Setting up a minimal configuration on a Mikrotik device sometime requires a subtle sequence where access method changes so as to avoid cutting the branch you’re sitting on.
Layer 2 connection
I’ve often found mactelnet to work when winbox would not, so don’t forget to give it a try.
sudo mactelnet AA::BB:CC:DD:EE -n -u admin -p ""
Wifi connection
Sometime a wifi setup can give a more stable connection when changing vland and bridge settings :
Then a temporary wifi setup
/interface bridge
add name=bridge
/interface bridge port
add bridge=bridge interface=wifi1
/ip address
add address=192.168.88.1/24 interface=bridge network=192.168.88.0
/interface wifi
set [ find default-name=wifi1 ] configuration.mode=ap .ssid=capax disabled=no security.authentication-types=wpa2-psk security.passphrase=mikrotik
/ip pool
add name=dhcp_pool0 ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp_pool0 interface=bridge name=dhcp1 relay=192.168.88.1
/ip dhcp-server network
add address=192.168.88.0/24 dns-server=1.1.1.1 gateway=192.168.88.1
minimal CAP setup
/interface bridge
add name=bridgeLocal
/interface wifi datapath
add bridge=bridgeLocal comment=defconf disabled=no name=capdp
/interface wifi
set [ find default-name=wifi1 ] configuration.manager=capsman datapath=capdp disabled=no
set [ find default-name=wifi2 ] configuration.manager=capsman datapath=capdp disabled=no
/interface bridge port
add bridge=bridgeLocal comment=defconf interface=ether1
add bridge=bridgeLocal comment=defconf interface=ether2
add bridge=bridgeLocal comment=defconf interface=ether3
add bridge=bridgeLocal comment=defconf interface=ether4
add bridge=bridgeLocal comment=defconf interface=ether5
/interface wifi cap
set discovery-interfaces=bridgeLocal enabled=yes slaves-datapath=capdp
/ip dhcp-client
add interface=bridgeLocal disabled=no
Observation:
One thing to note here is that there’s no vlan setup, and the dhcp-client will therefore use untagged packets. If you use switch based vlans on the other end, you should thus set the switch port to use a proper default vlan-id and use “add if missing” for the “vlan header”
Alternatively, you could specify the use of vlan on the cap side like that :
/interface vlan
add interface=bridge name=vlan1-main vlan-id=99
/interface wireless cap
set bridge=bridge discovery-interfaces=vlan1-main enabled=yes interfaces=wlan1
/ip dhcp-client
add interface=vlan1-main
Then the other end should have “vlan header” set as “leave as is”, without any default vlan-id