Two RB493g routers, rp-wifi is a router front ending a public presence network. rp-private is one front ending a private, staff network.
I have a bunch of unifi controlled ubnt AP's that are doing vlan tagging based on SSID, these AP's are hanging off of rp-wifi.
I need to route all vlan 200 traffic, which will be associated with the staff SSID, out eth9, to the second RB493g to manage.
All other traffic can stay within rp-wifi, and leave it's WAN port on eth2.
Here's my setup:
rp-wifi - an RP493G front ending a bunch of ubnt AP's
rp-private - an RP493G front ending a private network
On rp-wifi:
VLAN 1 (untagged) - 172.16.0.0/24, used for addressing all the AP's, and network gear
VLAN 100 - publicly used network, 192.168.0.0/22 (SSID Public)
VLAN 200 - privately used network 192.168.100.0/22 (SSID staff)
Bridge called LAN - combined public and private VLANS
Ports eth4, eth5, and eth9 are assigned to LAN
eth2 is the output for srcnet masquarade,
Now, what is working, I have DHCP servers setup for VLAN 1 and VLAN 100 on rp-private. I am able to connect to SSID public, obtain a vlan100 address and get out to the internet. My network gear can pick up a 172.16.0.x address.
Now, enter rp-private:
I configured it much the same as rp-wifi, only it only has vlan 200 configured on it.
I can connect a device in to any port on eth5-9 and receive a vlan200 IP address, and get out to the internet. vlan200 is the only dhcp server on this device.
I then interconnect the RB493g's on eth9.
rp-wifi, eth9, can receive a vlan 200 IP address from the dhcp server.
rp-private, can receive an IP address from the dhcp server on VLAN 1 on rp-wifi.
eth4 and eth5 on rp-wifi CANNOT receive any vlan 200 traffic from rp-private. eth4 and eth5 cannot receive an IP address from vlan 200 like eth9 can.
I can ping from the rp-wifi's assigned address on vlan 200, to rp-private. But I cannot ping from eth4 or eth5 with an assigned address to rp-private. Both of which must pass through port eth9 to get there.
I think I'm missing something stupid obvious. While I have some Cisco IOS experience, I'm not only a router newb, I'm a mikrotik newb as well. What I did above I have figured out in about 3 late nights. So treat me like a beginner please, name calling allowed if it gets me to my end goal.
