МФУ HP подключается и почти сразу отключается от Wi-Fi на RBD53iG-5HacD2HnD 7.13

[kluvonog]

Добрый день, Уважаемые Форумчане!

Подскажите, пожалуйста, как победить проблему

МФУ HP 135wr подключается и почти сразу отключается от Wi-Fi на RBD53iG-5HacD2HnD RouterOS 7.13
Бывает даже на web-интерфейс мфу удаётся зайти.

На роутере запущен capsman подключены пара cAP и штуки 3 кинетиков.
Подняты гостевая и рабочая сети.
С остальными точками проблем нет, а с центральным такая проблема.
Думал дело в DHCP - прописал статику на принтере - то же самое.

В логах не вижу, что бы могло быть.

Ниже его конфиг.

 

Код: Выделить всё

# 2024-06-12 15:48:02 by RouterOS 7.13
# software id = KYTZ-NVYC
#
# model = RBD53iG-5HacD2HnD
/caps-man channel
add band=2ghz-onlyn control-channel-width=20mhz extension-channel=disabled \
    frequency=2412 name=channel_2.4GHz_01 tx-power=20
add band=2ghz-onlyn control-channel-width=20mhz extension-channel=disabled \
    frequency=2437 name=channel_2.4GHz_06 tx-power=20
add band=2ghz-onlyn control-channel-width=20mhz extension-channel=disabled \
    frequency=2462 name=channel_2.4GHz_11 tx-power=20
add band=2ghz-onlyn control-channel-width=20mhz extension-channel=disabled \
    frequency=2412,2437,2462 name=channel_2.4GHz_auto_freq reselect-interval=\
    6h tx-power=20
add band=2ghz-b/g/n control-channel-width=20mhz extension-channel=disabled \
    frequency=2412,2437,2462 name=channel_2.4GHz_auto_freq_b_g_n \
    reselect-interval=6h tx-power=20
/interface bridge
add arp=reply-only fast-forward=no igmp-snooping=yes name=bridge-GUEST
add ingress-filtering=no name=bridge-local port-cost-mode=short \
    vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] mac-address=50:AA:32:65:3F:24 name=\
    ether1-wan
/interface ovpn-server
add name=ovpn-in01 user=mldDd2fg45
/interface wireless
# managed by CAPsMAN
# channel: 2462/20/gn(17dBm), SSID: InduoWork, CAPsMAN forwarding
set [ find default-name=wlan1 ] ssid=MikroTik
# managed by CAPsMAN
set [ find default-name=wlan2 ] ssid=MikroTik
/interface vlan
add interface=bridge-local name=vlan3 vlan-id=3
/caps-man datapath
add arp=enabled bridge=bridge-local client-to-client-forwarding=yes \
    local-forwarding=no name=datapath-local
add arp=enabled bridge=bridge-GUEST client-to-client-forwarding=no \
    local-forwarding=no name=datapath-guest
/caps-man security
add authentication-types=wpa2-psk encryption=aes-ccm group-encryption=aes-ccm \
    group-key-update=5m name=security-wlan-work
add authentication-types=wpa2-psk disable-pmkid=yes encryption=aes-ccm \
    group-encryption=aes-ccm group-key-update=5m name=security-wlan-guest
/caps-man configuration
add channel=channel_2.4GHz_06 country=russia3 datapath=datapath-local \
    disconnect-timeout=3s distance=indoors guard-interval=any \
    hw-protection-mode=rts-cts hw-retries=7 installation=indoor mode=ap \
    multicast-helper=full name=cfg-2.4GHz_06 rx-chains=0,1 security=\
    security-wlan-work ssid=InduoWork tx-chains=0,1
add country=russia3 datapath=datapath-guest disconnect-timeout=3s distance=\
    indoors guard-interval=any hw-protection-mode=rts-cts hw-retries=7 \
    installation=indoor mode=ap multicast-helper=full name=cfg-2.4GHz-guest \
    rx-chains=0,1 security=security-wlan-guest ssid=Induo35 tx-chains=0,1
add channel=channel_2.4GHz_11 country=russia3 datapath=datapath-local \
    disconnect-timeout=3s distance=indoors guard-interval=any \
    hw-protection-mode=rts-cts hw-retries=7 installation=indoor mode=ap \
    multicast-helper=full name=cfg-2.4GHz_11 rx-chains=0,1 security=\
    security-wlan-work ssid=InduoWork tx-chains=0,1
/interface list
add name=VPN
add name=list-WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool-lan ranges=192.168.1.34-192.168.1.200
add name=ovpn-pool-lan ranges=10.10.220.2-10.10.220.99
add name=dhcp_pool_guest ranges=172.16.0.34-172.16.0.199
add name=dhcp_pool3 ranges=172.16.1.34-172.16.1.250
/ip dhcp-server
add address-pool=pool-lan interface=bridge-local lease-time=10m name=dhcp-lan
add add-arp=yes address-pool=dhcp_pool_guest interface=bridge-GUEST name=\
    dhcp-GUEST
add address-pool=dhcp_pool3 interface=vlan3 name=dhcp2
/ppp profile
add local-address=10.10.220.1 name=ovpn remote-address=ovpn-pool-lan
/queue simple
add disabled=yes max-limit=20M/20M name=guest-wifi-limit target=bridge-GUEST
