On the picture is a minimal representation of my network.
My Mikrotik has 1 DHCP server with pool 192.168.10.2-192.168.10.254
The WIFI access point (it’s public WIFI without password) you see on the picture is without DHCP server, has an auto assigned IP 192.168.10.205 and all clients connected through that access point receive IP address from single DHCP server.
My goal is to create second DHCP server for access point with pool 192.168.11.2-192.168.11.254, it must be isolated from my local network
Isolation is not achieved by only a different IP range. The preferred (at least by me) way is to introduce VLAN’s. Bit complicated, but once you understand it will make your life a lot easier. Here is a great topic describing examples: http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1
I heard about VLAN but wasn't sure it may help, I need to investigate your link, thanks!
But what if discard rule about "network isolation" is it even possible to configure Mkrotik to have separated DHCP server for clients connected through some access point? Maybe traffic contains MAC of access point and this can be used. I bought Microtik a few days ago so don't have enough skills in networks configuration.
As client isolation seemed to be your main requirement, VLAN is the way to go. Don’t understand the benefit of having a dedicated DHCP server for your public wireless network, but sure…:
Remove LAN2 from the bridge and attach the second DHCP server to the LAN2 interface.
I can't use physical interface LAN 2 of Mikrotik, AP is not only one device connected to that switch. I also have 3 home WiFi routers, 7 IP cameras (own POE switch), etc. they all are connected to that switch too. Everything except AC on the picture must be in the network 192.168.10.0/24
I can't configure physical network differently, at least for now.
