Hi there,
i have an QRT 5 AC. This device has no "switch chip".
my config is:
/interface bridge
add frame-types=admit-only-vlan-tagged name=bridge1-dslam-data port-cost-mode=short protocol-mode=none vlan-filtering=yes
/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=ap-and-client-mode antenna-gain=0 band=5ghz-onlyac channel-width=20/40/80mhz-Ceee country=no_country_set disable-running-check=yes disabled=no frequency=5745 frequency-mode=superchannel hw-retries=15 installation=any mode=station-bridge nv2-security=enabled radio-name=gueg-r-alkers
scan-list=default,5745 ssid=alkers-r-gueg station-roaming=enabled tx-power=15 tx-power-mode=all-rates-fixed wireless-protocol=nv2
/interface wireless nstreme
set wlan1 enable-nstreme=yes
/interface vlan
add interface=bridge1-dslam-data name=vlan30-mgnt vlan-id=30
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/user group
add name=ip policy=local,telnet,reboot,read,test,winbox,!ssh,!ftp,!write,!policy,!password,!web,!sniff,!sensitive,!api,!romon,!rest-api
/interface bridge port
add bridge=bridge1-dslam-data frame-types=admit-only-vlan-tagged interface=wlan1
add bridge=bridge1-dslam-data frame-types=admit-only-vlan-tagged interface=ether1
/ip firewall connection tracking
set udp-timeout=10s
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes max-neighbor-entries=8192
/interface bridge vlan
add bridge=bridge1-dslam-data tagged=wlan1,bridge1-dslam-data vlan-ids=30
add bridge=bridge1-dslam-data tagged=ether1,wlan1 vlan-ids=404
add bridge=bridge1-dslam-data tagged=wlan1,ether1 vlan-ids=44
/interface ovpn-server server
add auth=sha1,md5 mac-address=FE:E9:27:14:82:D2 name=ovpn-server1
/ip address
add address=10.2.0.50/16 interface=vlan30-mgnt network=10.2.0.0
/ip ipsec profile
set [ find default=yes ] dpd-interval=2m dpd-maximum-failures=5
/ip route
add gateway=10.2.0.1
/ipv6 nd
set [ find default=yes ] advertise-dns=yes
/routing bfd configuration
add disabled=no
/system clock
set time-zone-name=Europe/Berlin
/system identity
set name=guegleben-r-alkers
/system ntp client
set enabled=yes
/system ntp client servers
add address=10.0.250.13
/tool graphing interface
add
/tool graphing resource
add
[admin@guegleben-r-alkers] >
this works for me. tagged vlan404 with pppoe inside comes from ether1 to wireless (to another side). untagged blocks.
i can log/block vlan's on bridge-filter (but this is also done in bridge vlan).
I want to let only pppoe-discover and pppoe forward on vlan404. Can in filter this? in bridge filter i can only filter vlan. filter with pppoe not working (pppoe is packed in vlan). Switch rules not working (there is no switch).
thanks