the Internet Windows Android
Expand
the main

Seamless roaming between access points of different manufacturers. Seamless WiFi Network

What is seamless roaming in WiFi networks?

It is when access points are monitored by a special controller. The wireless network and with a worsening of the signal between the client and the access point, the controller "forcibly moves" the client to a more suitable TD. The fact is that in the usual network, the client will be cling to the latter to the max address of TD, and not to its SSID (title), which leads to negative consequences when moving on the building. The controller is a device that monitors the loading of access points and the signal quality between the base station and the client. In such networks, when you move from one end of the room to another, the point of access will work, which is closer and not loaded. It is very useful for business and shopping centers, large stores, government agencies, hospitals and educational institutions . Load distribution technology will be necessary when large quantities People in places such as conference rooms or recreation parks.

You need an economical solution with automatic switching Customers between them?

The easiest option of the wireless network without a controller, but the serve can consist of several ASUS routers. For these purposes, models are suitable: RT-N11P, RT-N66U, RT-AC55U,RT-AC66U and newer routers. They must be connected with each other with a wisted pair of category 5e and above, as shown in the picture below. This kind of seamless wireless network during the right installation will allow decently to save, compared even with the simplest networks with the access point controller.

Your goal is to make a high-quality wireless network with roaming?

For our customers, we have professional WIFI network solutions with the highest possible reliability, speed, speed and level of protection. In such cases, the network consists of a certain number of access points interconnected by a twisted pair through switches and controllers of access points. The Wi-Fi feature features include:

  • tracking the load on each separate access point and its distribution.
  • track quality and signal level between access point and client.
  • centralized management of all network access points.
  • providing multiple client switching from one point of access to another, without loss of connection with the Internet.

Such a network can be scalable and gradually expand.

For a hotel, a large office, cottage settlements can not do with one point of access, even the most productive and long-range. The distribution of access point gives a much better result and has the ability to scaling. The figure above shows the zone of the seven access points and one controller configured to work in seamless roaming mode.

If your goal is to do so that, when moving from one point of access to another connection with the Internet, it did not disappear, then we can help you with search and buying equipment for WiFi network with roaming.

To organize a fast and loaded wireless network as a whole, the functional function of ordinary WiFi routers is not enough due to TAG, that the solution to "fall off" from the access point takes the final device itself and the router does not help here. It turns out that the same smartphone or tablet will be cling to the point to the point of access, taking into account the fact that in the list of networks known to it, there will be an access point with one hundred percentage.

There are two good way Make such a grid And there is a lot of bad :) Consider good, and I would not advise you with bad things.

1) WiFi Network With a certain number of access points, interconnected by the Switch and controlled by a special controller of wireless access points in local network. This option is the most reliable, unpretentious and of course dear. A network of this type on the example of ZyXEL equipment will cost in the area of \u200b\u200b2000-3000 $ to the area of \u200b\u200b10000m 2 (100x100m). For country houses, seamless roaming will cost cheaper; 1000-1500 $ to the big house and pricework. Such networks are able to withstand large loads And evenly to rope users by access points depending on the loading of each of them. Such networks are easily administered and well suited for commercial real estate, hotels, restaurants, parking facilities, and such public places.

2) The proven method is well - using the roaming asist function. This method is the most budget. With four ASUS RT-AC66U routers, it is possible to obtain an analogue of the seamless roaming WiFi and the speed of the wireless network throughout the house and the local area of \u200b\u200b300-500 megabit per second on the 802.11As standard. With automatic switching between access points. In both cases wiFi routers Connect with a wire.

Budget and professional solutions in our store with installation and configuration.

In the corporate environment, WiFi performs an increasingly noticeable function and plays an ever-increasing role. A smartphone or tablet can be connected to WiFi, but it is much more important, a corporate phone, a mobile data collection terminal or an online cashier for receiving payments and print checks. Well, if the scope of the WiFi network is small, and you can do an ordinary inexpensive point of access, but you can do how to be if wireless connections Do you need to cover thousands of square meters on several floors? Options definitely have.

Firstly, You can "apply" a set of WiFi networks on a set of autonomous access points. The option is bad because such economy is difficult and inconvenient to manage, when moving through the enterprise, some mobile devices You will have to switch between these networks manually, and most importantly, all this will have to explain to users who are not always well understood in IT, and simply unable to absorb these wisdom. Plus, such a decision has only one: it is cheap.

