In general, we use CAPsMAN to centralize the management of CAPs in one point so we can configure the wireless settings and assign IPs to those CAPs using one CAPsMAN or (Wireless controller as Cisco calls it).
One of my clients wants to implement CAPsMAN to configure the wireless settings in remote CAPs, but to distribute IPs from the local DHCP in each site for two SSIDs in different VLANs.

It’s an interesting scenario, and I want to publish it here so anyone can implement it.

For the lab

To represent this scenario in a lab, we will use five MikroTik devices:

R_1_CAPsMAN
R_2_Internet
R_3_CAP
R_4_DHCP_VLAN10
R_5_DHCP_VLAN20

R_1_CAPsMAN

Assign an IP address to Ether1.

Add a default route.

From the CAPsMAN window, create two new CAPs configurations, one for each SSID.

Cfg1:
Mode: ap
SSID: AP_1

Local Forwarding: yes
VLAN Mode: use tag
VLAN ID: 10

Cfg2:
Mode: ap
SSID: AP_2
VLAN Mode: use tag
VLAN ID: 20

Then create a new CAPs Provisioning.
Action: create dynamic enabled
Master Configuration: cfg1
Slave Configuration: cfg2

You can configure any other wireless settings as required (Band, Frequency, TxPower, Security, etc.).

Then enable CAPs Manager.

R_2_Internet

Assign an IP address to Ether1 and Ether2

R_3_CAP

Assign an IP address to Ether1.

Add a default route.

From the Bridge window, create a new bridge and enable VLAN filtering.

Then add Ether1 and Ether2 to the bridge.

Set PVID=10 for Ether1 and PVID=20 for Ether2.

From the Wireless window, enable CAP and select the wireless card you want to use (Interface=wlan1).
Enter the CAPsMAN address: 192.168.12.1
Select the bridge you’ve just created.

Then configure DHCP for VLAN10 and connect it to Ether1, and configure another DHCP for VLAN20 and connect it to Ether2.

Now, after the CAP connects to CAPsMAN, you will have two wireless networks with different SSIDs, each one in a different VLAN. Each client that connects to any of those wireless networks will receive an IP address from a different DHCP.

Good luck

8-7-2023