We are new to VLAN on a MikroTik and could use some help. We have a unique routing situation for a CCR1036-12G-4S. we have searched all sorts of forums and are not really finding any useful information for our scenario.
We have some Ruckus wireless access points installed that are brodcasting 2 different SSIDs. The first internal SSID in on the main corporate network. The second is for Guests and the Ruckus APs are assigning users connecting to this SSID a VLAN tag of 101. These APs plug into the CCR Router that are in a LAN bridge on ports Ether3 and Ether 4.
First we need to know how to make the MikroTik CCR router recognize the VLAN tag 101 assigned by the Ruckus APs and assign DHCP to these users from a specific DHCP Pool just for this VLAN.
This router currently is using Ether1 as the WAN connection and gateway to all internet traffic. Ether1 public IP is XXX.XXX.XXX.138. Ether 1 is also assigned the public IP of XXX.XXX.XXX.139. XXX.XXX.XXX.138 is the default gateway for all internal corporate traffic. We need to route the guest VLAN traffic of 101 out the second public IP of XXX.XXX.XXX.139 so we can apply different DNS rules to this public IP from our content filtering provider.
Additionally, the VLAN tagging is configured on the Access Points and switches and appears to be working correctly when analyzed with Wireshark but when we monitored the network traffic on the CCR1036 with Torch it did not display the VLAN tags on packets that should be tagged with 101.
How do we make the CCR Router recognize the VLAN tags of 101, assign the DHCP based upon that and route the traffic out the second public IP above? Examples with terminal commands or GUI interface would be a huge help. Thanks for the help!
Thank you for the suggestions. This is exactly what we have configured but the guests connected on VLAN 101 dont receive an IP address from the DHCP server on the CCR Router at all. Any ideas why that might be?
Thanks again for the help. It still would not work. I ended up setting up the routing in the VLANs on the Cisco switch and routed VLAN101 out to a different MikroTik router from there to achieve our goal.
No we did the tagging and routing in the Cisco switch and passed the traffic to the MikroTik untagged and left the MikroTik with no VLAN config at all.
It has all been deleted at this point and moved on to another project. Sorry. We sent it to MikroTik also and they said the config was right and should have worked but for some reason it did not.