Secondly, can to broadcast one WiFi network using the same type of stand-alone access points with WDS technology. The main minus of such a solution is that the overwhelming, absolute and unconditional majority of more or less affordable (up to 300 USD) access points of popular vendors work ugly in WDS mode. Broadcasting may disappear and restored, connectivity between the main and dependent access points will be disturbed, and mobile devices will lose touch and, together with it, their functional characteristics. So it is better to leave this option for real samurai.

An ideologically and technologically correct option is considered to use the controller and dependent access points. It is this option that is called "seamless WiFi". Its essence is that one centralized controller device can be the essence of it, and one centralized controller device is carried out by their broadcasting. Controller:

  • monitors the state of the subordinate access points, the load on them;
  • regulates the power of the signal and throughput depending on the number of customers and the nature of their work;
  • independently restores maintenance-free due to the failures of the region's equipment by increasing the coverage area from near access points;
  • provides web authentication and dynamic accounts for the implementation of the so-called. "Guest Access" (for some controllers, options like printers to generate and print temporary user accounting data);
  • provides quick roaming, with which you can freely move, for example, with a wifi-phone between the coverage zones of different access points, without interrupting the conversation and without watching any connection interruptions. The controller at the same time "rams" to your device signal from the closest access point.

Modern controllers allow you to connect WiFi access points in the repeater mode (so-called MESH technology) without a cable connection to the network, and also provide integration with related IT systems (for example, Active Directory., geolocation services, etc.).

What to build seamless Wi-Fi

In our catalog of solutions, options for household, corporate and sectoral WiFi solutions are already scrupulously selected and described :. And if you go "by top", then the most successful options for seamless Wi-Fi on the market are represented by the following vendors:

2. In the Middle-End segment, another American manufacturer reigns. Relatively inexpensive, Cambium is also distinguished by reliability and high performance.


Like Ruckus Unleashed, Cambium can also work in the network control mode without a controller. At Cambium, this ecosystem is called AutoPilot, it supports up to 32 network access points and up to 1000 wireless customers. It is functionally almost not inferior to the version with the controller, besides, it does not require any investment, in addition to the purchase of access point themselves, you do not need to buy licenses, service contracts and their updates.

Is it necessary faster, higher, stronger? You are welcome! Free cloud cNMAESTRO controller supports up to 4,000 access points and up to 25,000 wireless customers. The software can be completely installed at your own server, if the beliefs do not allow you to use cloud solutions. With the functionality of Cambium, too, everything is in order: there are also centralized management of the ecosystem, and geolocation services, analytics, radio analysis, integration with adjacent systems ... In general, everything that the soul wants.

The disadvantage of Cambium can be considered a relatively poor line of access points :. Although everything you need in it is present: there are access points with sectoral antennas, with support for 802.11ac Wave 2, MU-MIMO 4x4: 4, street and for premises. In general, a complete gentleman set to your service!

3. In the budget segment, competition is significantly higher, but we allocate TP-LINK among other audacious Chinese. This is the main and most interesting Ubiquiti competitor (which will be below), although this comparison in 2019 is not flattering for TP-LINK.


To begin with, let's figure it out with the TP-LINK label itself: actually two of them. There is a TP-LINK that makes cheap home routers and plastic switches, and there is a TP-LINK that makes the products of the Enterprise line - WiFi systems, SMART series switches, accessories to them. This, in fact, 2 different companies, because between these two directions no intersection points Neither in the field of scientific research, nor in production lines. And, objectivity for the sake of Enterprise TP-LINK is much higher than the quality than his younger fellow, specializing in products for Soho.

Now to WiFi. TP-LINK has a lineup auranet cap - in currently in some forgotten (but it is temporary). Ceiling solution - 500 access points, 10,000 wireless clients. Controllers are only hardware, 50 or 500 access points. Access points - in a fairly old, "Topoon" design, but with support for honest seamless roaming in accordance with 802.11k / V standards, Beamforming, Band Steering, AirTime Fairness - In general, the set is completely complete. High Density on TP-LINK, of course, not to provide, but the activities of 200-300 users in one hall were already served, and the customers did not cause any complaints.

