I'm currently working on a MikroTik solution for a campus that will provide 2 wireless networks.

The first will be a wireless network that integrates their wireless LAN with their existing wired network. This (we'll call it) "org network" will allow the wireless users to access resources like networked printers and shared files and folders. The second will be a wireless network for guests to use to access the internet ONLY.

To accomplish, myself and my compatriots have come up with a solution that comprises VLANs. The first VLAN (VLANID2) will be on a 192.168.0.0/22 network that matches the hardware already in place. I guess the first question would be whether or not we would even need a VLAN to accomplish this, but the answer will probably lie in the rest of the configuration.

The second VLAN (VLANID3) will be on a 172.16.31.0/24 network. This network will not be able to talk to te 192.168.0.0 network, and really, I would like them to not talk to each other at all. But, I'll settle with the former at least.

For equipment, there is an RB450G router that is behind a cable modem that will provide routing and and a firewall for all network nodes. Attached to the 450G will be the following:

Linksys unmanaged switch that wll provide wired connectivity for most of the equipment in the building
2 fiber to ethernet converters (backbone between the building is a fiber token ring)
RB600 wireless AP with 2 R52N wireless radios

The RB600s will be scattered across the network providing the wireless backbone for the entire campus (small campus with low total number of users, total of 7 access points). All but one will be behind layer 3 routers that support VLANs. The models of switches are Dell PowerConnect 3448 48-port and HP ProCurve 2610s. The last one will be directly connected to the RB450G, so I don't have doubts that I can make it work between the two.

Just for reference, I've done some searches and I was able to find a thread about ProCurves, VLANs, and RouterOS. Has anyone done any configuration with the Dells?

Here's (in theory) how I would need to configure this setup.

I followed some instructions here:

http://forum.mikrotik.com/viewtopic.php ... nk#p129440

And here's how I set mine up:

RB450G RB433 w/R52H (Will be replaced with an RB600 shortly) Through the GUI, I added a wireless interface with no SSID, then added 2 VirtualAP interfaces with the SSIDs of Org and Guest. I added Org and Guest to br-vl2 and br-vl3, respectively (in typing this, I just realized that I probably should've added each virtualAP to it's own VLAN, then added them to the bridges, but I digress). Then, using the GUI, I setup both VLANs as tagged (which again, now thinking as I type, I probably should've left VLAN2 untagged. You can correct me if I'm wrong).

I then tried to setup the DHCP for br-vl3, setting up addresses 172.16.31.1-100 using the setup function in the terminal. When connecting to the guest VLAN, I could not get an address. Also, I have both of these connected, but I can't see one from the other.

So, the questions so far...

How do I need to setup the VLANs to communicate like I need them? Am I on the right path and just need to check out the switch configuration?

How do I setup a DHCP server on the router that is accessed via the Guest wireless? I'm assuming that once this is setup, I can just relay from the AP, correct?

Is there a better way to setup the two so they communciate the way I need?

Any help would be appreciated. I can supply the supout.rif files if necessary.

Thanks in advance!

Chris.