Configuration of SwOS (CSS326-24G-2S+RM) for dynamic VLAN

Thorsten1970 · March 30, 2020, 11:01am

Hello @all,

Today I read an articlet in the internet about dynamic VLAN. It seems to be what I am looking for.

I understand how dynamic VLAN works and what has to be implemented.

No I have a question regarding my CSS326-24G-2S+RM. How do I have to configure the CSS326-24G-2S+RM to activate/use dynamic VLAN? Is it just to configure each VLAN ID to every port?

Please give advice. Thank you very much for your help.

Regards
Thorsten

Thorsten1970 · April 1, 2020, 5:10am

Hi,
Nobody a hint for me?

Maybe a general question regarding SwOS and dynamic VLAN. Is it generally possible?

Thanks again for your support.

Regards
Thorsten

mkx · April 1, 2020, 8:34pm

How about posting link to the article you mentioned so that we know what’s exact meaning of “dynamic VLAN” in this topic?

Thorsten1970 · April 2, 2020, 8:17am

I do not have the link anymore, but I can describe it.

A port on a switch is not allocated to a specific VLAN, it will be assigned to a VLAN by the MAC address of the computer, which is connected to this port. The Radius Server knows the MAC of the computer and the dedicated VLAN for this MAC. This means, the computer can be connected to every port on the switch and it will allways be automatically connected to the right VLAN. An unknown MAC will be forced to a guest VLAN.

Computer 1 → VLAN 1
Computer 2 → VLAN 2

Both computers will be always connected to the right VLAN regardless of which port they will be connected.

Hopefully it is now clear, what I ment. Thanks for your help.

Regards
Thorsten

mkx · April 3, 2020, 9:47pm

What you describe is called “MAC-based VLAN” in RouterOS. A unit, switch-wise similar to yours (CRS3xx), running RouterOS is capable of doing it (see manual).

But could well be that SwOS doesn’t expose necessary config space of switch chip while ROS does … so it can’t be done on CSS3xx devices.

I’ve found an old thread about the same issue without solution.

Thorsten1970 · April 5, 2020, 3:37pm

I also read an article in the German c’t magazine 7/20 (“Funkkutscher - Zentrale Wlan-Steuerung für günstige Access-Points” starting in page 100). There they explain the dynamic VLAN in WLAN with different Brands. One is Mikrotik. But they do not explain the dynamic VLAN on switches. This ist my missing puzzle part. Maybe someone can explain it for SwOS. Would bei great.
Thanks in advance.

Thorsten1970 · April 6, 2020, 6:07am

OK, I saw the old post as well. Thanks. I Just thougt, that this old post is older than 2 years and there have been some new SwOS versions inbetween, that this can be done now.
Thanks again.

Paradox · October 27, 2022, 8:39am

Hi,

I’ve ordered a CSS326-24G-2S+RM which is not delivered, yet. Is MAC based VLAN via RADIUS possible in the meantime? This is a must have feature for me for access switches.

Thanks!

psannz · October 27, 2022, 3:06pm

The answer is: No.
You could do it with a CRS326 running RouterOS, but nocht a CSS.

chechito · October 27, 2022, 3:45pm

maybe using ACL

https://wiki.mikrotik.com/wiki/SwOS/CSS326#ACL_Tab

chechito · October 27, 2022, 3:55pm

if you need advanced features you need to order a CRS, CSS is a basic switch

mjezierski · October 31, 2022, 3:23pm

THIS! Tried it with the latest SwOS. No MAC-VLAN capability. Works like a charm with RouterOS, I think I used 6.46 or 6.47 when I tested last year.