The second ecosystem at TP-LINK is called OmadaIt presents the access points of the EAP series. The controller - Omada Controller - is available in hardware version (with a limit of 50 access points in the 1st network), but there is also a software that can be installed on the server under windows control or Linux. Access points EAP look modern, and, by itself, you can know everything that you need to be able in 2019 by self-respecting access point.

4. Our next patient - Ubiquiti Unifi series. This is when I want to be beautiful and cheap. And "beautifully" with ubiquiti will be constantly, because They all have been subordinate to design: from packaging before design interface design. And the design is really hardly the best in the industry. In general, the products of Ubiquiti are characterized by an extremely low price at enough high quality Product as a whole.


The main minus ubiquiti is that the WiFi is truly seamless roaming in accordance with IEEE standards, he still does not support, offering in return to its proprietary implementation. Which works, well, let's say so so. Therefore, if you need to organize impeccable WiFi client roaming with voice or video applies, then ubiquiti, as it is sad, you will not work. The same applies to High Density - this is not about ubiquiti. In general, the radio frequencies of Ubiquiti are far from the ideal, but thanks to a powerful component base, a very wide range of equipment and proper marketing policies, they are still one of the most popular WiFi-solutions manufacturers. In Russia, Ubiquiti has no more significant drawbacks: the lack of official service and representative offices. The first means that the warranty on the territory of the Russian Federation works a little better than in any way, and the second is that you will not have technical support, nor certificates for equipment (which closes him the road to state enterprises and to telecom operators).

The advantage of Ubiquiti - in their UNIFI ecosystem, which is now not only WiFi equipment, but also switches, routers, video surveillance, telephony, and recently even some of the components of the smart home. Moreover, the management of all this economy is available through very beautiful and convenient applications (including mobile), integrated with the "cloud" ubiquiti, i.e. "Challenge" Unifi Ecosystem You can from anywhere in the planet, and this is without any dancing with ports of ports, static IP addresses and other leaps. In general, it is really convenient.

5. MIKROTIK, EDIMAX, WISNETWORKS, TG-NET, etc.The 5th point in this list we will be adding only because the number 5 is more beautiful than 4. Well, or the reputation is better. The objectively listed here, the vendors are not yet reaching even to the level of ubiquiti (they may not be worse, but by the aggregate of the factors of their perception by the market are not so significant), but they still take some kind of niche in the market and are some popular.

Boldly boast: we have accumulated extensive experience in deploying large wi-Fi networksWe managed to "touch" the most diverse solutions of most profile vendors, and we know their strengths and pitfalls. We are ready to apply your experience for designing and installing wireless networks at your enterprise. - Save your time and money!

Modern principles for building infocommunication networks are focused not only for the provision of high-speed access, but also on the convenience of users. Roaming in Wi-Fi networks is the most component that relates more to the convenience of subscribers. In radio networks, roaming is called the process of switching a wireless network subscriber from one base station (the access point, from which the subscriber takes place) to another (to the service area of \u200b\u200bwhich this subscriber is included).

A rather common situation in the offices of large companies with a Wi-Fi network is the lack of roaming or its incorrect setting. This leads to the fact that, despite the presence of uniform radiocrying throughout the building, the SSH sessions are broken when the subscriber is moved, it stops loading files, not to mention the breaks of communication sessions when using Watsapp, Skype and other similar applications.

The easiest, cheapest and common way to organize roaming is to configure the radio network from access points with the same SSID. When the radio signal power from the subscriber is weakening (SNR signal-noise ratio decreases), this leads to a decrease in the speed of the connection, and if the SNR falls below the critical mark, the connection is completely broken. In the event that the wireless subscriber device "sees" the equipment with the same SSID equipment, then it makes it connecting it.

Many wireless equipment manufacturers for roaming are using proprietary protocols, but even in this case, the delays in handere can reach a few seconds, for example, when using the WPA2-Enterprise protocol when connecting access points to the RADIUS server is required:

The stumbling block in the Wi-Fi Roaming organization is that the solution to switch from one access point to another accepts the subscriber (more precisely client equipment). Most protocols for switching the subscriber from one Wi-Fi device to another, use the forced disabling the user from the access point when the signal quality deteriorates. In the settings of most access points that support roaming, you can set the minimum level of the signal at which the subscriber will be disconnected from the network. This is not very the best way The maintenance of roaming, because everything also breaks the TCP session, and the client device may unsuccessfully try to continue attempting to establish a connection with the device that accelerately threw it from the network.


