
---