This article shows how to make Mesh kind setup using RouterOS secured WDS and RSTP bridging.
Making a fully functional Mesh setup requires RouterOS v2.9.13 or newer with the 'rstp-bridge-test' package enabled. For the wireless card, an Atheros chipset based card which is supported in the RouterOS should be used.
In this example all APs will have one ethernet card and one wireless card.
Configuration of the AP Mesh router
- Add the Bridge interface
/interface bridge add name=bridge1 protocol-mode=rstp
- Add Ethernet and Wireless interfaces to the bridge group
/interface bridge port add interface=ether1 bridge=bridge1 /interface bridge port add interface=wlan1 bridge=bridge1
- Configure the Wireless card as AP and to support WDS
/interface wireless set wlan1 mode=ap-bridge band=2.4ghz-b/g frequency=2437 ssid=mesh wds-mode=dynamic wds-default-bridge=bridge1 disabled=no
- Create WPA2-EAP security profile
/interface wireless security-profiles add name=WPA2 mode=dynamic-keys authentication-types=wpa2-eap unicast-ciphers=aes-ccm group-ciphers=aes-ccm eap-methods=eap-tls tls-mode=no-certificates
- Specify the connect list to apply WPA2 security profile for the WDS links
The communication between the APs using WDS will be encrypted using WPA2 security profile, but the clients will be able to connect to the APs without the encryption.
/interface wireless connect-list add interface=wlan1 security-profile=WPA2