802.11R and 802.11k. - "Mobile"Wi-Fi.

To solve the problems described above in 2008, the 802.11r specification (and later the correction to it is 802.11k), which is an addition to the 802.11 standard and serves to provide seamless radiocrying and switching subscribers from one access point to the other. So if you are going to solve a similar task of organizing seamless Wi-Fi roaming, then you need to choose equipment that supports these standard specifications.

In 802.11R, the Fast Basic Service SET Transition technology is used, thanks to which the encryption keys from all access points are stored in one place, which allows the subscriber to reduce the authentication procedure before sharing four short messages. The 11K correction allows you to reduce the detection time of access points with the best levels of signals. This is implemented due to the fact that the wireless network starts to "fly" packages with information about neighboring points of access and their condition.

The general principle of the 802.11r standard is that the subscriber terminal has a list of available access points. Available points belong to one MDIE mobile domain, information about MDIE accessories is broadcast with SSID. If the Subscriber sees an accessible access point from MDIE with the best SNR level, then the subscriber is still active wireless connection Provides pre-authorization on another access point from MDIE.

To speed up the connection, the authentication occurs in a simplified scheme, instead of authorization on the RADIUS server, the subscriber terminal exchanges with a Wi-Fi PMK key controller. The PKM key is transmitted only when the first authentication is stored in the Wi-Fi memory controller.

Only after the other access point authorized the subscriber, Handover occurs. Next, the switching speed will no longer depend on how quickly the packets fly over the network, and only from how quickly the subscriber device can make the frequency restructuring to the new channel. With this algorithm, the switching subscriber occurs unnoticed for the user.

Despite the fact that the overwhelming majority of modern Wi-Fi devices Supports 802.11R, you always need to leave a backup option, so it will not be superfluous to configure "aggressive roaming", working on the principle of disconnecting the subscriber when the SNR is reduced below the specified threshold value.


Ready solutions for seamless roaming

You can organize roaming in a wireless network using conventional access points that support the above specifications. And this option is suitable for those cases when the network consists of a small number of access points. But if your network has a dozen wireless points, then for such a network it is more advisable to consider specialized solutions from Cisco, Motorola, Juniper Aruba, etc.

Some solutions need to configure a separate controller that manages the entire network, but there are also those that the controller is not needed. For example, Aruba Networks has instant points that do not work without a physical controller, but there is a virtual, which rises on one of the points. At the same time, the majority of services are working for which networks create such networks: seamless roaming, scanning of a radio spectra and space, device recognition on the network. In the future, with the growth of the network, these points can be translated into operation with a physical controller, refusing virtual.

Motorolla is famous for its intelligent Wing 5 solution, which "endowed" wireless equipment. Thanks to this solution, all equipment (both local and remote) is combined into a single distributed network, which reduces the number of switches on the network, and access points can work more synchronously and efficiently.

Thanks to Wing 5 solution, Motorolla equipment can produce intelligent bandwidth control and load balancing between access points, thereby distributing traffic to the network evenly between all access points. In addition, the equipment can independently change the configuration in case of interference detection (for example, if a microwave is next to the microwave). The equipment also has an adaptive coating function that allows you to increase the signal power for devices on a network with a low signal-noise ratio (SNR). And of course an important function - self-restoration of neighboring access points in case of their freezes.

Cisco also has a similar solution, and it is called Cisco Mobility Express Solution. Cisco policy in terms of approach to software Something reminds Apple - simplicity of deployment and settings (setting takes less than 10 minutes). Therefore, it is suitable for companies with a small state of IT specialists without without it. Mobility Express Solution unfolds on the basis of Cisco Aironet access points, which also have a virtual controller and acquire a separate device for this not necessity. Connecting and configuring Aironet can be made even from a conventional smartphone, just connect to the access point of a well-known SSID with a standard factory password:

When connecting to the access point, the user will be prompted to complete the user using the Cisco WLAN Express installation wizard. Regardless of how many access points are available on the network, its setting can be done through any Cisco Aironet equipment operating on the network. By the way, when setting up a network from a smartphone, you can download a separate Cisco Wireless application available as in Google Play.And App Sore.


