I have an Omnitik Base Station and SXT clients and are having problems with the configuration of vlans. What I want to do is the following:
1. Base Station:
a. Tag vlans 10 and 20 on port 1 (uplink port) where vlan 10 is the management vlan for all of the radios included the base station
b. Untag vlan 20 for internet access on Ethernet 2 through 5
c. Tag the same vlans across the wireless link towards the SXT clients so that we can manage the clients on vlan 10 and have internet access on vlan 20
2. Clients
a. Untag vlan 20 on ethernet1 so the pc, router etc connected to port ethernet1 get an ip (public ip from an external dhcp server)
None of the radios are going route or do any NATing, hence I want the radios to just bridge the vlans.
Any ideas on how I’m supposed to achieve this?
Thanks in advance
P.S: Our first try using Mikrotik products.. failure is not an option..
You can do this a lot more easy, but indeed...
:
1. Base Station:
a. Tag vlans 10 and 20 on port 1 (uplink port) where vlan 10 is the management vlan for all of the radios included the base station
Add the vlans to port, i assume by uplink u mean ether 1.
/interface vlan add name=ether1.vlan10 interface=ether1 vlan-id=10 disabled=no
/interface vlan add name=ether1.vlan20 interface=ether1 vlan-id=20 disabled=no
then add managment ip to vlan10
b. Untag vlan 20 for internet access on Ethernet 2 through 5
add a bridge. put vlan 20 and all the ethernet to the same bridge.
(if also managment needed, put a vlan10 to all ethernet, and bridge it with the eth vlan 10)
c. Tag the same vlans across the wireless link towards the SXT clients so that we can manage the clients on vlan 10 and have internet access on vlan 20
its different ways of doing this. I think the best is by wds interface.
add a bridge at AP.
put ap in ap-bridge, dynamic-wds and default wds bridge = this bridge.
2. Clients
a. Untag vlan 20 on ethernet1 so the pc, router etc connected to port ethernet1 get an ip (public ip from an external dhcp server)
add all clients as station-wds.
at client, add vlan10 and 20 to wireless interface. then put managment ip at vlan10 add a bridge, and put the vlan 20 interface to bridge, together with the ethernet to client.
PS, this is a bad way to do stuff like this.
to make more easy. managment untagged, and bridge whole thing. maybe use horizon on bridge.
Or, run pppoe. (the most common way) its also possible to have both managment and internet ip at same vlan (untag and or tag). and just filter acces from client to managment.