This is my first day with Mikrotik (hap ac2).
So I followed this guide (https://www.youtube.com/watch?v=1ZJ-pM89N7o) and created several wifi VLANS (SSIDs: Family, Kids, Guest, Office, Staff). Each SSID has their own separate 192.168. address and dhcp server. Each VLAN only has 1 subnet.
I want isolation between VLANS, however devices within a VLAN are visible to each other. The following is how I achieved my goal.
It works but I’m getting the nagging feeling that I’m not doing it as I should.
This is the firewall address list
This is the firewall ruleset
Rule 0, 9-18 is the default from Mikrotik. My rule to block inter-vlan traffic is 2-8. It works, but is this the best practice?
I came from a prosumer unifi background and bought my first mikrotik gear (hap ac2) when I discovered the unifi router lacks granular traffic shaping abilities through its gui. Going from unifi to mikrotik, I feel my world has opened up in terms of flexibility and granular control, but everyone in this new world is a masochist.