Conclusion

Configuring roaming on the network without using specialized solutions of leading manufacturers of network equipment is possible, but it is always useful to use not only "bare standard". Therefore, the implementation of seamless roaming using solutions with a virtual or physical corporate class WLAN controller from manufacturers as Cisco, Motorola, Juniper and Aruba makes it easy to control other access points without using additional equipment. And this means that with their help, any company as small and medium-sized businesses can offer its wireless clients the same high level of service as large enterprises, without any additional costs and complex software.

Speaking about the benefits of seamless WiFi in the private sector with a large area, such positive sides, as:

  • Mobility. You can connect several devices at once: phones, tablets, televisions, PCs, surveillance cameras, smart home system, intercom, etc.
  • Uninterrupted. Now you can communicate with Skype / Viber / WhatsApp, watch your favorite movies in online mode and download games without interrupts, in what place at home you are not.
  • Constancy. Seamless Wi Fi Network does not require reconfiguration - you will be connected to the wireless Internet all the time while you are within its broadcasting.
  • Performance. The powerful signal of the device makes it possible to use the network, spending time on the street, in saunas, closed and outdoor pools, gazebos and lounge zones, etc.

Before setting the WiFi connection, it is important to provide some subtleties in its further work.

Installation and installation of WiFi network: Important moments

When carrying out installation work, it is important to keep in mind, through which walls of the waves are seeping more efficiently. On the soil of the conducted research it was found out that one of the strongest obstacles for penetration wiFi signal Are: reinforced plaster, reinforced concrete and metal grille, which actually cost. It is much easier to penetrate the waves through the brick (in a dry and wet form) and slag blocks.

Seamless wiFi coating The network includes the installation of special devices in several rooms at home. Speaking about the design of the project, it can be noted that the point can be installed on the ceiling, and on the wall - it does not spoil, even on the contrary, it looks stylish and concise.

We guarantee the quality

SilentSystems offers its customers the creation of a seamless WiFi network in the house and on the site acceptable prices. We are leaders in the market of low-current systems due to the quality of the services provided.

Our customers, representatives of international companies and individuals are not mistaken, trusting our possessions, and, ultimately, enjoy the result. Your trust and gratitude is what we continually work for!

We are so confident in our employees, the quality of design and installation, which is ready to give an unprofitable for the market of low-current systems a guarantee - 18 months. We are confidence to us the fact that for 4 years of work there were only two guarantees.


Some projects last long, sometimes even a few years. And to help our customers and partners withstand the construction estimate, we are ready to fix the cost of work in the contract that will need to fulfill in the future.


We understand that any system should not only be beneficial, but also not to destroy the interior. We care about O. appearance objects with which we work and in obligatory We carry out coordination with designers from the customer.


Systems that we install and customize most automated and do not break. However, to use them you need to make some efforts. And to facilitate this process, we leave our customers instructions written in understandable with screenshots and pictures.

More than once, I concerned the themes of interesting and multifunctional routers suitable for home, small and medium businesses. Today we consider the setting in the Mikrotik Capsman functional to create a single seamless WiFi network consisting of a variety of access points. I already wrote about this, but it took more than a year and something has changed, it will be useful to look again and check on the real example.

As I already said, I have on the topic of Capsman settings in Mikrotik. Nowadays in connection with the rate of development information technologies Information is very quickly obsolete. And although the article is still relevant, they regularly read and use, now there is something to add to it.

Released a new version Technologies Controlled Access Point System Manager (Capsman) v2. I will tell a little about her. In my work I will rely on the experience of the previous article and on the official Manual: Capsman from the manufacturer of micro producer.

In my disposal there will be 2 RB951G-2HND router, which, in accordance with my recommendations on this topic. I recommend to familiarize yourself with them just in case, to have a general idea of \u200b\u200bthe basic settings of routers. On one of these routers, I will configure the access point controller, another plug to this controller. Both points form a single seamless WiFi network with automatic client switching to the nearest point.

An example of two access points will be enough for the general idea of \u200b\u200bthe work of the technology. Further, this setting is linearly scaled to the required number of access points.

