I’m setting up a 750UP 5 port PoE router. I got the OS and firmware up to date. I’m using it to run an AREDN site if you’re familiar with that. The site will have 3 WIFI nodes, 1 WAN connection, and one open LAN port for management or adding a camera, etc. The AREDN firmware on the 3 wifi nodes uses vlan1 for WAN, vlan2 for inter-node communications, and untagged for LAN. I need the LiteBeam (port5) to be the DHCP server on LAN. No firewall, no NAT on the router.
Diagram here: https://photos.app.goo.gl/DtpUr6r6DXg4X5Xh9
The following seems to work for what I need. I see all the devices connecting as expected. the LiteBeam gets a WAN IP address, links to the other 2 devices, and my laptop can connect to the router UI and both the router and my laptop get IPs from the LiteBeam. The world is right. BUT when I reboot or power cycle the router, it stops doing anything at all. No access, no vlans, nothing. Must do a factory reset and start over.
It is also possible that some of the changes you make appear to be working, but when you reboot the configuration is still there (and takes full effect and it doesn’t really work) but outside access is lost.
How exactly are you accessing the device?
Winbox allows connecting via MAC even if there is no IP configured, but there may be firewall rules or service settings preventing connection anyway.
Temporarily, take ether5 out of the bridge and do not configure any VLAN on it, assign to it an IP address and make sure it is LAN in interface list, i.e. make sure you have:
/interface list
add name=LAN
/interface list member
add interface=ether5 list=LAN
I appreciate the help, I’m relatively new to vlans and Mikrotik. Pretty sure I’m not in Safe Mode. I’m using WinBox to connect to the MAC address (which does get blocked too). I didn’t define the vlan plan, I’m using what is presented by the AREDN Firmware.
With the above changes, if you set your computer to 192.168.88.2 netmask 255.255.255.0 and connect it to ether5 you should be able to connect via Winbox by IP but also from a browser (Webfig).
Made those changes and I can indeed access the management via IP with Winbox and webfig.
Am I even going down the right path with the bridge VLANs? I had a coworker suggesting I use Interface VLAN configuration but I couldn’t get that working at all.
Good, now try adding an IP address to the bridge, let’s say 192.168.88.10/24.
Then try connecting the PC to one of the other ports of the device, (you will need to set your PC connection to VLAN 10 I believe).
Anyway experiment on which ports and with which VLAN id you can connect.
Once you have successfully found the “right” settings to connect both via Winbox and Webfig to the ports on the bridge, you should be able to put back ether5 in the bridge, even if it is a good idea to have (if number of ports allow that) a “plain” port for emergency access.
Well, a lot of experimenting to validate what I thought. Indeed, starting with a fresh factory reset, then clear configuration, this command set gives me all the routing and access I need. But again, upon a reboot nothing gets routed anywhere at all.
Yes, he is using this for a ham radio application and the device being connected uses VLAN 1 and VLAN 2 and untagged traffic on the same port for one of the purposes and is not changable.
@jonglauser
I am losing you.
If you have a configuration that is working when set the first time and upon reboot (provided that the configuration is not “lost” anymore) it doesn’t work anymore, it means that a part of the configuration does not take immediate effect until a reboot is made and that that part is invalid/wrong/conflicting.
You should try with partial bits of the configuration (i.e. not “all at once”) and try understanding which part is the issue.
And you are saying “routing”, but there is apparently no routing whatsoever involved in your posted configuration?
