After we had configured VLAN’s on our CRS-226 switch (according to http://wiki.mikrotik.com/wiki/Manual:CRS_examples) we performed the final step in this process:
/interface ethernet switch >set forward-unknown-vlan=no
After applying this setting we can no longer manage this switch via RoMON; it no longer shows up in the RoMON neighbours. The individual RB450G devices which are individually connected to the CRS-226’s ports (ether1 and ether2 of the CRS-2260 still show up in RoMON neighbours, and these devices are still able to access the CCR-1009 which is connected to ether23 on the CRS-226 (the CCR-1009 is visible in RoMON neighbours as well…).
When we disable “MAC Level Isolation” (in Winbox: Switch > Settings > Generic), which is enabled by default, then the CRS-226 is yet again visible in RoMON neighbours.
AFAIK RoMON works independent of whatever VLAN settings/filtering ROS has configured. Can anyone tell me what I need to do to have “MAC Level Isolation” enabled without losing RoMON managebility for this device? We have ROS 6.32.3 running on this switch and have not yet set up any other kind of isolation (port- or VLAN based, fort instance). All UTP ports (1-23) on this switch are slave to UTP port 24, into which the uplink cable to our core router is plugged. This uplink cable ‘carries’ a VLAN trunk from the CCR-1009 router.