What is Capsman V2

To begin with, I will tell you what Capsman V2 is and what it differs from the first version. Immediately it is worth saying that there is no compatibility between the two versions. If you have a V2 controller, only access points with the same version can be connected to it. And on the contrary - if you have points V2, it will not work off to the controller of the first version.

Capsman V2 has a different packet name in the system - wireless-CM2.. It appeared in the system from the version of Routeros V6.22RC7. In the previous version, the name - Wireless-FP, it appeared in version V6.11. If you do not have a new package, until the latter.

List of innovations Capsman V2:

  • Ability to automatically update managed access points.
  • Improved information exchange protocol between the controller and access points.
  • Added "Name Format" and "Name Prefix" fields in the Provision Rules settings.
  • Improved logging of the client switching process from point to point.
  • Added L2 Path MTU Discovery.

If your network is already configured by Capsman, the developers offer the following way to update your entire network to v2:

  1. Configure the Capsman V2 temporary controller in the original network.
  2. Starts to gradually update the managed access points to install the Wireless-CM2 package. All updated access points will be connected to a temporary controller.
  3. After all managed access points are updated to latest versionupdate the Capsman main controller. After it happens, turn off the temporary controller.

There is a simpler way if you are not critical of a simple network for a while. At the same time, run the update on all routers - and on the controller and points. As soon as they are updated, everything will work on the new version.

Immediately warning if questions arise on this topic. I personally did not check the update to version V2, there was no need.

Setting up a WiFi network controller

Go from the theory to practice. The first thing is to configure the Capsman controller before connecting access points to it. As I said, we update the system before this. We need to install and activated the package. wireless-CM2..

To activate the function of the wireless network controller, go to the section Capsman., Press the Manager and put the jack of Enabled.

Before continuing the setting, I will tell a little about the principle of system operation. The network is configured to control the access point controller. Separate WiFi points are connected to it and the settings are obtained from it. Each connected access point forms a virtual WiFi interface on the controller. This allows standard means Control traffic on the controller.

Settings for the controller can be combined into named configurations. This allows you to flexibly manage and assign different configurations with different points. For example, you can create a group with global settings for all access points, but at the same time individual points can be set. additional settingsthat will overwrite global.

After connecting the controlled point to the network wizard, all local Wireless settings on the client stop acting. They are replaced with CAPSMAN V2 settings.

Continue configuring the controller. Create a new radio channel and specify its parameters. We go to the tab Channels., We click on the plus and specify the parameters.

There is no drop-down list in the settings and it is inconvenient. Sewing the settings can be in current WiFi parameters if it is already configured.

We continue the settings on the tab Datapaths.. We click Plusik and set the parameters.

Slightly stay on the parameter local-Forwarding. If it is activated, then the entire traffic point of the access point is controlled by the point itself. And most DataPath settings are not used, since the controller does not control the traffic. If this parameter is not set, then all traffic from customers enters the network controller and is managed there depending on the settings. If you need traffic between clients, then specify the Client to Client Forwarding parameter.

Go to security settings. Open the tab Security CFG. and click plus.

It is time to combine the previously created settings in a single configuration. Such configurations may be somewhat different settings. For example, just one. We go to the tab Configurations. and click plus.

On the first tab of the Wireless, specify the configuration name, the AP mode and the SSID name of the future seamless WiFi network. On the other tabs simply select the settings created earlier.

The main settings of the Mikrotik controller Capsman V2 are completed. Now you need to create rules for the distribution of these settings. As I have already written, different configurations can be betrayed different points. The controller can identify access points to the following parameters:

  • If certificates are used, then by the COMMON NAME certificate field.
  • In other cases, MAC addresses are used in xx: xx: xx: xx: xx: xx: xx: xx: xx: xx

Since in your case I do not use certificates, create the rule of distribution of settings based on the MAC address. And since I have a single configuration for all points, then the propagation rule will be the simplest. Make it. Go to the tab Provisioning and click plus.

