I have a CRS328-24P-4S-RM poe switch and I am trying to set VLANs up on it, I have based my config on this:
https://mum.mikrotik.com/presentations/UK18/presentation_6174_1539088509.pdf

I have started with ports ether1-6 as PC’s/Phone and ether 23-24 as trunk ports to router and next switch.

I have three VLANS in the Bridge VLAN 11 (PC’s) 101 (Phones) 201 (Trunk)

Vlan 11, 101, and 201 have ether 23-24 as tagged (trunk ports)
Vlan 11 and 101 has ether 1-6 untagged
Vlan 201 has no untagged ports

Bridge has PVID of 11 so I can access it, ether1-6 have PVID 11, ether 23-24 have PVID 201.
There is a switch chip rule for ether1-6 to tag Phones to Vlan 101 based on MAC

If I have the trunk ethernet cable plugged into ether 5 I can access the internet as its all Vlan 11, but if I plug the trunk cable into ether 24 it shows up as Current tagged on all three Vlans but no traffic goes through the trunk.

The Mum presentation only has a public pc port added as untagged to Vlan 201.

Why is the trunk Vlan 201 not allowing any traffic?

Export your config and tell us exactly what you want to achieve

Sorry I didn’t get a notification of your reply.

Here is the configuration, I have left out the disabled default bridge with the other ports that aren’t currently in use.

Ports 1-6 should be PC or Phone Vlan, default PC with switch rule based on SNOM MAC to change to Phone Vlan
Ports 23-24 Are a Trunk Vlan for next switch and router (will be SFP ports when configuration working)

So PC cannot access Phones and Phones cannot access PCs’

The trunk VLAN doesn’t work and I can only access the router if I plug the trunk cable into port 1-6

There is a Dlink switch as well, and I tried plugging straight into the mikrotik rb3011 router instead of to switch and it made no difference, also made no difference if changed trunk van to 1

The final config also needs a VLAN for servers that are accessible from the net (trunk vlan) and the PC and PHONE vlans for NTP, DHCP, DNS.

Thanks,
Duncan

mar/13/2019 16:13:29 by RouterOS 6.42.12

software id = 0X65-SE6P

model = CRS328-24P-4S+

/interface bridge
add admin-mac=B8:69:F4:E0:A5:D2 auto-mac=no comment=defconf disabled=yes
name=bridge
add fast-forward=no name=bridgeVLAN pvid=11 vlan-filtering=yes
/interface ethernet switch port
set 23 limit-unknown-multicasts=yes limit-unknown-unicasts=yes
add bridge=bridgeVLAN interface=ether1 pvid=11
add bridge=bridgeVLAN interface=ether2 pvid=11
add bridge=bridgeVLAN interface=ether3 pvid=11
add bridge=bridgeVLAN interface=ether4 pvid=11
add bridge=bridgeVLAN interface=ether23 pvid=201
add bridge=bridgeVLAN interface=ether24 pvid=201
add bridge=bridgeVLAN interface=ether6 pvid=11
add bridge=bridgeVLAN interface=ether5 pvid=11
/interface bridge vlan
add bridge=bridgeVLAN comment=“phones Vlan” tagged=ether23,ether24 untagged=
ether1,ether2,ether3,ether4,ether5,ether6 vlan-ids=101
add bridge=bridgeVLAN comment=“data VLAN” tagged=ether23,ether24 untagged=
ether1,ether2,ether3,ether4,ether5,ether6 vlan-ids=11
add bridge=bridgeVLAN comment=“trunk Vlan” tagged=ether23,ether24 vlan-ids=
201
/interface ethernet switch rule
add new-vlan-id=101 ports=ether1,ether2,ether3,ether4,ether5,ether6
src-mac-address=00:04:13:00:00:00/FF:FF:FF:00:00:00 switch=switch1
/ip cloud
set update-time=no
/ip dhcp-client
add dhcp-options=hostname,clientid disabled=no interface=bridgeVLAN
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh address=192.168.1.0/24
set api disabled=yes
set winbox address=192.168.1.0/24
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/London
/system identity
set name=MikroSwitch
/system ntp client
set enabled=yes
/system package update
set channel=long-term
/system routerboard settings
set boot-os=router-os