add disabled=yes max-limit=20M/20M name=keenetic-guest-vlan target=vlan3
/caps-man manager
set enabled=yes
/caps-man provisioning
add action=create-dynamic-enabled hw-supported-modes=b,g,gn \
    master-configuration=cfg-2.4GHz_11 radio-mac=18:FD:74:D9:AF:8E \
    slave-configurations=cfg-2.4GHz-guest
add action=create-dynamic-enabled hw-supported-modes=b,g,gn \
    master-configuration=cfg-2.4GHz_06 slave-configurations=cfg-2.4GHz-guest
add action=create-dynamic-enabled hw-supported-modes=a,ac,an \
    master-configuration=cfg-2.4GHz_06 slave-configurations=cfg-2.4GHz-guest
/interface bridge port
add bridge=bridge-local interface=ether2 internal-path-cost=10 path-cost=10
add bridge=bridge-local interface=ether3 internal-path-cost=10 path-cost=10
add bridge=bridge-local interface=ether4 internal-path-cost=10 path-cost=10
add bridge=bridge-local interface=ether5 internal-path-cost=10 path-cost=10
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=bridge-local tagged=bridge-local,ether3,ether2,ether4,ether5 \
    vlan-ids=3
/interface list member
add interface=ovpn-in01 list=VPN
add interface=ether1-wan list=list-WAN
/interface ovpn-server server
set certificate=Induo-OVPN default-profile=ovpn enabled=yes \
    require-client-certificate=yes
/interface wireless cap
# 
set caps-man-addresses=192.168.1.1 discovery-interfaces=bridge-local enabled=\
    yes interfaces=wlan1,wlan2
/ip address
add address=192.168.1.1/24 interface=bridge-local network=192.168.1.0
add address=172.16.0.1/24 interface=bridge-GUEST network=172.16.0.0
add address=172.16.1.1/24 interface=vlan3 network=172.16.1.0
/ip dhcp-client
add interface=ether1-wan
/ip dhcp-server network
add address=172.16.0.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=172.16.0.1
add address=172.16.1.0/24 dns-server=1.1.1.1,8.8.8.8 gateway=172.16.1.1
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=192.168.1.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall address-list
add address=192.168.0.0/24 comment="Gruppa dostupa v Internet" list=Internet
add address=10.10.220.1-10.10.220.99 list=OVPN
add address=10.10.220.0/24 list=AdminIP
add address=192.168.1.0/24 list=AdminIP
add address=172.16.0.0/24 comment="Guest NET" list=GuestNet
add address=192.168.0.0/24 list=AdminIP
add address=172.16.1.0/24 list=GuestNet
add address=192.168.1.0/24 comment="Dostup v Internet" list=Internet
/ip firewall filter
add action=accept chain=input comment=icmp protocol=icmp
add action=accept chain=input comment="established & related" \
    connection-state=established,related
add action=accept chain=input comment=dns dst-port=53 in-interface=\
    bridge-local protocol=udp
add action=accept chain=input comment=dns dst-port=53 in-interface=\
    bridge-GUEST protocol=udp
add action=accept chain=input comment="access for AdminIP group" \
    src-address-list=AdminIP
add action=accept chain=input comment=VPN in-interface-list=VPN
add action=accept chain=input comment=VPN src-address-list=OVPN
add action=drop chain=input comment="All other drop"
add action=accept chain=forward comment="Allow established & related" \
    connection-state=established,related
add action=drop chain=forward comment="Drop invalid connection packets" \
    connection-state=invalid
add action=accept chain=forward comment="Allow Internet for Internet group" \
    in-interface=bridge-local out-interface-list=list-WAN src-address-list=\
    Internet
add action=accept chain=forward comment="Guest Internet" out-interface-list=\
    list-WAN src-address-list=GuestNet
add action=drop chain=forward comment="All other drop"
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1-wan
/ip firewall service-port
set tftp disabled=yes
set sip disabled=yes
/routing rule
add action=unreachable disabled=no dst-address=192.168.0.0/24 src-address=\
    172.16.1.0/24
add action=unreachable disabled=no dst-address=192.168.0.0/24 src-address=\
    172.16.0.0/24
/system clock
set time-zone-autodetect=no
/system clock manual
set time-zone=+03:00
/system identity
set name=Induo
/system logging
add disabled=yes topics=debug
add disabled=yes topics=wireless
/system note
set show-at-login=no

[anad]

если принтер исправен - нормально присоединяется в одиночному "тупому" роутеру, то
попробуйте избавиться от AC в описании сети.