Provisioning settings description
Radio MacMac access point address
HW. Supported Modes.i did not understand what it was, in the documentation empty
IDENTITY REGEXP.there is nothing in the documentation
Commom Name Regexp.and about it is not
IP Address Ranges.and about it too
Action.selecting an action with radio interface after connecting
Master Configuration.selection of emergency configuration, which will be applied to the received radio interface
Slave Configuration.second configuration, you can connect another config to customers
Name Format.defines titles syntax for CAP interfaces created
Name Prefix.prefix for the names of the CAP interfaces created

This configuration of the Capsman V2 controller is completed, you can connect a WiFi access point to it.

Connecting access points

In my narration, two access points are involved in the addresses. 192.168.1.1 (Mikrotik) and 192.168.1.3 (CAP-1)interconnected by Ethernet cable. The first of these controller, the second simple point. Both dots see each other on the local network. WiFi controller interface as well as a conventional point connects to Capsman and takes the settings. That is, the controller is both a controller and an ordinary access point. Even a combination of two points organizes a full-fledged seamless WiFi network on the entire area, which is covered by their radio modules.

Connecting CAP access points to the Capsman controller is possible by two different protocols - Layer 2 or Layer 3. In the first case, the access point should be physically in one network segment (physical or virtual, if it is L2 tunnel). They do not need to configure the IP addressing, they will find a controller on the MAC address.

In the second case, the connection will be by IP (UDP) protocol. You need to configure the IP addressing and organize the availability of access points and controllers by IP addresses.

To begin with, connect a separate WiFi point. Connecting it through Winbox and go to the section Wireless.. There click on the CAP and specify the settings.

In my case, I specified a specific IP controller, as the IP addressing is configured. If you want to connect points to the controller on L2, then the field with the capsman address is left blank, and in Discovery interfaces. Choose an interface that is connected to the controller. If they are in one physical network segment, the point will automatically find a master.

Save the settings and check. If the access point is correctly connected to the controller, then at the point itself there will be such a picture:

And on the controller in the list Interfaces.the newly created radio interface of the connected access point will appear:

If you have a hard to do with the access point, you cannot understand the controller and you can not understand what is the problem, then check that you are activated on all devices Wireless-CM2 packages. I did it so that after the update, the Wireless-FP package was turned on on one point, instead of the necessary one. The access point in no way wanted to connect to the controller, which I just did not try. I did her controller, the other did not want to connect to it. I dropped all the settings, but it did not help. When it was completely desperate to solve the problem, I checked the package version and found that she was not that.

We now do the same on the Mikrotik controller itself - connect its WiFi interface to Capsman v2. This is done absolutely the same as you just followed on a separate WiFi point. After connecting, we look at the picture on the controller. It should be something like this:

All, basic settings are completed. Now this configuration can be deployed further on new access points and cover the large area of \u200b\u200ba single seamless WiFi network. All connected clients will be displayed on the tab. Registration Table With an indication of the point to which they are connected.

Checking seamless WiFi roaming

Now you can take the phone on android, put a program on it WiFi Analyzer And to like the territory covered by WiFi, test the power of the signal, switching from the point to the point. Switching does not immediately, as soon as the new point signal is stronger than the previous one. If the difference is not very big, the switching to the new will not happen. But as soon as the difference begins to be essential, the client jumps. This information can be observed on the controller.

After analyzing the coating zone, you can correct the power of access points. Sometimes it can be useful to customize different power at different points, depending on the room scheme. But in general, even in basic setting Everything works quite stably and efficiently. This microtic models (RB951G-2HND) can be connected and comfortably to work for 10-15 people. Then there may be nuances depending on the load. I brought these numbers from my examples of real work.

2 networks in Capsman on the example of the guest WiFi

Consider for example one common situation that can be implemented using Capsman technology. We have a configured WiFi seamless network with password authorization. We need to add another guest network for the same access point. In single mikrotik this is done using Virtual AP.. Let's do the same in Capsman.

To do this, add a new security setting. We go B. Security CFG. And create a setting for access without password. Call it Open.

Create another configuration in which all other settings leave the same, only changing SSID and security setting.

We go to the tab Provisioningopen the previously created configuration and add there in the parameter Slave Configuration. Our second configuration, which we just did.

We save changes. Here I waited a few seconds, the new setting did not spread to the point. I did not wait, went to each point and reconciled it to the controller. Perhaps this was not necessary to do, but it was necessary to wait. I do not know, did it. New setting spread and at each point of access appeared new Network Type Virtual AP. With an open WiFi network.

