Hi Community Members’
I hope you are doing well. I have CISCO switch connected with MikroTik Router and Switch interface connected with the router configured as trunk port but I am unable to pass traffic from multiple VLANS. I have 2 vlans configured on switch 50 and 60 and if I configured vlan 50 as native then vlan 50 pppoe users get authenticated but vlan 60 didn’t and vice versa for VLAN 60. I am unable to figure out that why both VLANS users didn’t get authenticated at the same time.
Drawing is attached for your kind review.
This tutorial discusses proper configuration of VLANs under RouterOS and it works with all devices running contemporary ROS versions. Depending on particular device model it might not be the most resource-friendly way of doing it, i.e. it might use general CPU instead of switch chip. In that case the setup highly depends on actual device model (which you did not indicate). However, if you’re trying to achieve “router on a stick” configuration, it doesn’t matter (in ROS v6) as all traffic will have to pass CPU anyway.
BTW, in this context forget about native VLANs on mikrotik, IMO native VLANs concept can make more confusion than it does good. Just go with “all VLANs are equal” thinking.
When you set a Vlan on the Cisco switch as native, the native Vlan is untagged on the trunk where the other vlan(s) are not native and thus are tagged. You can only have a single untagged vlan on a trunk. Untagged is designed for management related stuff of your infrastructure devices to include spanning-tree, etc. To gain more insight into what is happening between the 2 devices, run the built in packet capture on both devices to get a clearer picture of what the ingress and egress traffic looks like, this will show you what is actually happening.
On the MikroTik RouterOS 6.x, the packet capture is located within the tools menu of the Winbox menu
On the Cisco switch cli command to run the embedded packet capture - monitor capture
Just ensure the cisco switch is on the same vlan as the managment vlan of the MT device.
and without your config impossible to say much
/export hide-sensitive file=anynameyouwish