I reviewed the current situation for an example of the work of Virtual AP in Capsman. Here the guest network clients connect to the same bridge and address space as users closed network. For good, you need to make additional settings:

  1. Create on the controller for open network Separate Bridge, assign to him your subnet and address in it, add to this bridge the second WLAN interface that will appear after connecting to Capsman with two configurations.
  2. Configure a separate DHCP server in this subnet with addresses only from this subnet.
  3. In the Capsman settings in DataPath, create a separate configuration for an open network. In it, specify the new Bridge and do not choose the Local Forwarding parameter.
  4. In the configuration for an open network, select the new DataPath.

After that, all the network connected to the open WiFi will be sent to a separate bridge, where its DHCP server and address space, different from the main network. Do not forget to check the gateway and DNS server settings that you will transmit to customers.

Conclusion

Let's summarize the work done. Using the example of two points of access Mikrotik RB951G-2HND, we set up seamless WiFi roaming on the area covered by these points. This area is easily expanding with additional WiFi points of any microtic model. They do not have to be the same as it, for example, is implemented in some ZyXell configurations that I have configured.

In this example, I considered almost the most simple configurationBut at the same time painted all the settings and the principle of operation. Based on this data it is easy to make up more complex configurations. There is no principled complication here. If you understand how it works, then it is already possible to work and make your configurations.

Traffic from access points can be controlled in the same way as with conventional interfaces. The entire basic functionality of the system is Firewall, routing, NAT, etc. You can make bridges, divide the address space and much more. But it is worth considering that the traffic will be all going through the controller. It is necessary to understand this and correctly calculate the performance and bandwidth of the network.

Useful reviews about the work of Capsman

Little useful information From reviews on the article from real users Capsman technologies:

Vladimir, good article! Many letters useful! :) When setting up Capsman at the enterprise, referred to your article - I learned a lot, but I changed a little. Changes touched the "Channels" tab - removed the position of Frequency because The use of one frequency at all points would not recommend, because nearby standing points begin to "rock" and respectively, the connections are arisen ... My users complained to a low level of the signal when it is located next to the access point (and in fact were connected to a point with a bad level Signal) ... In order for users "jumped" from a point to a point, which has a better signal, I decided to make a limit on the signal level threshold by making an entry in the AccessList tab. Values \u200b\u200bat Signalrange \u003d\u003e -71..120 interface \u003d\u003e -71..120 interface \u003d\u003e all Action \u003d\u003e Accept, this achieved that when the signal is reached below -71, the subscriber "leaves" the point :) The value -71 is not taken accidental (the minimum signal level at a speed of 54MBIT ) Also in the Provisioning tab has changed the value of nameformat, instead of CAP put Identity (when connected to the control, it shows the title of the point that is spelled out to the System-\u003e IDENTITY device), who has a realization in household devices, may not have it, and scattered around the large area and there are many of them - it will be useful :) In general, thank you very much and mercies for many letters :)

And one more review:

The article is very good, but I would add it / redid in a part of the guest WiFi network:
1) divided 2 WiFi networks in different radio channels.
2) For security, I would separate the guest network from the main. Given that you have a guest network without a password to break you down every student with a smartphone. Bridge (Bridge_Open) is created, it is assigned to Bridge IP address from another network (192.168.200.1/24), DHCP-POOL (192.168.200.10-192.168.200.100) is created, rises at the DHCP server created by Bridge, create another DataPaths (DataPaths_Open) in which is specified by the created Bridge (Bridge_Open), use DataPaths_open to configure the CFG2 guest network. Next, configure NAT and Firewall so that the guest network (192.168.22/24) was on the Internet access was, and the local work was blocked (Drop Forward from 192.168.200.0/24 to the local network).

Online courses on Mikrotik

If you have a desire to learn how to work with the microtic routers and become a specialist in this area, I recommend passing courses on a program based on information from the official exchange rate of Mikrotik Certified Network Associate. In addition to official program, courses will be laboratory worksIn which you can check and consolidate the knowledge gained. All details on the site IT courses

Did not find an answer to your question? Look at here
Extension to work with files in the web clientExtension to work with files in the web client
Error correctionFixing the error "Server refused access via POP3" when connecting Gmail mail!
1 does not start on windows 101 does not start on windows 10